Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
public:data_protection:instructions [2018-06-04 15:51] – vesely | public:data_protection:instructions [2018-07-16 18:08] – vesely | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== The Economics Institute GDPR instructions ====== | ====== The Economics Institute GDPR instructions ====== | ||
- | ===== Instruction No.1 – Reporting a Lost Device ===== | + | Česká verze //Pokynů// týkajících se ochrany osobních údajů je k dispozici na stránce [[https:// |
- | \\ | + | Pro účely agendy ochrany osobních údajů je určena kontaktní osoba: Petr Veselý, oddělení výpočetní techniky\\ |
- | Any lost or stolen electronic/ | + | GDPR primary contact person: Petr Veselý, Head of Computer Office\\ |
+ | Primární kontaktní email / Primary contact: [[helpdesk@cerge-ei.cz|]] | ||
+ | |||
+ | ===== Instruction no. 4 – Addressing multiple recipients in emails ===== | ||
+ | |||
+ | In the case of **sending an email to the private addresses of multiple recipients, it is strongly recommended to put their email addresses into the Bcc: address field ** (Blind carbon copy) only. Using the To: or Cc: fields exposes their private email addresses to the other recipients | ||
+ | |||
+ | This instruction does not apply to situations where recipient addresses are their working emails (no matter whether an internal or third party) or communication participants obviously know each other. | ||
+ | |||
+ | ===== Instruction no. 3 – Using private e-mail addresses in work communication ===== | ||
+ | |||
+ | **For the purpose of work communication within the Economics Institute (EI) or towards third parties, EI employees may use __only__ their work e-mail addresses with the cerge-ei.cz (or ei.cas.cz) domain.** The GDPR does not permit the use personal e-mail addresses for any type of work communication including communication with students. | ||
+ | |||
+ | As an exception, EI employees may use e-mail addresses from other official domains for the purpose of work communication related | ||
+ | |||
+ | EI employees may only use e-mail forwarding from the cerge-ei domain to an e-mail account | ||
+ | |||
+ | The above instructions do not address the placement of e-mail accounts of third-party recipients. | ||
+ | |||
+ | As always, the e-mail content may only include personal data that do not influence the recipient or that were originally included in the communication by the recipient. | ||
+ | |||
+ | ===== Instruction no. 2 – Publishing of students/ | ||
+ | |||
+ | The publishing of lists of students and/or alumni in printed form (in annual reports, etc.) or on a public web page is not allowed without their explicit consent. | ||
+ | |||
+ | Gained consent may be used in accordance with its specific purpose only. It must be specific and ‘individual’ so that you get separate consent for separate things. | ||
+ | |||
+ | ===== Instruction no. 1 – Reporting a Lost Device ===== | ||
\\ | \\ | ||
- | This instruction concerns any device containing personal data which might conceivably be lost or stolen or containing passwords the stealing of which migth lead to personal data loss (typically | + | **Any lost or stolen electronic/ |
+ | |||
+ | This instruction concerns any device containing personal data which might conceivably be lost or stolen or containing passwords, the stealing of which might lead to personal data loss (typically | ||
+ | |||
+ | ===== Email Disclaimer modification ===== | ||
+ | |||
+ | Dosavadní znění upozornění zůstává v platnosti, za poslední větu tohoto upozornění se nově doplňuje věta: | ||
+ | |||
+ | **„Obsahuje-li tento e-mail nebo některá z jeho příloh osobní údaje, dbejte při jeho dalším zpracování (zejména při archivaci) souladu s pravidly evropského nařízení GDPR.“** | ||
+ | |||
+ | The original disclaimer remains the same, only the following sentence should be appended: | ||
+ | |||
+ | **„If this e-mail or any of its attachments contains personal data, please be aware of data processing (particularly document management and archival policy) in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on GDPR.“** | ||
+ | |||
+ | Full text of CERGE-EI disclaimer is [[: | ||