Privacy Statement


Neapolis University Pafos (NUP) is committed to data security and the fair and transparent processing of personal data.  This privacy policy (Policy) sets out how NUP will treat the personal data which you provide  in compliance with applicable data protection law, in particular the General Data Protection Regulation (EU) 2016/679 (GDPR).

Please read this Policy carefully as it contains important information on who NUP is, how and why NUP collects, stores, uses and shares personal data, your rights in relation to your personal data, how to contact NUP and supervisory authorities in the event that you would like to report a concern about the way your personal data are processed.

Who are we?

Neapolis University Pafos is a privately owned university located in Pafos, Cyprus. It was founded in 2007 and in addition to abiding to the uppermost academic standards through a highly competitive curriculum, it strives to become an institution where research is a main focus.

NUP is accredited by the Cyprus Government and its degrees are recognized as equivalent to those by Higher Education Institutions in other EU member states. It offers a comprehensive range of undergraduate, masters and doctoral programs that reflect its philosophy in developing a balanced portfolio of academic activities. The primary target is the creation of a dynamic learning environment focusing on fundamental and applied research in academic areas in order to further the creation of centers of excellence in a variety of academic fields.

NUP offers undergraduate Programs in Business Administration, Accounting, Banking & Finance, Law, Psychology, Architecture, Landscape Architecture and Real Estate. The postgraduate programs of the University cover Business Administration, Banking, Investment & Finance, Public Administration, and International & European Business Law.  Neapolis has developed strong links with the country’s business community and an extensive collaboration network with institutions and organizations worldwide.

For the purposes of the GDPR, Neapolis University Pafos is the ‘controller’ of the personal data you provide to us.

Neapolis University Pafos owns and operates (Websites).  This Policy, together with NUP’s Website terms of use and any other documents referred to in them, sets out the basis on which personal data is processed via its Websites.

What Personal Data does NUP collects

NUP may collect and process the following persona data:

Information you provide to NUP:


Neapolis Website

correspond with NUP by phone, e-mail, or in writing;

report a problem;

sign up to receive NUP communications;

NUP will use the details you provide on your application, together with the supporting documents requested and additional details provided.

NUP may collect your name, surname, father’s name, e-mail address, postal address including country, telephone number, fax number, date of birth, id number, nationality, country of birth, and passport copy.

Information NUP collects about you

If you visit NUP’s Websites, the following information may be automatically collected:

Technical information, including the internet protocol (IP) address used to connect your computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

Information about your visit to NUP’s Websites (what you searched for and view), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

Information about other people

If you provide information to NUP about any person other than yourself, such as your relatives, or your sponsor, you must ensure that they understand how their data will be used, and that they have given their consent for you to release it to NUP and for you to allow NUP to use it.

Sensitive personal data

In certain cases, NUP may collect certain sensitive personal data from you. Sensitive data is defined as information that is protected against unnecessary disclosure. Access to sensitive data should be safeguarded. Protection of sensitive data may be required for legal or ethical reasons, for issues pertaining to personal privacy, or for proprietary considerations. However, NUP will only do so on the basis of your explicit consent.

What is the purpose and legal basis of the processing

Neapolis University Pafos will process the personal information provided on your application and the other information referred to above for the purposes of identifying you, processing your application, confirming the information provided, deciding whether to offer you a place for the course you have applied for, and communicating that outcome (together with any feedback).

NUP may also use or disclose the information provided for the following statutory or public interest purposes:

To prevent or detect fraud.

For equal opportunities monitoring.

To help making rational modifications for any disability, as requested by you.

To allow NUP to consider any future accommodation requirements.

For research and statistical purposes, but no information which could identify you will be published.

NUP measures the processing of your personal information for the above purposes to be essential in order to creating a contractual relationship with you (e.g. to assess your application to study with NUP), or essential for compliance with a legal obligation (e.g. equal opportunities monitoring), or essential for the performance of tasks NUP carries out in the public interest (e.g. admissions research). NUP requires you to provide the information asked for during the application process in order to evaluate your application appropriately.

NUP may also share your personal data with trusted third parties including:

Professional advisers, study consultants, and study professional experts in Cyprus and abroad;

Your examination boards or awarding bodies.

Your student support assessment body.

Your sponsor and/or potential sponsors (including, as relevant, the Student Loans Company).

In the case of international applicants, the British Council or appropriate agencies.

Where relevant and as required, CY Visas and Immigration in order to act as your sponsor for visa purposes.

Where relevant and as required, governmental bodies including local authorities.

Other Higher Education organisations, in order to assist with tracking and research into access to Higher Education.

Companies or organisations providing specific services to, or on behalf of NUP.

NUP will ensure there is a contract in place with the categories of recipients listed above which include obligations in relation to the confidentiality, security, and lawful processing of any personal data shared with them.

Where a third party recipient is located outside the European Economic Area, NUP will ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws.

NUP will share personal data with law enforcement or other authorities if required by applicable law.

How can you access your personal information

You have the right to access the personal information that is held about you by NUP.

You also have the right to request the correction of any inaccurate personal information NUP holds about you, the deletion of personal information, or otherwise restriction of processing, or to object to processing or to receive an electronic copy of the personal information you provided to NUP.

How long is your information kept

NUP stores your personal information for as long as necessary, according to relevant Laws, to complete the application process. If you are successful, your information will be kept as part of your student record for the duration of your studies (and it may be used as part of our assessment of any future application you make for further studies at NUP). If you are unsuccessful, your information will be normally kept for at least one year after the completion of the application process.

Who can you contact

If you have any questions about how your personal information is used, or wish to exercise any of your rights, please email NUP’s data protection office at

How do you complain

If you are not happy with the way your information is being handled, or with the response received from NUP, you have the right to lodge a complaint with the Cyprus Commissioner for Personal Data Protection,  Iasonos 1str,  2nd floor, Nicosia City, 1082 Nicosia, tel no +357 22 818456.

Your rights

Under the GDPR, you have various rights with respect to our use of your personal data:

Right to Access

You have the right to request a copy of the personal data that NUP hold about you by contacting NUP at the email or postal address given below.  Please include with your request information that will enable NUP to verify your identity.  NUP will respond within 30 days of request.  Please note that there are exceptions to this right.  NUP may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if NUP is legally prevented from disclosing such information. Or if your request is manifestly unfounded or excessive.

Right to rectification

NUP aims to keep your personal data accurate and complete.  You are highly encouraged to contact NUP using the contact details provided to let NUP know if any of your personal data is not accurate or changes, so that NUP can keep your personal data up-to-date.

Right to erasure

You have the right to request the deletion of your personal data where, for example, the personal data are no longer necessary for the purposes for which they were collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for NUP to continue to process your personal data, or your personal data has been unlawfully processed.  If you would like to request that your personal data is erased, please contact NUP using the contact details provided.

Right to object

In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for NUP to continue to process your personal data, or if your data is being processed for direct marketing purposes.  If you would like to object to the pressing of your personal data, please contact NUP using the contact details provided.

Right to restrict processing

In certain circumstances, you have the right to request that NUP restrict the further processing of your personal data.  This right arises where, for example, you have contested the accuracy of the personal data held about you and NUP are verifies the information, you have objected to processing based on legitimate interests and NUP considers whether there are any overriding legitimate interests, or the processing is unlawful and you elect that processing is restricted rather than deleted.  Please contact NUP using the contact details provided.

Right to data portability

​In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.  This right arises where you have provided your personal data to NUP, the processing is based on consent or the performance of a contract, and processing is carried out by automated means. If you would like to request that your personal data is ported to you, please contact NUP using the contact details provided.

Please note that the GDPR sets out exceptions to these rights.  If NUP is unable to comply with your request due to an exception NUP will explain this to you in their response.

Changes to Privacy Policy

Any changes to NUP’s Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to NUP’s Policy.

Approved by board/management on 22/5/2018

Policy became operational on 22/5/18

Next review date 22/10/18

NUP-Privacy Policy Version 1, 21 May 2018