ID. Category of personal data Source of the data

Similar documents
Brasenose College ICT Systems Privacy Notice (v1.2)

POLICY 8200 NETWORK SECURITY

We may change the privacy notice from time to time by amending this page.

STUDENT ACCEPTABLE USE OF IT SYSTEMS POLICY

The purpose of this guidance is: To provide a comprehensive understanding to complying with the universities Acceptable Use Policy.

Privacy and cookie policy

UCL Policy on Electronic Mail ( )

The University of British Columbia Board of Governors

Acceptable Use Policy

Protecting your Privacy Winchester Cathedral Privacy Notice

We may change the privacy notice from time to time by amending this page. What type of information will we collect from you?

Data Protection Policy

Toucan Telemarketing Ltd.

STUDENTS BRING YOUR OWN DEVICE POLICY

Guardian Electrical Compliance Ltd DATA PROTECTION GDPR REGULATIONS POLICY

Privacy Policy GENERAL

Commercial Vehicle Mobile ANPR Policy

Access Control Policy

Element Finance Solutions Ltd Data Protection Policy

ma recycle GDPR Privacy Policy .com Rely and Comply... Policy Date: 24 May 2018

This Policy applies to all staff and other authorised users in St Therese School.

Standard for Security of Information Technology Resources

PRIVACY POLICY CORPORATE CUSTOMER

Data Protection Policy

Lakeshore Technical College Official Policy

Acceptable Use Policy (AUP)

Acceptable Usage Policy (Student)

Data Protection Policy

UWTSD Group Data Protection Policy

Subject: Kier Group plc Data Protection Policy

NIPPON VALUE INVESTORS DATA PROTECTION POLICY

Learning Management System - Privacy Policy

letters to The Scottish Parliament and texts to

The following terms apply at ExtilumHosting.com as of 1 September 2013.!

Information you give us when you sign up to the World Merit Hub. In addition, when you sign up to the World Merit Hub, we will usually ask for:

ACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010

Smile IT Ltd Privacy Policy. Hello, we re Smile IT Ltd. We offer computer and network support to businesses and home computer users.

PS Mailing Services Ltd Data Protection Policy May 2018

FIRESOFT CONSULTING Privacy Policy

We may change the privacy notice from time to time by amending this page.

The Apple Store, Coombe Lodge, Blagdon BS40 7RG,

Data Protection Policy

Data Protection Policy

Data Protection Policy

1. Right of access. Last Approval Date: May 2018

Data Subject Requests Procedure

ACCEPTABLE USE POLICY (AUP) 3W INFRA reserves the right to unilaterally amend the conditions set out in the Acceptable Use Policy (the Policies ).

Site Builder Privacy and Data Protection Policy

1.3 More information about eduroam is available at the relevant eduroam Service Provider (ESP) website detailed in Schedule 1 of this document.

HPE DATA PRIVACY AND SECURITY

Data protection policy

Privacy Notice for firstdirect.com

Communication and Usage of Internet and Policy

RMU-IT-SEC-01 Acceptable Use Policy

Acceptable Use Policy

Draft. Policies of Colorado State University University Policy. Category: Information Technology

HBW LAW LTD T/A HESELTINE BRAY & WELSH

Creative Funding Solutions Limited Data Protection Policy

SCHOOL SUPPLIERS. What schools should be asking!

Chess Entries 4 All Website Privacy Policy

Helping you to be GDPR compliant

A Homeopath Registered Homeopath

PPI Adhesive Products Ltd. PRIVACY NOTICE 1. WHAT IS A PRIVACY NOTICE & WHY IS IT IMPORTANT?

Enviro Technology Services Ltd Data Protection Policy

BIOEVENTS PRIVACY POLICY

UWC International Data Protection Policy

Vodafone Location Services. Privacy Management Code of Practice. Issued Version V1.0

American Dental Hygienists Association Privacy Policy

PTLGateway Acceptable Use Policy

A1 Complete Plumbing and Heating Limited Job Applicant Privacy Notice

Eco Web Hosting Security and Data Processing Agreement

BELLISSIMA BEAUTY SALON PRIVACY NOTICE

Tampere University of Technology Privacy Policy 1 (5) 18/06/2018

SMS SERVICE PROVISION

USE POLICY. iprimus.com.au

Eight Minute Expert GDPR. Login. Password

This data protection policy explains what Personal Data we collect and use, and for what Purposes. We recommend you read this policy carefully.

PRINCIPLES OF PROTECTION OF PERSONAL DATA (GDPR) WITH EFFICIENCY FROM

Access to personal accounts and lawful business monitoring

IT Appropriate Use - Best Practice for Guidelines. Section 1 - Purpose / Objectives. Section 2 - Scope / Application. Section 3 - Definitions

PURPOSE: To establish policies and procedures for the use of University-owned and -operated information technology resources.

COMPUTER USE POLICY Staff

Privacy Policy. MIPS Website Privacy Policy. Document Information. Contact Details. Version 1.0 Version date March 2018.

Lead Forensics Software Data Compliance Policy

Fluid Metering, Inc. Privacy Policy

WEBSITE PRIVACY POLICY

Act CXII of 2011 on the right to information self-determination and freedom of information. Act ;

PRIVACY POLICY PRIVACY POLICY

Terms and Conditions between Easy Time Clock, Inc. And Easy Time Clock Client

Personal Data Privacy Policy Updatedt: December 2018

Website Privacy Notice

St Bernard s Primary School Data Protection Policy

Data protection is important to us

Data Protection and GDPR

Depending on the Services or information you request from us, we may ask you to provide the following personal information:

PRIVACY POLICY FOR WEB AND ONLINE TRADING PLATFORM

201 CMR COMPLIANCE CHECKLIST Yes No Reason If No Description

Spree Privacy Policy

Data Protection Policy

Adkin s Privacy Information Notice for Clients, Contractors, Suppliers and Business Contacts

Transcription:

St John's College Record of Procesing Activities - IT Functions, including users of College em ID. Category of personal data Source of the data 1 Firewall, security and PC misuse incident log files consisting of the date and time of incident, which user (name and/or user name), details of the incident and any consequential action taken. We generate this data about you 2 Login information for students, staff, fellows and visitors consisting of time, date and duration of login, username and name of person logging in, their university card number, IP and MAC addresses associated with login, records of which users have printed documents and at what time/date, details of any charges for printing. We also hold records of the level of access permission users have to the system and which areas (e.g. staff, student, visitor, administrator). We also hold encrypted / obfuscated password information and records of internet usage (including records of sites visited, time and date of visit). We obtain this data from you We generate this data about you

3 IT support logs and records consisting of user names/contact information, dates and times of requests/problems, details of requests and details of steps taken and resolution of requests. We generate this data about you 4 Records of telephone calls made and received (records of numbers called to/from, duration of calls). We obtain this data from you

Why we process it How long we keep this In the course of maintaining the College's 6 years from the date we learn of the incident. networks, protecting their integrity, investigating computer misuse and to minimise the risk of misuse recurring. Such records might also be used for disciplinary purposes where staff or students have breached College policies. As a necessary part of the management and operation of our systems and controlling who has access to them. In cases of misconduct or copyright abuse such records might also be used as part of any investigation or staff/student disciplinary action. Records of internet usage are required to assist with troubleshooting and determining which users are affected by a security incident. Login information and internet use logs are retained for 12 months. Password and access level information is retained for as long as you are entitled to use our systems (e.g. whilst you are a student or staff member). They are also required to monitor and/or prevent: -malicious network traffic -suspected access of illegal materials, alleged copyright infringement and/or violations of University or College IT or disciplinary regulations Encrypted password information is held to enable users to login to our systems with their password.

In the normal course of operating and maintaining our systems IT support logs are retained for 12 months. The data is provided to us by providers of telephone services (mobile and landline) to the College. We use this data to ensure we have been invoiced correctly by the provider, and to check that College provided telephones are being used in accordance with College policy. Records are retained for 12 months.

Our lawful basis for processing Details relating to lawful basis (where applicable) Special category grounds for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms; for compliance with a legal obligation The College has a legitimate interest in maintaining the integrity of its systems, to investigate misuse and taking action to prevent misuse recurring. Keeping such records is also necessary to comply with the College's security and accountability obligations under data protection laws. for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms. for compliance with a legal obligation. In the case of staff and students, processing is necessary for performance of our contract with you. The College has legitimate interest in keeping records of who has accessed its systems, websites visited and activity to assist with IT security and in taking disciplinary action under its contracts with staff or students if appropriate. Keeping such records and monitoring activity is also necessary to comply with the College's security and accountability obligations under data protection laws.

for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms; for compliance with a legal obligation; The College has a legitimate interest in keeping such records to help it maintain the functioning and security of its systems. Keeping such records is also necessary to comply with the College's security and accountability obligations under data protection laws. for the purposes of our or someone else's legitimate interests, except where overridden by your data protection rights and freedoms We have a legitimate interest in the proper and efficient administration of College telephones and in ensuring they are being used correctly. N/A

Special category- details of public interest etc (where appropriate) Criminal conviction/criminal allegation grounds The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes. The processing is necessary for purposes of the prevention or detection of an unlawful act and must be carried out without the consent of the data subject, so as not to prejudice those purposes.

N/A

Criminal conviction/criminal allegation grounds (further information)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback