Privacy Policy

Protection of personal data

Confidentiality and protection of personal data
The Executive Agency for Higher Education, Research, Development and Innovation Funding (UEFISCDI) protects the confidentiality of personal data (PD) brought to its knowledge. Within this fundamental obligation, UEFISCDI undertakes to protect and properly use personal data that have been collected through its websites / platforms.
Our intention is to collect only the personal data that are minimally necessary in order to be able to carry out the activities of UEFISCDI under optimal conditions so that we can offer you services according to your expectations.
Please read this section to learn more about how we collect, use, transmit and protect the personal data we have obtained.
Principles
UEFISCDI's privacy policy is based on the following principles:
• The processing of personal data is done legally, fairly and transparently
• The collection of personal data is done for specific, explicit and legitimate purposes; personal data are not being subsequently processed in a way incompatible with these purposes
• Personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
• Personal data are accurate and updated if necessary
• Personal data are kept in a form that allows identification only for the period necessary to fulfill the purposes for which the data are processed
• Processing is carried out in a way that ensures adequate security of personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage, by taking appropriate technical or organizational measures.
In fulfilling its obligations, UEFISCDI collects personal information about the applicants for the award of the scholarships provided by the Romanian Ministry of Foreign Affairs (Romanian MFA scholarships) in accordance with the provisions of the GDPR and GD 288/1993 on the schooling of citizens from other countries in Romania, subsequently amended and completed.
Depending on the purpose pursued, UEFISCDI processes the data of the following categories of persons:
- individuals who create an account on the Study in Romania platform in order to apply for a scholarship offered by the Romanian Ministry of Foreign Affairs,
- candidates for a scholarship offered by the Romanian Ministry of Foreign Affairs.
We mention that the personal data collected will be stored for the period necessary for the complete fulfilment of the purpose mentioned here above, unless it is necessary to keep it for a longer period of time in compliance with the applicable legislation. After this deadline, the personal data collected will be deleted or anonymized.

Collection and use of Personal Data
We obtain personal data about you as a result of your participation in the Romanian Ministry of Foreign Affairs Scholarship Program. Once you have registered and / or submitted personal data on our platform, you have also agreed to their use, and we undertake to maintain their confidentiality. Your personal data is not used for any purpose other than if we obtain your permission or if it is required by lawful institutions.
UEFISCDI collects confidential personal information when it is necessary or permitted to collect such information by law. You are under no circumstances to provide information to UEFISCDI unless you agree to the lawful use of UEFISCDI and the transfer and storage of such information in UEFISCDI databases. If you wish to know whether the provision of confidential information to UEFISCDI is or may be necessary or appropriate for certain specific purposes, please contact UEFISCDI at the address below.
Automatic PD collection
In some cases, UEFISCDI automatically collects certain types of information when you visit the website or register / create account on our platform or through the emails you send to our contact addresses. Automated technologies may include the use of web server-generated log files to collect IP addresses, cookies, and web beacons. The collection of this information will allow us to better understand and improve the performance, level of use and efficiency of the UEFISCDI website and platforms and to measure the efficiency of our dissemination activities.
IP addresses
An IP address is a number assigned to your computer whenever you access the Internet. It allows computers and servers to recognize and communicate with each other. The IP addresses from which visitors appear to come can be registered for IT security and system diagnostics. This information can also be used in a consolidated form to analyze the trend and performance of the website.
Cookies
A "cookie" is short text that a website enters into your browser's cookie file and allows the site to remember who you are. Cookies cannot be used to run programs or introduce viruses on your computer. UEFISCDI uses cookies only in accordance with applicable laws. Cookies alone do not tell us your email address or otherwise identify you personally. If you visit the UEFISCDI website, we use cookies to achieve consolidated statistics that help us determine which domains of the site are preferred by the visitor. You have the option to accept or not cookies. You can configure your browser to inform you when you receive a cookie or to reject it. However, you should know that if you do not accept cookies, you might not be able to fully access all the features of our website.
Web beacons
A web beacon is a small image file within a web page that can be used to collect certain information on your computer, such as your IP address, when the content was visited, the type of browser, and the existence of cookies previously installed by the same server. UEFISCDI uses web beacons exclusively in accordance with applicable laws. UEFISCDI or its service providers may use web beacons to track the effectiveness of third-party websites that provide us with recruitment or marketing services or to compile consolidated visitor statistics and manage cookies. You have the option to make some web beacons unusable by rejecting the associated cookies. The beacon web file may still record an anonymous visit from your IP address, but the information provided by the cookie will not be recorded. In some of our communications, we may confirm a recipient's email address through links embedded in messages. We collect this information to measure user interest and to facilitate future user information.
PD transmission and transfer
We do not disclose personal information to unaffiliated third parties, unless this is necessary for our legitimate institutional needs, to meet your requests and / or if required or permitted by law or professional standards. UEFISCDI may forward personal data about you to the Romanian Ministry of Foreign Affairs in compliance with the international conditions for respecting the confidentiality of PD. UEFISCDI does not sell PD to any third party. UEFISCDI will also not transfer PD provided by you to third parties for marketing purposes.
Options
You have several options regarding the use of our website. You are not required to provide any personal data when you visit our website. As specified above, if you wish to prevent cookies from tracking you as you browse our website, you may reset your browser to refuse all cookies or to indicate the transmission of a cookie. You should note, however, that if you choose to decline the presence of cookies, certain parts of our website may not operate at normal parameters.
Children
UEFISCDI understands the importance of protecting the confidentiality of personal data about children, especially in an online environment.
Access
If you have sent personal data to UEFISCDI, you have the right to reasonable access to such data to rectify any inaccuracies or subsequent changes. You can also make a request to update or delete the information about you by contacting protectiadatelor@uefiscdi.ro, and we will make all reasonable and practical efforts to respond promptly to your request, as long as it complies with applicable laws and professional standards as well as transparency rules in accessing funds through funding mechanisms developed by UEFISCDI.
Data security and integrity
UEFISCDI implements reasonable security policies and procedures to protect personal information against loss, misuse, alteration or unauthorized destruction. To the greatest extent possible, access to your personal data is strictly limited to those people who need to know it. The persons who have access to these data maintain their confidentiality according to the UEFISCDI Code of Ethics. We will also keep the personal data only for as long as is necessary to comply with a person's request or until that person requests their removal, but taking into account the legal deadlines in force.
Links to other websites
We would like to inform you that the UEFISCDI website contains links to other websites, which are not governed by this Privacy Statement, but by other privacy statements that may be different. We encourage users to review the privacy policy of each website they visit before disclosing personal information.

Changes to this policy
UEFISCDI may amend this Privacy Statement to reflect our current practices in this area. When we make changes to this statement, we will change the date the information was updated at the top of this page. We recommend that you periodically re-read this Privacy Statement to find out how UEFISCDI protects your information.
The GDPR Regulation offers the user a number of rights, which we briefly present below:
• the right to information and access to personal data, on the basis of which confirmation can be obtained from us that we process or not personal data, having access to those data and information on the methods and purposes of their processing,
• the right to rectification of data, which may be exercised in order to obtain, without undue delay, the rectification of inaccurate data or the completion of personal data which are incomplete,
• the right to delete data (the right to "be forgotten"), by virtue of which the deletion of personal data can be obtained, without undue delay, for one of the following reasons:
   i. the data are no longer necessary for the purpose for which they were collected or processed;
   ii. the user withdraws his/her consent and there is no other legal basis for the processing;
   iii. the user opposes the processing and there are no legitimate reasons prevailing with regards to the processing;
   iv. personal data have been processed illegally;
   v. personal data must be deleted in order to comply with a legal obligation;
   vi. personal data have been collected in connection with the provision of information society services.
   vii. the right to restrict the processing may be exercised in the following situations:
      □ when the accuracy of the data is contested, for a period that allows us to verify their correctness;
      □ the processing is illegal and the user opposes the deletion of the data, instead requesting the restriction of their processing;
      □ we no longer need personal data for the purpose of processing, but the user requests them to establish, exercise or defend a right in court;
      □ when the user opposes the processing for reasons related to his/her particular situation, for the period of time in which it is verified whether the legitimate rights of the operator prevail in this case.
• the right to object, under which the user may object to the processing of personal data, including the creation of profiles, on grounds relating to his/her particular situation, in cases where the processing is necessary to perform a task in the public interest, when it takes place for the purpose of the legitimate interests pursued by us or by a third party. In such cases the processing will be done only if it is justified by legitimate and compelling reasons, which prevail over the interests, rights and freedoms of the user, or when the purpose of the processing is to establish, exercise or defend a right in court.
• the right to data portability, which allows the user to receive personal data concerning him and which he has provided in a structured, commonly used and automatically readable format and to transmit this data to another operator, under the conditions where the processing is based on consent or a contract and is carried out by automatic means.
Under this right, personal data concerning the user may be transmitted directly from one operator to another where this is technically feasible.
Changes regarding the privacy policy
This personal data privacy policy may be updated as a result of changes in the relevant legislation in the field or changes in the structure and functions of the Application. In the event of changes to the personal data processing policy, users will be notified by email and / or notifications within the application before the changes take effect.
We encourage users to check this page regularly to keep up to date with our latest personal data processing practices.
Questions regarding the privacy policy and its application
UEFISCDI is committed to protecting the online privacy of your personal data. If you have questions or comments on how we manage your personal data, please contact us at protectiadatelor@uefiscdi.ro. You may also use this address to send us any questions regarding compliance with our Online Privacy Statement.
Wherever terms such as UEFISCDI, us, ours appear on this website, they refer to the Executive Unit for the Financing of Higher Education, Research, Development and Innovation.
Terms and definitions
Personal data: any information about an identified or identifiable natural person, directly or indirectly, in particular by reference to an identifying element, such as a name, an identification number, location data, an online identifier , or to one or more specific elements, proper to his physical, physiological, genetic, mental, economic, cultural or social identity.
Processing: any operation or set of operations performed on personal data or personal data sets, with or without the use of automated means, such as the collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or provision in any other way, alignment or combination, restriction, deletion or destruction.
Consent: any specific, informed and unambiguous manifestation of free will by the user, by which he accepts, via a statement or some unequivocal action, that the personal data concerning him be processed.
User: A person, who expresses his consent to the use of PD registered with UEFISCDI.
Supervisory authority: an independent public authority established by a Member State under Regulation (EU) 2016/679.
[T: 0.3124, O: 41]