Universitatea de Stiintele Vieții

Updated on 09/30/2025

Article I. General Provisions

1.1.This Privacy Policy (hereinafter referred to as the “Privacy Policy”) sets out the general rules governing the manner in which this website („https://usvt.ro”, hereinafter referred to as the “Website”) processes personal data.

1.2.This Privacy Policy provides clear, transparent, and easy-to-understand information regarding how we collect, use, store, and protect our users’ personal data (hereinafter referred to as the “Users”, the “User”, or “You”), in accordance with EU Regulation 2016/679 (hereinafter “GDPR”) and the applicable national legislation in Romania on data protection. This Privacy Policy applies to all of Your interactions with us.

1.3.The terms, conditions, and definitions used in this Privacy Policy shall have the meaning assigned to them by EU Regulation 2016/679, including the notions of “controller,” “data subject” “personal data” “processing” “recipient” as well as any other terms defined in the GDPR and used herein.

Article II. Personal Data Controller

2.1. The personal data controller is the person or entity that determines how Your personal data is collected, used, and managed.

2.2. The personal data controller is THE UNIVERSITY OF LIFE SCIENCES “KING MICHAEL I” OF TIMIȘOARA, headquartered in Timișoara, Calea Aradului No. 119, Timiș County, Unique Registration Code 3487181 (hereinafter referred to as the “Controller,” the “University,” or “We”).

2.3. For the exercise of any right provided by the GDPR or for any other request or complaint regarding the processing of personal data, the Controller may be contacted as follows:

a. By post, at the following address: Timișoara, Calea Aradului Nr. 119, județul Timiș

b. By e-mail: rectorat@usvt.ro

2.4. The University, as data controller, observes the principles of personal data processing, namely:

a. Data are processed lawfully, fairly, and transparently in relation to the data subject;

b. Data are collected for specified, explicit, and legitimate purposes and are not further processed in a manner incompatible with those purposes;

c. Data are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;

d.Data are accurate and, where necessary, kept up to date;

e. Data are kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which they are processed;

f. Data are processed in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss or damage, by implementing appropriate technical and organizational measures.

Article III. Purpose of Processing

3.1.The University processes personal data for the general purpose of ensuring the proper conduct of its academic, administrative, scientific, and social activities, in accordance with its mission and with the applicable legislation in the field of education.

3.2.Data are processed by the University for the conclusion and execution of any type of contract to which the University is a party, for the fulfillment of legal obligations, and within the limits of the University’s legitimate interest and of all categories of data subjects.

3.3.Data are processed to enable the University to provide quality educational services to all students enrolled in its study programs.

3.4.Personal data provided through the Website are processed by the University for the following legitimate, specific, and explicit purposes, in accordance with the GDPR:

a. Processing admission applications and student enrollment details for the University’s study programs;

b. Communicating admission contest results;

c. Generating anonymized or pseudonymized statistics;

d. Managing educational information made available to interested parties by the University;

e. Sending the Newsletter to Website users who voluntarily subscribe;

f. Fulfilling the University’s legal and archiving obligations;

g. Handling complaints and defending rights before competent authorities or courts.

3.5.The University also processes Your data for research purposes, based on Your consent, as well as to improve communication with students and to fulfill the legal obligations incumbent upon the University as a higher education institution.

3.6.Finally, the University processes Your data to ensure the proper functioning of the Website and to improve the user experience.

Article IV. Legal Basis of the Processing

4.1.Your data are processed in accordance with the GDPR, in order to provide You with the Website’s services under optimal conditions, for the following purposes:

a. Performance of a contract or study/employment relationship

The University may process personal data when necessary for the conclusion or execution of a contract to which You and the University are parties, including in the context of study relations, employment relations, or collaborations with the institution.

b. Compliance with a legal obligation

The University has the right and obligation to process personal data when required by applicable legislation, including, but not limited to, tax, accounting, reporting obligations to public authorities, or other legal requirements specific to the educational field.

c. Consent of the data subject

Where personal data processing is not based on other legal grounds, the University will request the express, freely given, and informed consent of the data subject. This legal basis applies, for example, when the data subject subscribes via the Website to receive communications or newsletters. The data subject has the right to withdraw consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

d. The University’s legitimate interest

The University may process personal data on the basis of its legitimate interest, while respecting the fundamental rights and freedoms of the data subject. Examples include, but are not limited to: ensuring the security and proper functioning of the Website, preventing fraud, protecting IT infrastructure, and improving services provided through the Website.

Article V. Categories of Data Subject

5.1. Students and admission candidates

The University processes the personal data of students and admission candidates to manage the educational process, enrollment, exam organization, and academic activities

5.2. Professors and academic staff

The University processes the personal data of professors and other academic staff for teaching, research, assessment activities, and for fulfilling institutional and legal obligations.

5.3. Administrative and support staff

The University processes the personal data of administrative and support staff for employment management and for the proper conduct of administrative activities.

5.4. Newsletter subscribers

The University processes the data of individuals who subscribe to the newsletter exclusively for the purpose of sending information and electronic communications, based on the freely given consent of the data subjects.

Article VI. Data Collected

6.1 Identification data

The University may collect and process identification data such as: first name, last name, personal identification number (only where strictly required by law), home address, or similar identification data.

6.2 Contact data

The University may collect contact data, including e-mail address and phone number, in order to communicate effectively with data subjects.

6.3 Academic and professional data

The University may process data related to student or professor status, academic results, study programs, published scientific works, research activities, or other similar information. The University may also collect and process information regarding professional experience, job title, academic title, university or department affiliation, as well as data related to past or current professional activity.

6.4 Technical data

The University may collect technical data generated by the use of the Website, such as IP address, cookies, online identifiers, browsing history, and other similar data necessary for cybersecurity and traffic analysis. Technical data will be collected and processed in accordance with this Privacy Policy and the Website’s Cookie Policy.

6.5 Newsletter subscription data

The University collects data such as name and e-mail address to enable the sending of newsletters and other electronic communications, based on the freely given consent of the data subject.

Article VII. Recipients of Personal Data

7.1 Your personal data will be stored and processed internally, exclusively by the University.

7.2 By exception to the above, personal data provided by Website users or by other categories of persons may be transmitted to certain recipients, only insofar as such transmission is necessary for achieving the purposes specified in this Privacy Policy and in compliance with GDPR standards and requirements.

7.3 Thus, personal data may be disclosed to the following categories of recipients:

a. Public Authorities

The University may disclose personal data to public authorities to the extent that there is a legal obligation and an express request to that effect.

b. Service Providers

The University may disclose data to IT service providers or other auxiliary service providers, only to the extent necessary for the proper functioning of the Website and IT infrastructure.

c. Academic Partners

The University may transfer data to academic partners (e.g., partner universities, in the context of collaboration with them, based on contract performance), within the limits of the law and exclusively for educational or research purposes.

7.4 The University will not transfer personal data to third countries outside the European Economic Area. If such a transfer takes place for the purposes provided in this Privacy Policy, it will not occur without implementing the appropriate safeguards required by the GDPR.

Article VIII. Data Retention Period

8.1 Except where national or European legislation requires a longer retention period, Your personal data will be stored only for the period necessary to fulfill the purposes for which they were collected and processed.

8.2Where applicable law sets minimum retention and archiving periods for certain categories of data, the University will comply with such obligations, taking all necessary technical measures to ensure that personal data collected and processed are stored safely in accordance with applicable legislation.

Article IX. Rights of the Data Subject

9.1 In accordance with the GDPR, data subjects whose personal data are processed by the University have the following rights regarding personal data processing:Dreptul de acces – Persoana vizată are dreptul de a obține confirmarea prelucrării datelor sale și de a primi o copie a acestora.

a. Right of access

The data subject has the right to obtain confirmation of the processing of their data and to receive a copy thereof

b. Right of rectification

The data subject has the right to request the correction of inaccurate data or the completion of incomplete data.

c. Right to erasure („right to be forgotten”)

The data subject has the right to obtain the erasure of personal data, under the conditions provided by the GDPR. The University may refuse a request for erasure in certain situations, such as when processing is necessary for compliance with a legal obligation, for the establishment, exercise, or defense of legal claims, or for exercising freedom of expression and information.

d. Right to restriction of processing

The data subject may request restriction of the processing of their personal data.

e. Right to data portability

The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller.

f. Right to object

The data subject has the right to object to the processing of personal data, under the conditions provided by the GDPR.

g. Right not to be subject to a decision based solely on automated processing

h. Right to withdraw constent

Where personal data are processed based on consent, the data subject has the right to withdraw consent.

i. Right to lodge a complaint

The data subject has the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing (“ANSPDCP”).

9.2 To exercise any of Your rights, as well as for any other requests regarding the processing of Your personal data, You may contact us using one of the methods provided in Article II of this Privacy Policy.

9.3 We will respond to any request regarding personal data processing within one month from the date of receipt of the request, in accordance with applicable legislation. This period may be extended by up to two months, if necessary, considering the complexity and number of requests. In such cases, we will inform You of the extension within one month of receiving the request and will communicate the reasons for the delay.

9.4 In certain situations, we may not be able to comply with a request regarding personal data, insofar as such refusal is permitted by applicable law or the request is manifestly unfounded or excessive. In such cases, we will provide the User with a clear justification for the refusal and inform them of the possibility to lodge a complaint with the competent supervisory authority or to address a court of law.

9.5 You have the right to lodge a complaint with the supervisory authority regarding the processing of Your personal data. In Romania, the supervisory authority for data protection can be contacted as follows:

National Supervisory Authority for Personal Data Processing

Addresss: B-dul G-ral. Gheorghe Magheru No. 28-30, Sector 1, postal code 010336, Bucharest, Romania

Phone: +40.318.059.211 or +40.318.059.212

E-mail: anspdcp@dataprotection.ro

9.6 Without prejudice to Your right to contact the supervisory authority at any time, we encourage You to contact us first in order to attempt an amicable resolution of any issue that arises. We are committed to making all reasonable efforts to respond promptly and effectively to Your requests.

Article X. Security of Personal Data

10.1 The University treats the security of Website Users’ personal data with the utmost seriousness. To this end, we implement appropriate technical and organizational measures, in line with GDPR standards, to ensure an adequate level of protection of the data processed via the Website.

10.2 The measures adopted include:

a. Restricting access to processed personal data only to authorized persons;

b. Using IT security systems;

c. Encrypting data, where possible;

d. Continuous risk monitoring;

e. Training personnel involved in data processing activities.

10.3 The University constantly acts to minimize the volume of processed personal data and ensures that only the data strictly necessary to achieve the stated purposes are collected and used.

10.4 We strive to consistently apply the principles of lawfulness, fairness, transparency, and accountability in all processing operations. However, unforeseen situations or technical errors beyond our control may affect the integrity or accuracy of data. In such cases, the University undertakes to promptly cooperate to remedy any non-compliance or rectify the affected data as soon as possible.

Article XI. Updating this Privacy Policy

11.1 We reserve the right to periodically review and update this Privacy Policy to reflect any changes in the way we process Your personal data or any changes in legal requirements. Any update will be published on the Website and will take effect from the time of publication, unless otherwise specified in this Privacy Policy. The date of the last update will be stated at the beginning or end of the document.

11.2 In the event of changes that we consider significant (for example, changes that affect Your rights or introduce new processing purposes), we will notify You directly before such changes take effect. Notification will be made through an effective method, such as sending a notice to the e-mail address provided by You.