RWS Moravia Personal Data Retention Directive
Goal of the Personal Data Retention Directive
- As a company organized and existing under the laws of the Czech Republic with its subsidiaries, branches and operations worldwide, Moravia IT s.r.o., corporate identification number 032 51 853, with its registered office at Příkop 262/15, Zábrdovice, Postal Code 602 00, Brno, the Czech Republic, registered with the Commercial Register maintained by the Regional Court in Brno, part C, entry 88437 and its branches, subsidiaries, affiliates and holding companies (“RWS Moravia”) is subject to the laws of the Czech Republic, the laws of the European Union, in particular laws relating to personal data concerning its employees, suppliers and other physical persons (each as a “Data Subject”, collectively as “Data Subjects”), processed while carrying out RWS Moravia’s business activities.
- Processing of personal data is primarily governed by the Regulation (EC) No. 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“GDPR”) and by the Czech Personal Data Protection Act.
- Moravia has prepared this Personal Data Retention Directive to reflect its personal data retention and personal data erasure timelines and to provide guidance on retention and erasure periods of specific personal data.This Personal Data Retention Directive works closely with the RWS Moravia Data Processing Register.
- Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.Personal data may be processed only in compliance with the GDPR.
Retention and Erasure of Personal Data
- Storing, erasure and destruction of personal data is considered a data processing.
- Erasure of personal data is necessary to fulfil two of GDPR’s basic principles of
- data minimization; and
- data retention limitation.
- The principle of data minimization shall ensure that personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed, which means that data minimization limits the amount of personal data that is processed.
- The principle of retention limitation limits the length of personal data retention, so the personal data is stored only for a period of time that is necessary. After this period the personal data has to be deleted to comply with the retention limitation principle.
- Specific time limitations regarding specific personal data retention can be checked the Appendix 1.
- Retention period is a period for which the relevant personal data can be stored (retained) by RWS Moravia (“Retention Period”). Time limit for erasure of personal data is time limit within which the personal data shall be erased (“Erasure Time Limit”). Erasure Time Limit immediately follows Retention Period. Within the Erasure period, personal data shall be erased.
- RWS Moravia keeps Data Processing Register. In the register each RWS Moravia Business Unit has its own dedicated section which in turn is split into individual work streams.
- Each work stream has its own Retention Period and Erasure Time Limit. Information pertaining to the relevant personal data retention and erasure limits can be found in Appendix 1.
- The Data Processing Register is a live document which is subject to regular and irregular updates. Keeping a copy of “your” Retention Period and/or Erasure Time Limits is not recommended. Up-to-date information for reference are available in Data Processing Register.
|Business Unit||Work stream name||Retention Period/Erasure Time Limit|
|Marketing & Sales||Marketing – creating leads||
|Marketing & Sales||Sales||
|Vendor Management||Vendor Registration||
|Vendor management||Vendor administration||
|Vendor management||Voice talent||
|Physical Security||Reception – Visitor Form||
|Physical Security||Camera records Visitors||
|Physical Security||Entry Control||