skip to Main Content

Introductory information

The policy for the processing and protection of personal/personal data (hereinafter: the Policy) is a fundamental act that describes the purpose and objectives of the collection, processing and management of personal/personal data by the University of Zenica (hereinafter: UNZE). The goal of the Policy is to establish appropriate processes for the protection and management of the personal/personal data of respondents, i.e. users of services, workers and other persons whose personal/personal data are processed, in accordance with the GDPR regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016 . (hereinafter referred to as the Regulation), the Law on the Protection of Personal Data of BiH (hereinafter referred to as the Law) and the internal acts of UNZE. UNZE has recognized the importance of protecting the privacy, security and data protection of all individuals who appear as participants in all our business processes. Through this Policy, UNZE expresses its willingness to comply with the Regulation and the Law.

Individuals as participants in the process to which the Policy applies are:

  • current employees of UNZE,
  • family members of current UNZE employees,
  • former employees of UNZE,
  • family members of former UNZE employees,
  • potential new workers (job candidates),
  • UNZE students,
  • former students of UNZE,
  • other private persons who share their private data on various grounds of engagement with UNZE.

Processing manager

This policy applies to all personal data collected and stored by JU University of Zenica, Faculty No. 3, 72 000 Zenica.

As a data controller, UNZE is responsible for the processing and storage of your personal data

In the event that you have any questions regarding the use of this policy or regarding the exercise of your rights arising from this policy, which are listed below, please contact us at one of the following contact details:

  • +387 32  444 430
  • JU University of Zenica, Faculty no. 3, 72 000 Zenica

Basic terms

In this chapter you can find explanations for the basic terms found in the Data Protection Policy.

  • Personal data includes all data by which an individual can be identified (name, surname, telephone number, social security number, e-mail address, etc.)
  • Processing manager – entity that determines the purpose, conditions and method of processing personal/personal data
  • Processor – entity that performs data processing on behalf of the controller
  • Agency for the protection of personal/personal data - a state agency whose task is to protect data and privacy, supervise the processes of application of the Regulation, and actively implement the Regulation on data protection.
  • Data Protection Officer (DPO) – an employee in charge of data protection who acts independently to ensure that the business entity operates in accordance with the policies and procedures set out under the Regulation
  • Processing of personal/personal data – any action performed on personal/personal data, whether automatic or not, which includes the collection, use, creation of reports for records and the like

The purpose of collecting personal data

In order for UNZE to be able to provide its services to respondents, it necessarily processes theirs

personal/personal data that are required for quality service provision. Otherwise, i.e. if the respondent refuses to provide such personal/personal data, UNZE will not be able to provide him/her with the service.

We collect personal data of individuals for:

- various legal obligations - we collect and send data through various paper and digital forms to various institutions of the State Administration for the purpose of registration, deregistration or change of the status and rights of workers, investigative actions and court processes.

- registration of candidates for studies at UNZE, keeping records of students and the course of studies at UNZE, keeping records of graduates of studies at UNZE and creating an archive,

- in order to apply for various projects and exchange programs of students, teachers and other employees of UNZE.

Principles of data processing

When processing the personal data of respondents, UNZE adheres to the following basic principles:

  • Legality, honesty and transparency - UNZE will process the personal/personal data of the respondents in accordance with the applicable regulations and including all the rights of the respondents, and according to the Regulation, the Law and the internal acts of the UNZE, it will provide the respondents with all the necessary information about which personal/personal data relate to on them they collect, use, make available for inspection or otherwise process. Upon request, provide the respondents with insight into their data, the explanation of the processing, the basis and legality of the processing. The respondent will be informed of all relevant information in a timely manner, i.e. before the actual collection of personal/personal data.
  • Purpose limitation – personal/personal data must be collected for specific, explicit and lawful purposes and must not be further processed in a manner inconsistent with those purposes.
  • Reducing the amount of data - UNZE collects and processes personal/personal data in such a way that these data are appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Each organizational unit within UNZE ensures that this principle is adequately applied.
  • Accuracy and timeliness - UNZE ensures that the data is accurate and will take all reasonable measures to ensure that personal/personal data that is inaccurate, taking into account the purposes for which it is processed, is deleted or corrected without delay. For this purpose, respondents who are in a business or contractual relationship with UNZE have the right and obligation to update their personal data.
  • Limitation of storage - the personal/personal data of the respondent are stored in a form that enables the identification of the respondent only for as long as is necessary for the purpose for which the personal/personal data is processed, and further if there is a legitimate interest in doing so (e.g. if they serve as evidence in a court case or investigative procedure)
  • Integrity and confidentiality - UNZE collects and processes data in a way that ensures adequate security of personal/personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage by applying appropriate technical or organizational measures. The implementation of this principle is ensured by the implementation of a system aimed at limiting access to data, detection and protection against data leakage, methods of monitoring data access, etc.

Each organizational unit of UNZE, as well as the processor, is obliged to ensure compliance with the above-mentioned principles when processing personal/personal data for which it is responsible.

In accordance with the stated principles, UNZE employees will access personal/personal data of respondents depending on their authorizations, in order to successfully perform tasks related to individual jobs.

UNZE will forward the data of the respondent to other legal entities and state institutions in the case where there is a legal basis for this.

Rights of respondents

UNZE will provide the respondent with information about:

- the identity and contact information of UNZE as the data controller,

– contact details of the Data Protection Officer (DPO),

- processing purposes for which personal/personal data are collected and the legal basis for processing,

- the legitimate interests of UNZE,

- recipients or categories of recipients of personal/personal data, if there are such recipients,

- intentions to transfer personal/personal data to third countries, if such an intention exists,

– data storage period,

- the respondent's right to access personal/personal data, restriction of processing and deletion of data,

- the right to submit a complaint to the Agency for the Protection of Personal Data of Bosnia and Herzegovina.

The respondent's rights based on the Regulation, the Law and this Policy are:

Right to access data - the respondent has the right to receive from UNZE a confirmation as to whether his/her personal data is being processed and if such personal/personal data is being processed, access to personal/personal data and information on the purpose of processing, categories of data, potential recipients to whom the personal/personal data will be disclosed , the existence of the right to request correction, deletion or restriction of processing of personal/personal data and the right to lodge a complaint with the supervisory authority.

Right to rectification - the respondent has the right, without undue delay, to request from UNZE the correction of inaccurate personal/personal data relating to him. Taking into account the purpose of the processing, the respondent has the right to supplement incomplete personal/personal data, among others, by providing an additional statement.

Right to erasure - the respondent has the right to request from UNZE the deletion of personal/personal data relating to him/her

Right to restriction of processing - the respondent has the right to request and obtain a restriction

The right to object - the respondent has the right, based on his special situation, to lodge an objection to the processing of personal data relating to him at any time.

Upon request, UNZE will provide the respondent with information on actions taken related to the aforementioned rights within 30 days from the date of receipt of the proper request. Exceptionally, UNZE may, for justified reasons, extend the deadline for an answer, of which it will inform the respondent.

Information shall be provided in writing or by other means, if appropriate also electronically. If requested by the respondent, the information will also be provided orally, provided that the identity of the respondent has been established by other means.

In the event that UNZE does not comply with the request, it will inform the respondent of the reasons and the possibility of submitting a complaint to the supervisory body.

How long we keep data

Your personal data is stored in accordance with applicable laws and only for as long as is necessary to achieve the purpose for which the data is processed, or for the period prescribed by law, or for the period necessary for the performance of the contract. Data collected on the basis of consent will be deleted even before your cancellation, in case the purpose for which the data was collected has been achieved. Personal data for which the retention period has expired (e.g. if the purpose for which it was collected has been achieved, because the legal term has expired, etc.) will be deleted, destroyed or anonymized in such a way that the restoration of personal data is no longer possible.

Data is stored for different periods of time depending on the purpose for which it is collected.

Cookies policy

Cookies are small text files that most websites store on the devices that users use to access the Internet in order to recognize the individual devices that users use during access. Their storage is under the complete control of the user's browser - which can enable or disable the storage of cookies as desired. Cookies are not harmful and are always limited in time.

The website of the University of Zenica ( collects two types of cookies.

  • Mandatory cookies (Cookies) in order to achieve the task of smooth operation of the website
  • Statistical cookies (Cookies) which you allow to track website visit statistics, and your data (Internet protocol address, cookie identifiers) are used to adjust ads when you visit the page again

The server on which this website is located is protected with all kinds of protection to ensure privacy and data security.

By disabling cookies, you decide whether to allow cookies to be stored on your computer. Cookie settings can be controlled and configured in your internet browser. By disabling cookies, there is a possibility that you will not be able to use some of the functionalities of our website.

To find out how to control cookies in your browser, visit the links below:

Microsoft Edge:

Internet Explorer:

Google Chrome:

Mozilla Firefox:



Read more information about cookies at the following links:


Fakultetska 3
72000 ZENICA

Unze logo white

tel. +387 32 444 420, 444 421
fax. +387 32 444 431

University of Zenica 2024 - All rights reserved

Back To Top