Privacy Policy
1. Security and performance
We respect each subject and site visitor’s right to personal privacy. To that end, we collect and use information at CISTCK. electronically, in person and throughout our website only as disclosed in this Privacy statement.
This Privacy statement applies solely to information collected by CISTCK in any form. It discloses the privacy practices for CISTCK.
The terms ‘CISTCK’ or ‘us’ or ‘we’ refers to the company CISTCK whose registered office is located at Rr. Gustav Mayer, 10000 Prishtinë, P.O. Box 1, Republic of Kosovo. The term ‘you’ refers to the client, user or viewer of our website.
We are serious about protecting your personal data and want you to feel secure and at ease while you are doing business, receive our services, education and reading our internet pages. Any details that you enter in one of our company forms, in person, online forms will be stored electronically or hard copy by us. If you would like to know about your data that we have stored to be modified, corrected or deleted, please inform us by e-mail [email protected].
The content of https://cistck.com website and content in our official documents is intellectual property protected by law. The information and content of website provided may not be used without our permission, except for private or other own use within the meaning of the General Data Protection Regulation. The press releases and articles from our marketing department presented on the site or any advertising method are available to the editors of newspapers or periodicals for publication. If they are published, we would request the publisher to send us a proof copy.
We reserve the right to make changes to this Privacy statement at any time without notice. If you disagree with any part of this Privacy statement, please do not use our services or website.
1.1 How we use your information
This privacy policy informs you what to expect when we, the CISTCK or CIS Traning Center Kosovo collect personal information. It applies to information we collect.
1.2 Data Protection Policy
CISTCK has its Data Protection Policy in place that ensures its employees, clients, resellers, and stakeholders that their data is protected and handled accordingly with absolute caution and confidentiality.
CISTCK clients, students, stakeholders and employees
When you contract CISTCK for services, trainings, consultancy or you visit CISTCK, you need to know that we use third party services for email, events, meetings and online colaborat Microsoft Office 365 to collect standard information to register your presence in our premises, register for education, financial transactions or communicating with us.
Visitors to CISTCK website
When you visit https://CISTCK.com, you need to know that we use third party services, to protect standard internet log information and details of visitor behavior patterns. We do this to protect our conversation with our partners, users, clients and potential clients. The information collected by our email server is encrypted, but we use this information only to do business and we do NOT in any form use this information for other purposes. This information is only processed in a way which does not interfere with Data Protection Law. In addition, we use CDN (Content Delivery Network) to identify Geolocation of visitors to our website, kind of equipment is used and what Operating System, and all this only for the purpose of improvement of our systems. The only case when CISTCK may collect personally identifiable information through the website is when one creates a user account and we will be transparent about this. We will make it clear when we collect personal information and will explain what we intend to do with it. In regard to the collection of data please refer to the CISTCK Certification Process, in this regard we mediate with our third party but not only, CISTCK is accredited to issue certificate when completing course or education. We collect personally identifiable information with the consent of the natural person (data subject) and assure that data collected is used only for that purpose. In addition, when you create an account and become a CISTCK Client, Reseller, Trainer, Auditor, or Distributor you will be required to fill up a form for which we are not held responsible in a way you consent. We ask for your consent to send you information only in regard to CISTCK courses, news, newsletter, webinars, or other related content to CISTCK services.
1.4 Consent to Your Information Being Collected
The submission of information by users, clients, customers, students, trainers, auditors, stakeholders to CISTCK is done on voluntary basis. When a user, client, customer, student, trainer, auditor, stakeholder clicks the “Submit” button on any of our web forms at our website WWW.CISTCK.COM, the users are indicating they are aware of the CISTCK Terms and Conditions and Privacy Policy provisions and voluntarily consent to the conditions outlined therein.
1.5 Search engine
CISTCK can have the right to build a search engine within the website to help its visitors to find information easier. The search engine will be used to look up publicly available information presented on our website, and not personally identifiable information of our users.
1.6 Emailing
We use a third-party provider Office 365 to deliver our emails to our network. Microsoft has improved security for emails and the policies for data retention and deletion. We may send emails to our registered users of our services, collaborators or employees at any time to inform them for any company update or product.
2. Security and performance
We take precautions to protect your information and privacy. When you submit information via the form(s) available on our website, or hard copy in our premises your information is protected both online and offline. Only employees who need the information to perform a specific job (for example, billing or customer service, compliance department, certification managers, examiners and trainers) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment, monitored with a strictly controlled access.
We use a third-party service to help maintain the security and performance of our website. However, no data transmission over the Internet can be guaranteed to be completely confidential. Therefore, we cannot guarantee that any information you send us will not be lost, used unlawfully or modified in a fraudulent manner and we bear no liability for the use that may be made of the information provided by you or any third party.
2.1 Our Service Providers
To provide our services and publish our website WWW.CISTCK.COM, we use the GoDaddy. GoDaddy’s Privacy Policy is available online at https://uk.godaddy.com/agreements/privacy. We have not granted any permission whatsoever for them to share any personal information we collect from our account holders on our website. We also provide free webinars, and to provide them globally we use another service provider known as Microsoft TEAMS, Treccert Virtual Class and BrainCert. Please check their privacy policy in their website for more information.
Microsoft Azure is another service provider tha we use as Cloud Data Backup mechanism. The data stored or archived is encrypted and can be access only through the Multifactor Authentication Key. Such access is granted only to the CISTCK IT Systems Administrator. Microsoft O365 services offer encryption for data being transported and at rest with at least 128 Bit AES encryption.
3. People who contact us via social media
We use third party providers such as LinkedIn, Facebook, Instagram, Twitter, Google Plus, YouTube, Slideshare, ISSUU, Pinterest, and others to manage our social media interactions.
Social Media Interaction is maintained through the social media accounts listed above, and all of them have their own privacy policies on how they collect, process, and store data. Please visit them individually for a reference of their privacy policies.
If you send us a private or direct message via social media the message will be stored at LinkedIn and Slideshare as per their Privacy Policy, Facebook as per their Privacy Principles, Instagram as per their Privacy Policy, or Twitter as per their Privacy Policy. Google LLC and its affiliates offer different services including Google Plus and YouTube, for which they have their own Privacy Policy. Subscribers to CISTCK LinkedIn network won’t be shared with another network by CISTCK unless requested or asked by visitors or subscribers. We will not send any marketing email to our network subscribers without prior consent. In addition, we may publish a link to subscribe to our news and newsletters.
3.1 People contacting CISTCK by phone through our support-line
When you call CISTCK’s support-line we collect Calling Line Identification (CLI) information. We use this information to help improve its efficiency and effectiveness.
Our support-line also offers a translation service for customers when English is not their first language (additional languages include German and French). CISTCK holds the information necessary to fulfill caller’s request, opening ticket in the system, and processes with the ticket until is finalized. This information provided through ticketing system is reviewed and if applicable deleted in annual basis.
3.2 People who email us
We use Google Mail for e-mail system as a third party service provider. We selected Google because it complies with the information security requirements, including but not limited to ISO 27001 and EU GDPR. Emails sent by CISTCK will default be encrypted in transport by G-Suite. We do not guaranty that receivers of our emails have encryption enabled or available, therefore it is your responsibility to ensure encryption at your end.
We will also monitor any emails sent to us, including file attachments for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
3.3 People who use our Live Chat support line
We support our clients with a Live Chat support line available at our Help Center,
If you use the Live Chat service, we will collect your name, email address (optional), and the contents of your Live Chat session. This information will be retained for three years and will not be shared with any other organizations. Live Chat logs are also monitored for quality improvement.
4. Human Resources
4.1 Job applicants, current, and former CISTCK employees
The CISTCK is the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at |Email address
4.2 What will we do with the information you provide to us?
All of the information you provide during the process will only be used for the purpose of progressing your application or to fulfill legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing. The information you provide will be held securely by us and/or our Human Resources Office whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
4.3 What information do we ask for, and why?
We do not collect more information than we need to fulfill our stated purposes and will not retain it for longer than is necessary. The information we ask for is used to assess your suitability for employment.
5. Children’s Privacy
This privacy statement is not intended for use by children. We understand the importance of protecting children’s information, especially in an online environment, and we do not knowingly collect or maintain information about children unless this is provided by the parent or custodian of the children under the age of 16. The information collected to register the children in courses provided by CISTKC are only Name and Surname, other information is not necessary and the other information is registered in parents or custodian name.
6. Complaints
CISTCK tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of CISTCK’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address [email protected].
If you want to make a complaint about the way we have processed your personal information, you can do it sending email to [email protected].
6.1 Access to personal information
CISTCK tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a request for information we hold about them at Information Security Manager. If we do hold information about you we will:
• give you a description of it;
• tell you why we are holding it;
• tell you who it could be disclosed to; and
• let you have a copy of the information in an intelligible form.
To make a request to the CISTCK for any personal information we may hold the need to put the request in writing and addressing it to our Information Security Manager by writing at the email address
If we do hold information about you, you can ask us to correct any mistakes by, contacting the Information Security Manager.
If we do hold information you consider are kept by us without a reason, you can ask us to delete your information at any time. Please keep in mind that we do not delete all of your information when requested due to legal obligations such retaining financial transactions with you. Be aware that if you are certified by CISTCK holding any for the credentials we offer and you request to delete your information, a digital copy of the certificate(s) will be stored at an encrypted with limited access storage.
6.2 Disclosure of personal information
In general, and in all circumstances, we will not disclose personal data without consent. However, when we are asked by the regulatory body, supervisory authority, or for other necessary legal operation, we may disclose your information.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
We do not in any way guarantee for the content of our Resellers website content. Resellers are listed on our website, by providing links to their websites and you can suggest their websites for their policies in regard to their data protection and privacy policies. If you click on a link of a CISTCK approved Reseller provided in our website through a link or through the live map, you will be redirected to their website for which redirection CISTCK is not held responsible for any outcome caused opening the website(s). Provided links and addresses on our page are generated automatically (geographical location and contact) as the resellers update their physical address.
7. Changes to this privacy policy
We keep our privacy notice under regular review. This privacy notice was last updated on May 26, 2020. You will not be notified for changes in our privacy policy, in addition, you are obliged to visit our privacy policy in our website.