Data retention summary
This summary shows the default categories and purposes for retaining user data. Certain areas may have more specific categories and purposes than those listed here.
Site
Category
- Connection data
Universiti Malaya employs a robust and strategic approach with regards to data connection and management. The University meticulously collect and securely store critical information such as IP addresses, system logs, and various other ICT-related data. This practice is essential not only for efficient troubleshooting of ICT-related issues but also forms the backbone of our cybersecurity strategies. Through diligent analysis of this data, we proactively identify and address technical challenges, ensuring a seamless and secure technological environment for our community. Furthermore, this data is instrumental in continuously strengthening our cybersecurity framework, thus protecting the institution's and our students' digital integrity against the ever-evolving landscape of cyber threats.
Purpose
- Education
Data stored at Universiti Malaya is govern by the Malaysian Act 709 and the Universiti Malaya Privacy Policy.
Lawful bases in Malaysia: Personal Data Protection Act 2010 [Act 709], Reference (as of 14 Jan 2024): HERE
- Retention period
- 5 years
Lawful bases | |
---|---|
Consent (GDPR Art. 6.1(a)) | The data subject has given consent to the processing of his or her personal data for one or more specific purposes |
Contract (GDPR Art. 6.1(b)) | Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract |
Legal obligation (GDPR Art 6.1(c)) | Processing is necessary for compliance with a legal obligation to which the controller is subject |
Sensitive personal data processing reasons | |
---|---|
Protection of vital interests (GDPR Art. 9.2(c)) | Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent |
Users
Category
- Connection data
Universiti Malaya employs a robust and strategic approach with regards to data connection and management. The University meticulously collect and securely store critical information such as IP addresses, system logs, and various other ICT-related data. This practice is essential not only for efficient troubleshooting of ICT-related issues but also forms the backbone of our cybersecurity strategies. Through diligent analysis of this data, we proactively identify and address technical challenges, ensuring a seamless and secure technological environment for our community. Furthermore, this data is instrumental in continuously strengthening our cybersecurity framework, thus protecting the institution's and our students' digital integrity against the ever-evolving landscape of cyber threats.
Purpose
- Education
Data stored at Universiti Malaya is govern by the Malaysian Act 709 and the Universiti Malaya Privacy Policy.
Lawful bases in Malaysia: Personal Data Protection Act 2010 [Act 709], Reference (as of 14 Jan 2024): HERE
- Retention period
- 5 years
Lawful bases | |
---|---|
Consent (GDPR Art. 6.1(a)) | The data subject has given consent to the processing of his or her personal data for one or more specific purposes |
Contract (GDPR Art. 6.1(b)) | Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract |
Legal obligation (GDPR Art 6.1(c)) | Processing is necessary for compliance with a legal obligation to which the controller is subject |
Sensitive personal data processing reasons | |
---|---|
Protection of vital interests (GDPR Art. 9.2(c)) | Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent |
Course categories
Category
- Educational Data & Records of Attainment
Privacy Data in SPeCTRUM, particularly Educational Data and Records of Attainments encompassing assessed coursework, exam scripts, and results of exams and assessments, is executed with the utmost precision and care. The University under the Academic Development and Enhancement Centre (ADEC) and the ICT Department (JTM), are tasked with defining clear purposes for the processing of this data, as well as establishing specific retention periods, which are meticulously recorded in our data registry. The longevity of data retention is carefully tailored to the nature of the data; for example, student assessment submissions and records of qualifications awarded are retained indefinitely as a testament to student accomplishments. In contrast, more transient data like forum posts are securely stored up to a duration of 48 months post-graduation. Findings analysed from the generated data may also be used by the University, to develop better standard of teaching and approaches in modern education scenario.
Purpose
- Education
Data stored at Universiti Malaya is govern by the Malaysian Act 709 and the Universiti Malaya Privacy Policy.
Lawful bases in Malaysia: Personal Data Protection Act 2010 [Act 709], Reference (as of 14 Jan 2024): HERE
- Retention period
- 5 years
Lawful bases | |
---|---|
Consent (GDPR Art. 6.1(a)) | The data subject has given consent to the processing of his or her personal data for one or more specific purposes |
Contract (GDPR Art. 6.1(b)) | Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract |
Legal obligation (GDPR Art 6.1(c)) | Processing is necessary for compliance with a legal obligation to which the controller is subject |
Sensitive personal data processing reasons | |
---|---|
Protection of vital interests (GDPR Art. 9.2(c)) | Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent |
Courses
Category
- Connection data
Universiti Malaya employs a robust and strategic approach with regards to data connection and management. The University meticulously collect and securely store critical information such as IP addresses, system logs, and various other ICT-related data. This practice is essential not only for efficient troubleshooting of ICT-related issues but also forms the backbone of our cybersecurity strategies. Through diligent analysis of this data, we proactively identify and address technical challenges, ensuring a seamless and secure technological environment for our community. Furthermore, this data is instrumental in continuously strengthening our cybersecurity framework, thus protecting the institution's and our students' digital integrity against the ever-evolving landscape of cyber threats.
Purpose
- Education
Data stored at Universiti Malaya is govern by the Malaysian Act 709 and the Universiti Malaya Privacy Policy.
Lawful bases in Malaysia: Personal Data Protection Act 2010 [Act 709], Reference (as of 14 Jan 2024): HERE
- Retention period
- 5 years
Lawful bases | |
---|---|
Consent (GDPR Art. 6.1(a)) | The data subject has given consent to the processing of his or her personal data for one or more specific purposes |
Contract (GDPR Art. 6.1(b)) | Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract |
Legal obligation (GDPR Art 6.1(c)) | Processing is necessary for compliance with a legal obligation to which the controller is subject |
Sensitive personal data processing reasons | |
---|---|
Protection of vital interests (GDPR Art. 9.2(c)) | Processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent |
Activity modules
Purpose
- Retention period
- No retention period was defined
Blocks
Purpose
- Retention period
- No retention period was defined