Deleting Personal Data
There comes a time when you want to get rid of personal data in your possession. The key thing to remember here is that the personal data is your responsibility until it is effectively destroyed.
With that in mind, it should be clear that you cannot simply put data, for example photocopies of passports or other personal information, in the waste paper rubbish. You must find a way of ensure the papers are destroyed whether by having a secure destruction method that you have access to or calling the appropriate Service for destroying confidential papers at CERN.
By analogy for electronic information, simply leaving a computer or disk in an office may leave the data on the disk, like leaving the papers in the waste bin. All personal data must be destroyed on any medium (disk, usb key etc) when you no longer need it.
Finally, when personal data have been deemed to be destroyed, should any copies be discovered, for example on a backup system, then the data should be immediately destroyed from the backup, or in any event not processed again and finally destroyed whenever practicable.
In case a Service Owner receives a subject access request concerning the right to deletion, in principle the request should be granted if:
- The Data Subject withdraws consent and processing was based on consent;
- The data were collected in the legitimate interests of the Organisation and those interests cannot be considered as core to the purpose of the Organisation;
- The data were collected and processed not in compliance with OC11;
- The data are no longer necessary for the originally stated purpose and there is no compatible ongoing purpose.
- There is no ongoing processing for which there is an appropriate legal basis (e.g retaining information to fulfil contractual or legal obligations)
In general the request should not be granted if the data are part of journalistic publications.
The following situations should always be referred to the ODP:
- There are archiving interests or scientific or historical research purposes to keep these data;
- The Data Subject is claiming harms arising from the processing;
- When Data Subjects may ask that search engines remove certain results about them (without the underlying documents/data being removed). Service owners in charge of search engines running at CERN should be prepared to execute valid requests locally and may refer Data Subjects to external search engines such as Google (https://www.google.com/webmasters/tools/legal-removal-request?complaint_... and https://transparencyreport.google.com/eu-privacy/overview?hl=en) for more complete removal (de-listing).