Do you have a private life at your workplace?

Size: px
Start display at page:

Download "Do you have a private life at your workplace?"

Transcription

1 Do you have a private life at your workplace? Privacy in the workplace in EC institutions and bodies Giovanni Buttarelli

2 In the course of his supervisory activities, the EDPS has published positions on a number of matters that illustrate the difficult balance to be struck in the field of Privacy in the Workplace. I would like to briefly touch upon some of the most significant examples, notably in the areas of internet and telephony monitoring, staff productivity and work quality, flexible working and video surveillance. The main data protection legislation that applies to Community institutions and bodies is Regulation (EC) 45/2001 which governs the processing of personal data and the free movement of such data. In addition there are specific provisions on data protection in the electronic communications sector outlined in the e-privacy Directive (2002/58/EC). Regulation (EC) 45/2001 specifies that the independent supervisory authority required under Article 286 EC Treaty is the European Data Protection Supervisor (EDPS). The supervisory tasks of the EDPS are performed through a range of activities such as the prior checking of processing operations presenting specific risks, complaints received from staff members and other data subjects, and consultations received from the DPOs of the EC institutions and bodies. They cover all Community institutions and bodies (as opposed to "Union" institutions and bodies), excluding the Court of Justice acting in its judicial capacity. e-monitoring Perhaps the most illustrative and complicated area in this field is that of the monitoring of communications (otherwise referred to as "e-monitoring") whether these be communications, use of the internet or the use of mobile or fixed telephony. The recitals to Regulation (EC) 45/2001 provide that it may be necessary to monitor the computer networks operated under the control of the Community institutions and bodies for the purposes of prevention of unauthorised use, and that the EDPS should determine whether and under what conditions this should occur. There is therefore recognition that some sort of monitoring is permitted, but that this monitoring must be done in accordance with the rules provided for in the Regulation, notably that of necessity and proportionality. The EDPS has indicated his preference for a preventive approach to the misuse of communication networks rather than a repressive one, and for selective monitoring only in specific well defined cases, rather than for monitoring across the board. In the event of a breach of the usage policy, the EDPS recommends a gradual approach to any investigations, where the identity of persons breaching the rules is only revealed to management when absolutely necessary. Regarding the monitoring of the use of internet, the EDPS considered in a prior checking opinion that, in the absence of adequate suspicion, the monitoring of all the URL's visited by all users is unnecessary and excessive. The EDPS advised institutions to make use of indicators (for example, volume of data downloaded) rather than monitoring all URLs. Only in certain specific circumstances, could it be 2

3 considered necessary for the institution to monitor all the URLs accessed by specific individuals. This is the case, for example, when there is an adequate suspicion that a given user is engaged in criminal behaviour (e.g. downloading paedophilic material). Proportionality also guided the EDPS approach to the monitoring of professional telephone communications where the EDPS considered that targeted monitoring of traffic data could only take place if the costs of the communications were well above the average costs of communications per month. As for the recording of communications at the workplace, Article 36 of Regulation (EC) 45/2001 provides that the Community institutions and agencies must ensure the confidentiality of communications in accordance with the general principles of Community law. These general principles refer to the notion of fundamental rights as laid down by the European Convention on Human Rights. The EDPS therefore advocates that a breach of the confidentiality of communications may only take place in exceptional circumstances where there are no other less invasive or intrusive means available and a number of very strict conditions have been satisfied. Criminal investigations of course remain the competence of the Member States. On the other hand, the EDPS has authorised the recording of certain professional communications by the European Central Bank in the context of standard business transactions for the purposes of proof of the transaction and with the consent of the parties to the communication. The EDPS also considered that the recording of calls to the Helpdesk of an institution could be used for the purposes of solving the IT problem with the consent of the parties involved, but found that further use of the recordings for quality control and training purposes overstepped the acceptable limits of necessity. The EDPS therefore invited the institution concerned to make the data anonymous or to obtain the consent of the parties involved. The recording of communications to an emergency unit was also considered as lawful by the EDPS based on the obligations of the institution according to internal rules or National security provisions (in the case of an agency or institution on a nuclear site, for example). Monitoring staff availability, productivity and work quality There is an increasing trend among Community institutions and bodies to use IT databases to monitor the availability and use of their human resources, and in particular, to monitor the productivity and quality of work, both individually and organisationally. Some agencies have gone as far as setting up IT systems feeding large amounts of data into them precisely for these purposes. For example, one agency set up a system whereby certain managers (senior case workers and some head of units) randomly reviewed selected outputs (decisions, letters, etc) of employees. The results of these reviews (containing, for example, the types of mistakes made by an individual) were then fed into an electronic database. Another agency required staff members to keep detailed timesheets broken down by over 50 specific categories 3

4 and subcategories in much the same way as an international law firm would do for billing purposes. Again, this was fed into a database. We have also seen some efforts to create databases of multi-layered competencies within an organisation, to enable management to have an accurate view of the skill sets of its staff and therefore optimise the use of its human resources. The common aim of all these initiatives is to measure how organizations use their human resources, and to help improve the productivity and overall quality of work. However, there is often an additional, sometimes insufficiently explicit, goal of monitoring individual's productivity or work quality, for purposes of performance evaluation. Such monitoring is then used to inform decisions that may affect these employees, such as the distribution of tasks, temporary staff contract renewals, or promotions. In practice, monitoring for these purposes has a place in a modern administrative culture. However, it is important to carry out this monitoring in a privacy-friendly and data protection compliant manner. Organisations must be very clear on what they wish to accomplish and why. Institutions must bear in mind that there is an obvious relationship between the number of targets, criteria, and checks that are in place to monitor the use of time, productivity, and quality of work, and the amount of stress experienced by staff. As well as undermining trust between an organisation and its employees, such steps could be counter-productive leading to increases in absence rates and staff turnover. Therefore, the EDPS has emphasised the need to always consider whether there is indeed a need for the specific monitoring proposed, whether the monitoring is excessive, and whether there are alternative methods of achieving the same goals. We have also emphasised the need to make monitoring policies explicit, detailing them in formal decisions or manuals written in user-friendly language, and discussing them with staff representatives before adoption of any system. Further, the EDPS has stressed that such procedures must ensure a high level of data accuracy, reliability, and consistency. Even with such safeguards EDPS advises that management must clearly and explicitly recognise the limitations of the data to inform decisions, especially those affecting individual staff. In one case, the EDPS considered that it was legitimate for management in a translation unit to monitor the individual productivity of their staff. However this should not be the sole tool for evaluation and sufficient guarantees must be provided to staff members to rectify inaccurate data or to provide justifications for certain figures. Flexitime Another relevant area in the field of privacy at the workplace is that of monitoring the working hours of staff. Many institutions and agencies have put policies into place to allow staff to adopt flexible working hours (flexitime). The EDPS has reminded institutions that the data recorded by any flexitime system should not be used to monitor attendance at work on a general basis. This approach was highlighted by the objection of the EDPS to the sending of electronic mails to heads of units when a staff member registered his/her working hours on a flexi-system. The EDPS also marked his objection to the use of access control data to check the correct use of the flexitime system on a systematic basis. He ordered that the access control data could only be used as part of a pre-determined administrative procedure enquiring into a specific and well-founded suspicion of fraud of the flexitime system. 4

5 Security investigations Another area of concern regarding privacy in the workplace is that of security enquiries which are performed in some institutions and agencies. The security departments of some of the institutions and bodies are permitted to take certain measures against criminal or unlawful acts against buildings occupied by the institution/body or persons working within these buildings (or having access to them), as well as against any other acts which may prejudice the institution. Here again, the EDPS underlined the importance of the proportionality of such investigations notably the "necessity" of the processing which must be assessed on a case by case basis. From this perspective, the EDPS has underlined that the processing of personal data to be conducted in the context of the investigations has to be proportional not only to the general purpose of the processing operation (investigating criminal offences, protecting people and property, etc) but also to the particular purpose of the processing operation in the context of the case (considering, for instance, the seriousness of the incident under investigation, the sort of data needed to clarify the facts, etc.). In the context of such investigations, the EDPS also reminded institutions that whenever access to personal data appears to be necessary for the purposes of the investigation, such access should respect appropriate guarantees, taking into account any potential risk of inadmissibility of the evidence in a possible future criminal case, which could arise if the fundamental rights to privacy and personal data protection were not respected when the evidence was collected. Particular attention must be paid to respecting these principles when access to files which are manifestly of a private nature seems necessary for the purposes of the investigation. These same principles also apply to processing operations involving the forensic examination of computers. The EDPS considers that specific precautions should be taken regarding access to the contents of a computer belonging to a Community institution, since it may also contain files used by the employee for private purposes (for instance in the folder "My documents", or s marked as "private"), or files which are not relevant to or are excessive for the purposes of the investigation. Forensic examination of computers must be subject to particular authorisation mechanisms. In this respect, the EDPS recommends the adoption of formal procedures for the conduct of forensic examinations of computers, which will also help to ensure that the principle of data quality is respected. Video-surveillance Video-surveillance is another area with a significant impact on privacy in the workplace. We all know that video-surveillance has become a popular tool to tackle security issues. It also has an increasing presence within the European Community institutions and bodies who use this technology to help ensure the security of their buildings, the safety of staff and visitors, as well as to protect property and information located on their premises. 5

6 Despite its popularity and potential benefits, there are fundamental rights at stake, such as the right to privacy in the workplace, the right to be free from discrimination, freedom of speech and freedom of assembly - rights we cherish and all too often take for granted in Europe. Therefore, decisions on whether to install cameras and how to use them should not be made solely on security needs. Rather, security needs must be balanced against respecting the fundamental rights of an individual. In this context and in a climate of increasing concern regarding surveillance, the EDPS is currently working on a set of Video-surveillance Guidelines for Community institutions and bodies. The guidelines are designed to provide practical advice for deciding whether or not to install or use video-surveillance equipment, and when using, how best to address data protection issues. A consultation version of the draft was published in July - I invite you to take a look at it on our website at: We plan to formally publish the guidelines before the end of this year. They focus mainly on video-surveillance for security purposes but they also address the issue of employee monitoring. The compliance framework proposed in the guidelines focuses on the need to move away from a culture of seeing data protection as an administrative burden, to one based on privacy by design, transparency in local decision-making involving all stakeholders, active roles for data protection officers, and institutional accountability. As regards employee monitoring, our strongly held belief is that overly intrusive measures can cause employees unnecessary stress and can also erode trust within an organisation. The use of video-surveillance to monitor how staff members carry out their work should therefore be avoided, apart from in exceptional cases. To determine whether non-security video-surveillance, such as monitoring employees, is permissible, and whether such use requires additional safeguards not provided for in these guidelines, a case-by-case approach is necessary. Therefore, any such proposed video-surveillance should be subject to a privacy and data protection impact assessment by the institution. In this respect, we emphasise accountability and local decision-making. Nevertheless, due to the intrusiveness of employee monitoring, the EDPS also wants to keep a close eye on any such monitoring. Therefore, the institution must also submit its plans to the EDPS for prior checking. Where the institution proposes to use video-surveillance technology to monitor the work of staff, the EDPS will pay special attention to the views and concerns expressed by the institution s staff representatives and whether such views were taken into account. Goals such as managing workplace productivity, ensuring quality control, enforcing the institutions policies, or providing evidence for dispute resolution, alone, do not generally justify the video-surveillance of employees in the context of the work of the institutions. To give you a few simple examples; institutions should not use their existing video-surveillance systems to monitor the efficiency of outsourced cleaning staff carrying out their work in the early morning even if adequate notice were given to them in this regard, and there had been repeated 6

7 complaints regarding their quality of work. Neither should they use video-surveillance footage to check whether employees arrive at work on time or whether their flexitime records correspond to the arrival and departure times recorded on the cameras. As for monitoring triggered by security or health and safety concerns or similar compelling interests in exceptional circumstances, the EDPS will evaluate any such usage on a case-by-case basis. Complex issues also arise as to whether, and if so under what circumstances and subject to what safeguards, video-surveillance footage should be used for internal investigations, such as the investigation of benefit fraud, professional incompetence, employee harassment or procurement fraud. Our general recommendation is that the institutions should clearly state that video-surveillance is not used to control the performance of the employee s work and will also not be used as an investigative tool or evidence in internal investigations or in disciplinary procedures, unless a security incident or criminal behaviour is involved. That said, the guidelines are flexible, and exceptions might be granted, provided that the institutions adequately justify the need and proportionality of the proposed measure in a privacy and data protection impact assessment and a prior checking procedure before the EDPS. Further, practices where an employee is under constant surveillance (continuously in the field of vision of video-surveillance cameras) must be avoided. For example, the institutions should not use video-surveillance cameras to continuously monitor the cashier and the cash register in the canteen during opening hours, even if adequate notice were to be given to the cashier in this regard. One last issue that I would like to mention with regard to video-surveillance in the workplace is that of "covert surveillance". The use of covert surveillance is highly intrusive due to its secretive nature. Further, it has little or no preventive effect and is often merely proposed as a form of entrapment to secure evidence. Therefore, its use should be avoided. Proposed exceptions again must be accompanied by a compelling justification, a privacy and data protection impact assessment and must undergo prior checking by the EDPS who may impose, as necessary, specific data protection safeguards. In principle, the EDPS is unlikely to issue a positive prior checking opinion in this situation unless a number of very strict conditions are satisfied. 7

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE

CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE Représentant les avocats d Europe Representing Europe s lawyers CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION

More information

Video surveillance at EFSA Implementing rules and technical specifications

Video surveillance at EFSA Implementing rules and technical specifications Video surveillance at EFSA Implementing rules and technical specifications PUBLIC version 1 Introduction EFSA operates a video surveillance system (hereafter VSS) for the safety and security of its buildings,

More information

The primary responsibility for the data processing lies within the Administration Department, which the FINCOP Unit is part of.

The primary responsibility for the data processing lies within the Administration Department, which the FINCOP Unit is part of. Opinion on a Notification for Prior Checking received from the Data Protection Officer of the European Training Foundation Regarding the Processing Operations to Manage Calls for Tenders Brussels, 22 April

More information

European Investment Bank Group. Video-surveillance policy

European Investment Bank Group. Video-surveillance policy Group TABLE OF CONTENTS 1. Purpose and scope of the video-surveillance policy... 2 2. Respect for privacy, data protection and compliance with the relevant rules... 2 2.1. Compliance status... 2 2.2.

More information

What future for the Data Retention Directive

What future for the Data Retention Directive What future for the Data Retention Directive EU Council Working Party on Data Protection and Information Exchange (DAPIX Data Protection) Brussels, 4 May 2011 Discussion on the Commission Evaluation report

More information

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining

More information

Brussels, 20 July 2010 (Case 2009-0215) 1. Proceedings

Brussels, 20 July 2010 (Case 2009-0215) 1. Proceedings Opinion on a notification for Prior Checking received from the Data Protection Officer of the European Investment Bank (EIB) concerning procedures related to "360 Leadership feedback report" Brussels,

More information

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (95) 4 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (95) 4 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES COUNCIL OF EUROPE COMMITTEE OF MINISTERS RECOMMENDATION No. R (95) 4 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES ON THE PROTECTION OF PERSONAL DATA IN THE AREA OF TELECOMMUNICATION SERVICES, WITH PARTICULAR

More information

How to Monitor Employee Web Browsing and Email Legally

How to Monitor Employee Web Browsing and Email Legally WHITEPAPER: HOW TO MONITOR EMPLOYEE WEB BROWSING AND EMAIL LEGALLY How to Monitor Employee Web Browsing and Email Legally ABSTRACT The Internet and email are indispensable resources in today s business

More information

Quick guide to the employment practices code

Quick guide to the employment practices code Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment

More information

Video surveillance policy (PUBLIC)

Video surveillance policy (PUBLIC) 29 July 2015 EMA/133708/2015 Administration Division POLICY/0046 POLICY/0046 Effective Date: 01/01/2015 Review Date: 01/01/2018 Supersedes: Version 1 1. Introduction and purpose For the safety and security

More information

EUROPEAN DATA PROTECTION SUPERVISOR

EUROPEAN DATA PROTECTION SUPERVISOR 20.6.2012 Official Journal of the European Union C 177/1 I (Resolutions, recommendations and opinions) OPINIONS EUROPEAN DATA PROTECTION SUPERVISOR Opinion of the European Data Protection Supervisor on

More information

EUROPEAN UNION. Brussels, 12 July 2002 (OR. en) PE-CONS 3636/02 2000/0189 (COD) LEX 365 ECO 217 CODEC 778

EUROPEAN UNION. Brussels, 12 July 2002 (OR. en) PE-CONS 3636/02 2000/0189 (COD) LEX 365 ECO 217 CODEC 778 EUROPEAN UNION THE EUROPEAN PARLIAMT THE COUNCIL Brussels, 12 July 2002 (OR. en) 2000/0189 (COD) LEX 365 PE-CONS 3636/02 ECO 217 CODEC 778 DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMT AND OF THE COUNCIL

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 5401/01/EN/Final WP 55 Working document on the surveillance of electronic communications in the workplace Adopted on 29 May 2002 Comments: * national chapters might

More information

technical factsheet 176

technical factsheet 176 technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection

More information

DATA PROTECTION: THE EU REFORM PROPOSALS Timothy Pitt-Payne QC

DATA PROTECTION: THE EU REFORM PROPOSALS Timothy Pitt-Payne QC DATA PROTECTION: THE EU REFORM PROPOSALS Timothy Pitt-Payne QC INTRODUCTION 1. The Commission s reform proposals are set out in detail at: http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm

More information

Policy on Public and School Bus Closed Circuit Television Systems (CCTV)

Policy on Public and School Bus Closed Circuit Television Systems (CCTV) DEPARTMENT OF TRANSPORT Policy on Public and School Bus Closed Circuit Television Systems (CCTV) Responsibility of: Public Transport Division TRIM File: DDPI2010/3680 Effective Date: July 2010 Version

More information

Data Protection A Guide for Users

Data Protection A Guide for Users Data Protection A Guide for Users EUROPEAN PARLIAMENT Contents Contents 3 Introduction 4 Data protection standards making a difference in the European Parliament 5 Data protection the actors 6 Data protection

More information

Monitoring and Ensuring Compliance with Regulation (EC) 45/2001. Policy paper. Brussels, 13 December 2010

Monitoring and Ensuring Compliance with Regulation (EC) 45/2001. Policy paper. Brussels, 13 December 2010 Monitoring and Ensuring Compliance with Regulation (EC) 45/2001 Policy paper Brussels, 13 December 2010 Postal address: rue Wiertz 60 - B-1047 Brussels Offices: rue Montoyer 63 E-mail : edps@edps.europa.eu

More information

SURVEILLANCE AND PRIVACY

SURVEILLANCE AND PRIVACY info sheet 03.12 SURVEILLANCE AND PRIVACY Info Sheet 03.12 March 2012 This Information Sheet applies to Victorian state and local government organisations that are bound by the Information Privacy Act

More information

on the Proposal for a Regulation of the European Parliament and of the Council laying

on the Proposal for a Regulation of the European Parliament and of the Council laying Opinion of the European Data Protection Supervisor on the Proposal for a Regulation of the European Parliament and of the Council laying down measures concerning the European single market for electronic

More information

EUROPEAN DATA PROTECTION SUPERVISOR

EUROPEAN DATA PROTECTION SUPERVISOR C 47/6 Official Journal of the European Union 25.2.2010 EUROPEAN DATA PROTECTION SUPERVISOR Opinion of the European Data Protection Supervisor on the Communication from the Commission on an Action Plan

More information

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007

Linde Integrity Line. Process and Data Protection Policy. 1 July 2007 Linde Integrity Line Process and Data Protection Policy 1 July 2007 Page 2 of 10 Table of Contents Preamble 3 1 Scope of application 3 2 Definitions 3 3 Submitting Reports Regular Channels 3 4 Submitting

More information

Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal

Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal COELHO RIBEIRO E ASSOCIADOS SOCIEDADE CIVIL DE ADVOGADOS Employees monitoring of information and communication technologies private usage Guidelines updated in Portugal CRA Coelho Ribeiro e Associados,

More information

15 Principles on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters

15 Principles on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters 15 Principles on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters Principle 1 (Protection of rights and freedoms) 1. Personal data must

More information

DATA PROTECTION AND DATA STORAGE POLICY

DATA PROTECTION AND DATA STORAGE POLICY DATA PROTECTION AND DATA STORAGE POLICY 1. Purpose and Scope 1.1 This Data Protection and Data Storage Policy (the Policy ) applies to all personal data collected and dealt with by Centre 404, whether

More information

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof, Opinion of the European Data Protection Supervisor on the Joint Communication of the Commission and of the High Representative of the European Union for Foreign Affairs and Security Policy on a 'Cyber

More information

CCTV CODE OF PRACTICE

CCTV CODE OF PRACTICE CCTV CODE OF PRACTICE Policy area: Operation of CCTV on University Premises Definitions CCTV means Closed Circuit Television. Control Room(s) means those Control Rooms manned by Security staff at the City,

More information

12th January 2011. Dear Mr. Graham, Complaint: Internet Eyes

12th January 2011. Dear Mr. Graham, Complaint: Internet Eyes 12th January 2011 Mr Christopher Graham Information Commissioner The Office of the Information Commissioner, Water Lane, Wycliffe House, Wilmslow, Cheshire SK9 5AF UNITED KINGDOM Dear Mr. Graham, Complaint:

More information

The reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012

The reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012 The reform of the EU Data Protection framework - Building trust in a digital and global world 9/10 October 2012 Questionnaire addressed to national Parliaments Please, find attached a number of questions

More information

Review of the Workplace Surveillance Act 2005 (NSW) Submission to the NSW Attorney- General s Department. January 2011

Review of the Workplace Surveillance Act 2005 (NSW) Submission to the NSW Attorney- General s Department. January 2011 Review of the Workplace Surveillance Act 2005 (NSW) Submission to the NSW Attorney- General s Department January 2011 e m a i l: m a i l @ p r i v a c y. o r g. a u w e bsite : w w w. p r i v a c y. o

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection

More information

Value of the EU Data Protection Reform against the Big Data challenges. Keynote address 5th European Data Protection Days Berlin, 4.5.

Value of the EU Data Protection Reform against the Big Data challenges. Keynote address 5th European Data Protection Days Berlin, 4.5. Value of the EU Data Protection Reform against the Big Data challenges Keynote address 5th European Data Protection Days Berlin, 4.5.2015 Giovanni Buttarelli European Data Protection Supervisor (Check

More information

Photography and filming in schools Code of Practice

Photography and filming in schools Code of Practice Photography and filming in schools Code of Practice Data Protection compliance September 2010 Photography and filming in schools September 2010 1 Contents 1. About this code 3 2. Complying with the Data

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 11885/04/EN WP 99 Opinion 9/2004 on a draft Framework Decision on the storage of data processed and retained for the purpose of providing electronic public communications

More information

INERTIA ETHICS MANUAL

INERTIA ETHICS MANUAL SEVENTH FRAMEWORK PROGRAMME Smart Energy Grids Project Title: Integrating Active, Flexible and Responsive Tertiary INERTIA Grant Agreement No: 318216 Collaborative Project INERTIA ETHICS MANUAL Responsible

More information

Position of the retail and wholesale sector on the Draft Data Protection Regulation in view of the trilogue 2015

Position of the retail and wholesale sector on the Draft Data Protection Regulation in view of the trilogue 2015 2 September 2015 Position of the retail and wholesale sector on the Draft Data Protection Regulation in view of the trilogue 2015 We support the efforts of EU legislators to create a harmonised data protection

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 00451/06/EN WP 118 Working Party 29 Opinion 2/2006 on privacy issues related to the provision of email screening services Adopted on 21 February 2006 This Working

More information

23/1/15 Version 1.0 (final)

23/1/15 Version 1.0 (final) Information Commissioner s Office response to the Cabinet Office s consultation on the proposal to amend the Privacy and Electronic Communications (EC Directive) Regulations 2003 ( PECR ), to enable the

More information

Comments and proposals on the Chapter IV of the General Data Protection Regulation

Comments and proposals on the Chapter IV of the General Data Protection Regulation Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International

More information

Regulation of Investigatory Powers Act 2000

Regulation of Investigatory Powers Act 2000 Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice 6 February 2015 Ministerial Foreword The abilities to read or listen

More information

2010THE LEGISLATIVE ASSEMBLY FOR THEAUSTRALIAN CAPITAL TERRITORY. WORKPLACE PRIVACY BILL 2010EXPLANATORY STATEMENT Circulated by Amanda Bresnan MLA

2010THE LEGISLATIVE ASSEMBLY FOR THEAUSTRALIAN CAPITAL TERRITORY. WORKPLACE PRIVACY BILL 2010EXPLANATORY STATEMENT Circulated by Amanda Bresnan MLA 2010THE LEGISLATIVE ASSEMBLY FOR THEAUSTRALIAN CAPITAL TERRITORY WORKPLACE PRIVACY BILL 2010EXPLANATORY STATEMENT Circulated by Amanda Bresnan MLA OVERVIEW The objects of this Bill are to ensure that employers

More information

This document is meant purely as a documentation tool and the institutions do not assume any liability for its contents

This document is meant purely as a documentation tool and the institutions do not assume any liability for its contents 2002L0058 EN 19.12.2009 002.003 1 This document is meant purely as a documentation tool and the institutions do not assume any liability for its contents B DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMENT

More information

CCTV Surveillance Camera Operational Procedures PART 1. INCIDENT REPORTING

CCTV Surveillance Camera Operational Procedures PART 1. INCIDENT REPORTING PROCEDURAL GUIDELINES CCTV Surveillance Camera Operational Procedures PART 1. INCIDENT REPORTING DOCUMENT UNCONTROLLED WHEN PRINTED DOCUMENT CONTROL Procedure Number: P93.1 Approved by: CEO Directorate:

More information

Online Security, Traffic Data and IP Addresses. Review of the Regulatory Framework for Electronic Communications

Online Security, Traffic Data and IP Addresses. Review of the Regulatory Framework for Electronic Communications Brussels, October 8 th 2008 Online Security, Traffic Data and IP Addresses Review of the Regulatory Framework for Electronic Communications Francisco Mingorance Senior Director Government Affairs franciscom@bsa.org

More information

1. Introduction Purpose The purpose of this policy is to:

1. Introduction Purpose The purpose of this policy is to: 1. Introduction 1.1. Overview The use of Closed Circuit Television or Surveillance Cameras (collectively known as CCTV) that capture and process images of individuals, who can be identified from those

More information

Public Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner

Public Consultation regarding Data Sharing and Governance Bill. Contribution of Office of the Data Protection Commissioner Submission of the Office of the Data Protection Commissioner (DPC) on the data-sharing and Governance Bill: - Policy Proposals (dated the 1 st of August 2014) Public Consultation regarding Data Sharing

More information

INFORMATION PRIVACY STATEMENT

INFORMATION PRIVACY STATEMENT INFORMATION PRIVACY STATEMENT Victoria Police is bound by the Privacy and Data Protection Act 2014 in how it manages personal information. Victoria Police is committed to protecting the personal information

More information

Opinion on a notification for prior checking received from the Data Protection Officer of the Court of Auditors related to Internet monitoring

Opinion on a notification for prior checking received from the Data Protection Officer of the Court of Auditors related to Internet monitoring Opinion on a notification for prior checking received from the Data Protection Officer of the Court of Auditors related to Internet monitoring Brussels, 10 November 2008 (Case 2008-284) 1. Proceedings

More information

DATA PROTECTION POLICY

DATA PROTECTION POLICY Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection

More information

Lawlink NSW: Guide to the Workplace Video Surveillance Act

Lawlink NSW: Guide to the Workplace Video Surveillance Act Guide to the Workplace Video Surveillance Act A Guide to the Workplace Video Surveillance Act 1998 (NSW) Privacy NSW February 2002 CONTENTS The Workplace Video Surveillance Act 1998 Coverage of the Act

More information

Information Governance Framework. June 2015

Information Governance Framework. June 2015 Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review

More information

Factsheet on the Right to be

Factsheet on the Right to be 101010 100101 1010 101 Factsheet on the Right to be 100 Forgotten ruling (C-131/12) 101 101 1) What is the case about and what did 100 the Court rule? 10 In 2010 a Spanish citizen lodged a complaint against

More information

Comments and proposals on the Chapter II of the General Data Protection Regulation

Comments and proposals on the Chapter II of the General Data Protection Regulation Comments and proposals on the Chapter II of the General Data Protection Regulation Ahead of the trialogue negotiations in September, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International

More information

Common position of national authorities within the CPC Network

Common position of national authorities within the CPC Network Common position of national authorities within the CPC Network Assessment of proposals made by Apple, Google and relevant trade associations regarding in-app purchases in online games By letter dated 9

More information

LAW OF THE REPUBLIC OF ARMENIA ON THE PROTECTION OF PERSONAL DATA CHAPTER 1. GENERAL PROVISIONS

LAW OF THE REPUBLIC OF ARMENIA ON THE PROTECTION OF PERSONAL DATA CHAPTER 1. GENERAL PROVISIONS DRAFT LAW OF THE REPUBLIC OF ARMENIA ON THE PROTECTION OF PERSONAL DATA CHAPTER 1. GENERAL PROVISIONS Article 1. Object of Regulation and Objective of the Law 1. This Law shall regulate relations pertaining

More information

Opinion of the European Data Protection Supervisor

Opinion of the European Data Protection Supervisor Opinion of the European Data Protection Supervisor on the Commission Proposal for a Regulation of the European Parliament and of the Council on a European network of Employment Services, workers' access

More information

Surveillance Camera Code of Practice. June 2013

Surveillance Camera Code of Practice. June 2013 Surveillance Camera Code of Practice June 2013 Surveillance Camera Code of Practice Presented to Parliament Pursuant to Section 30 (1) (a) of the Protection of Freedoms Act 2012 June 2013 London: The Stationery

More information

Raising Concerns at Work (Whistle Blowing) Policy and Procedure

Raising Concerns at Work (Whistle Blowing) Policy and Procedure Raising Concerns at Work (Whistle Blowing) Policy and Procedure Raising Concerns at Work (Whistle Blowing) Policy and Procedure Page: Page 1 of 12 Recommended by Approved by Workforce Committee Board of

More information

SPANISH DATA PROTECTION AGENCY

SPANISH DATA PROTECTION AGENCY SPANISH DATA PROTECTION AGENCY 21648 INSTRUCTION 1/2006, of 8 November, by the Spanish Data Protection Agency, on processing personal data for surveillance purposes through camera or video-camera systems.

More information

HORIZON OIL LIMITED (ABN: 51 009 799 455)

HORIZON OIL LIMITED (ABN: 51 009 799 455) HORIZON OIL LIMITED (ABN: 51 009 799 455) CORPORATE CODE OF CONDUCT Corporate code of conduct Page 1 of 7 1 Introduction This is the corporate code of conduct ( Code ) for Horizon Oil Limited ( Horizon

More information

SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001 IN RELATION TO THE DATA PROTECTION OFFICER

SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001 IN RELATION TO THE DATA PROTECTION OFFICER SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001 IN RELATION TO THE DATA PROTECTION OFFICER 10 September 2009 page 1 / 8 SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001

More information

Self assessment tool. Using this tool

Self assessment tool. Using this tool Self assessment tool How well does your organisation comply with the 12 guiding principles of the surveillance camera code of practice? Complete this easy to use self assessment tool to find out if you

More information

Direct Recruitment Privacy Policy

Direct Recruitment Privacy Policy Direct Recruitment Privacy Policy Direct Recruitment manages personal information in accordance with the Privacy Act 1988 and Australian Privacy Principles (APP). This policy applies to information collected

More information

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion

Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.

More information

DISCIPLINARY, DISMISSAL AND GRIEVANCE PROCEDURES. Guidance for employers

DISCIPLINARY, DISMISSAL AND GRIEVANCE PROCEDURES. Guidance for employers DISCIPLINARY, DISMISSAL AND GRIEVANCE PROCEDURES Guidance for employers Contents Foreword...1 Chapter 1: Disciplinary and dismissal procedures...2 Communicating your disciplinary and grievance procedures...2

More information

Template for Automatic Number Plate Recognition (ANPR) Infrastructure Development Privacy Impact Assessment

Template for Automatic Number Plate Recognition (ANPR) Infrastructure Development Privacy Impact Assessment Template for Automatic Number Plate Recognition (ANPR) Infrastructure Development Privacy Impact Assessment This template is provided to support the police service and other law enforcement agencies (LEA)

More information

Electronic Communications Guidance for School Staff 2013/2014

Electronic Communications Guidance for School Staff 2013/2014 Our Lady of Lourdes and St Patrick s Catholic Primary Schools Huddersfield Electronic Communications Guidance for School Staff 2013/2014 Updated September 2013 Contents 1. Introduction 2. Safe and responsible

More information

Surveillance Camera Code of Practice A Guide for Councillors

Surveillance Camera Code of Practice A Guide for Councillors Surveillance Camera Code of Practice A Guide for Councillors How well does your authority comply with the 12 guiding principles of the surveillance camera code of practice? Executive Summary The Protection

More information

4-column document Net neutrality provisions (including recitals)

4-column document Net neutrality provisions (including recitals) 4-column document Net neutrality provisions (including recitals) [Text for technical discussions. It does not express any position of the Commission or its services] Proposal for a REGULATION OF THE EUROPEAN

More information

AlixPartners, LLP. General Data Protection Statement

AlixPartners, LLP. General Data Protection Statement AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection

More information

St James Primary School Mobile Phone Policy for staff, visitors, volunteers and pupils

St James Primary School Mobile Phone Policy for staff, visitors, volunteers and pupils 2015-16 Learning to live, living to learn, learning from Christ Signed by Chair Date.. This policy provides clear guidance on the use of mobile phones in school by both staff and pupils Introduction St

More information

Monitoring Employee Communications: Data Protection and Privacy Issues

Monitoring Employee Communications: Data Protection and Privacy Issues Monitoring Employee Communications: Data Protection and Privacy Issues By Anthony Sakrouge, Kate Minett, Daniel Preiskel and Jose Saras Reprinted from Computer and Telecommunications Law Review Issue 8,

More information

General Terms and Conditions

General Terms and Conditions General Terms and Conditions I. 1 Roma Sconosciuta is a non-profit cultural association; it aims to promote the knowledge, the valorisation and preservation of the artistic, cultural, historical and architectonical

More information

Parliamentary Security Camera Policy

Parliamentary Security Camera Policy Parliamentary Security Camera Policy Introduction 1) Security cameras are employed in various parts of the Palace of Westminster and its surrounding estate. They are a vital part of the security system

More information

Data Protection Policy

Data Protection Policy Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and

More information

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS

FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS FIRST DATA CORPORATION PROCESSOR DATA PROTECTION STANDARDS As a world leader in electronic commerce and payment services, First Data Corporation and its subsidiaries ( First Data entity or entities ),

More information

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES

COUNCIL OF EUROPE COMMITTEE OF MINISTERS. RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES COUNCIL OF EUROPE COMMITTEE OF MINISTERS RECOMMENDATION No. R (90) 19 OF THE COMMITTEE OF MINISTERS TO MEMBER STATES ON THE PROTECTION OF PERSONAL DATA USED FOR PAYMENT AND OTHER RELATED OPERATIONS' (Adopted

More information

Prior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC

Prior checking opinion on the European Surveillance System (TESSy) notified by the European Centre for Disease Prevention and Control (ECDC Prior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC") on 22 July 2009 Brussels, 3 September 2010 (case 2009-0474)

More information

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

COMMISSION OF THE EUROPEAN COMMUNITIES. Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 21.9.2005 COM(2005) 438 final 2005/0182 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the retention of data processed

More information

Data Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk

Data Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk Data Protection Act 1998 The for the Borough Council of King's Lynn & West Norfolk 1 Contents Introduction 3 1. Statement of Intent 4 2. Fair Obtaining I Processing 5 3. Data Uses and Processes 6 4. Data

More information

AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010

AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010 AC&E Insurance Services Pty Ltd Privacy Statement Effective: 1 August, 2010 AC&E means AC&E Insurance Services Pty Ltd (ABN 69 137 720 757). AC&E has always valued the privacy of personal information.

More information

Guidance to Clubs on the Data Protection Act

Guidance to Clubs on the Data Protection Act Guidance to Clubs on the Data Protection Act February 2013 (updated October 2015) This is part of the RT2020 initiative by the T&RA to help clubs with relevant legislation. All organisations that collect

More information

BRING YOUR OWN DEVICE

BRING YOUR OWN DEVICE BRING YOUR OWN DEVICE Legal Analysis & Practical TIPs for an effective BYOD corporate Policy CONTENTS 1. What is BYOD? 2. Benefits and risks of BYOD in Europe 3. BYOD and existing Policies 4. Legal issues

More information

THE EDPS VIDEO-SURVEILLANCE GUIDELINES

THE EDPS VIDEO-SURVEILLANCE GUIDELINES Brussels, 17 March 2010 THE EDPS VIDEO-SURVEILLANCE GUIDELINES Table of contents FOREWORD... 4 1 OBJECTIVE OF THE GUIDELINES... 5 2 SCOPE OF THE GUIDELINES... 6 2.1 SCOPE... 6 2.2 EXCLUSIONS FROM SCOPE...

More information

Rules of Procedure. DECISION OF THE EUROPEAN DATA PROTECTION SUPERVISOR of 17 December 2012 on the adoption of Rules of Procedure

Rules of Procedure. DECISION OF THE EUROPEAN DATA PROTECTION SUPERVISOR of 17 December 2012 on the adoption of Rules of Procedure Rules of Procedure DECISION OF THE EUROPEAN DATA PROTECTION SUPERVISOR of 17 December 2012 on the adoption of Rules of Procedure THE EUROPEAN DATA PROTECTION SUPERVISOR, Having regard to Regulation (EC)

More information

Conference "Taking on the Data Retention Directive" Brussels, 3 December "The moment of truth for the Data Retention Directive"

Conference Taking on the Data Retention Directive Brussels, 3 December The moment of truth for the Data Retention Directive Conference "Taking on the Data Retention Directive" Brussels, 3 December 2010 "The moment of truth for the Data Retention Directive" Peter Hustinx European Data Protection Supervisor Today we are discussing

More information

Rules for the use of the IT facilities. Effective August 2015 Present

Rules for the use of the IT facilities. Effective August 2015 Present Rules for the use of the IT facilities Effective August 2015 Present INFORMATION MANAGEMENT GUIDE RULES FOR THE USE OF THE UNIVERSITY S IT FACILITIES ( The Rules ) 1. Introduction 2. Interpretation 3.

More information

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I.

Policy Statement. Employee privacy, data protection and human resources. Prepared by the Commission on E-Business, IT and Telecoms. I. International Chamber of Commerce The world business organization Policy Statement Employee privacy, data protection and human resources Prepared by the Commission on E-Business, IT and Telecoms I. Introduction

More information

Terms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer

Terms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer 1 Terms & Conditions In this section you can find: - Website usage terms and conditions 1, 2, 3 - Website disclaimer -Acceptable internet use policy 1,2,3,4 - Acceptable email use policy 1, 2 - Copyright

More information

London Borough of Brent Joint Regulatory Services ENFORCEMENT POLICY

London Borough of Brent Joint Regulatory Services ENFORCEMENT POLICY London Borough of Brent Joint Regulatory Services ENFORCEMENT POLICY Date of implementation: 01/11/05 Issue No:01 Issued by: Stephen Moore Executive approval: 12/09/2005 INTRODUCTION 1. This document sets

More information

Corporate Code of Conduct

Corporate Code of Conduct 1. Background Corporate Code of Conduct 1.1. For over a century, the Swire group of companies has been recognised as acting responsibly in the course of achieving its commercial success. Our reputation

More information

Catalyst Consulting & Events (CCE) takes seriously its commitment to preserve the privacy of the personal information that we collect.

Catalyst Consulting & Events (CCE) takes seriously its commitment to preserve the privacy of the personal information that we collect. PRIVACY POLICY 1. Introduction Catalyst Consulting & Events (CCE) takes seriously its commitment to preserve the privacy of the personal information that we collect. We will only collect information that

More information

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt

QUEENSLAND COUNTRY HEALTH FUND. privacy policy. Queensland Country Health Fund Ltd ABN 18 085 048 237. better health cover shouldn t hurt QUEENSLAND COUNTRY HEALTH FUND privacy policy Queensland Country Health Fund Ltd ABN 18 085 048 237 better health cover shouldn t hurt 1 2 contents 1. Introduction 4 2. National Privacy Principles 5 3.

More information

ARTICLE 29 Data Protection Working Party

ARTICLE 29 Data Protection Working Party ARTICLE 29 Data Protection Working Party 11601/EN WP 90 Opinion 5/2004 on unsolicited communications for marketing purposes under Article 13 of Directive 2002/58/EC Adopted on 27 February 2004 This Working

More information

EASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY. Inspire and Achieve

EASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY. Inspire and Achieve EASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY Inspire and Achieve Introduction This document sets out the guidance on social networking and aims to: Set clear expectations of behaviour

More information

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers

Office of the Data Protection Commissioner of The Bahamas. Data Protection (Privacy of Personal Information) Act, 2003. A Guide for Data Controllers Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in

More information

Closed Circuit Television (CCTV) code of practice. Based on the publication A Code of Practice for CCTV www.ico.gov.uk

Closed Circuit Television (CCTV) code of practice. Based on the publication A Code of Practice for CCTV www.ico.gov.uk Closed Circuit Television (CCTV) code of practice Based on the publication A Code of Practice for CCTV www.ico.gov.uk Owner: Ian Heywood Last reviewed: July 2011 Contents 1.0 Introduction... 4 2.0 CCTV

More information

PRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy)

PRESIDENT S DECISION No. 40. of 27 August 2013. Regarding Data Protection at the European University Institute. (EUI Data Protection Policy) PRESIDENT S DECISION No. 40 of 27 August 2013 Regarding Data Protection at the European University Institute (EUI Data Protection Policy) THE PRESIDENT OF THE EUROPEAN UNIVERSITY INSTITUTE, Having regard

More information

Merthyr Tydfil County Borough Council. Data Protection Policy

Merthyr Tydfil County Borough Council. Data Protection Policy Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the

More information