How many times have you shared a copy of your passport, ID card or CV while working at CERN? Whether you are a member of the personnel, a contractor or simply a visitor, it is very likely that you have shared some of these documents in order to comply with the various administrative processes in place at CERN – but did you know that the information contained in these documents is considered personal data and is therefore owned by the data subject?
CERN takes the processing of your personal data very seriously and applies the principles of its Data Privacy Protection Policy through Operational Circular no. 11, “The Processing of Personal Data at CERN”.
As well as being a data subject, you may also process colleagues’ personal data. In that case, what do you need to know if you are handling passports, ID documents or CVs at CERN?
Three key principles apply:
- CVs, passports and ID documents should be shared only via secure platforms, such as CERNBox and Service Now, and never by email.
- CVs, passports and ID documents that need to be stored should be appropriately protected and secure.
- Once copies of CVs, passports and ID documents are no longer required, they should be deleted.
As a general rule, copies of passports and ID documents should not be stored for more than three months.
Hopefully, these simple tips are a helpful reminder of how to handle passports, ID documents and CVs with care. Please spread the word among your colleagues.
Further information on data privacy at CERN can be found on the ODP website or obtained from your Departmental Data Privacy Coordinator.