Privacy Notice for Security

Privacy Notice Security – CCTV, Access control – all persons on campus

This privacy notice outlines how and why the American University in Bulgaria (AUBG) collects, uses and stores your personal data, and your rights in relation to the personal data we hold. We may modify or amend this Privacy Notice. The most current version will always be available on our Website and, where appropriate, notified to you by e-mail. If you have any questions about such matters you can contact us at

What personal data do we collect?

The personal information we collect from you is the following:

  • personal data including your name for the purposes of ID access card issuing;
  • images caught on security cameras, no voice is recorded;
  • access control information.

Why we collect personal data?

AUBG Security office collects data through the CCTV system for various reasons:

  • to control access to the building and to ensure the security of the building, the safety of AUBG students, faculty, staff and visitors, as well as property and information located or stored on the premises;
  • to prevent, deter, and if necessary, investigate unauthorized physical access, including unauthorized access to student rooms, IT infrastructure, or operational information;
  • to prevent, detect and investigate a theft of equipment or assets owned by the University, or students.

The CCTV system is not used for any other purpose, such as to monitor the work of employees or student attendance classes, nor student habits and activities. It is important to notice that the location and positioning of the video-cameras are such that they do not cover the surrounding public space (owned by Blagoevgrad Municipality); the cameras are aimed to give a general overview of what`s happening in certain places, not to recognize individuals.

The system is also not used as an investigative tool or to obtain evidence in internal investigations or disciplinary procedures unless a security incident is involved. (In exceptional circumstances, the data may be transferred to local investigatory bodies in the framework of a formal disciplinary or criminal investigation). The CCTV cameras are installed at the entrances, placed and focused in a way that only people who want to access the site or the surrounding areas (including parking areas) are captured.

The CCTV system covers the area of entry and exit points of the buildings, entry points inside the buildings, delivery, garage and surrounding areas of the buildings.

The basis for processing your information and how we use it

AUBG Security office is collecting and processing CCTV records and access control information in compliance with the Bulgarian Law on Private Guarding Activities, art. 11 (2), which allows “security activities to include access control and regime, and/or CCTV in compliance with the Personal Data Protection Act”.

Control and care over your data

We, as an institution with one of the highest rankings in Bulgaria, are striving to improve and upgrade our control systems – to include access control mechanisms of the collected and processed data, access controls, defined within the university, and most importantly – applied due care by our staff and faculty members. All measures are implemented against inadvertent or deliberate manipulation, loss, or destruction, and access by unauthorized persons.

Who we share your data with

Your data may be shared with public authorities, such as local department of Ministry of Interior, district prosecuting attorneys (only in cases of open investigation and upon official request by them), etc. as part of our legal obligations.

How long we keep it

The University Security office will keep your personal data from CCTV cameras for maximum two calendar months after your visit our premises. After that period any CCTV records is automatically deleted.

The University Security office will keep student access control information until the end of the current Academic year. After that period any CCTV recorded footage is automatically deleted.

We do not sell data or data-bases to third parties for any reasons.

You rights in relation to the personal data we hold:

  • to request an access to your personal data we hold;
  • to rectify or erasure your personal data;
  • to restrict or object to processing concerning your data;
  • to request data transfer to other parties;
  • to withdraw consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal;
  • to lodge a complaint with the supervisory authority – Commission for Personal Data Protection, address - 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592.      

You may address your concerns or inquiries to our Data Protection Officer (DPO) – Margarita Petkova, e-mail:; tel +359 73 888 337.

For more information regarding security policies and procedures on campus, please visit:

We are Social