Topics In Demand
Notification
New

No notification found.

Re: Would an employee's official email ID constitute personal data?
Re: Would an employee's official email ID constitute personal data?

May 3, 2018

1794

0


Listen to this article



 

 

Official/corporate emails – Yes, in most of the cases. However it depends on the nomenclature – while your example suggests using the name to create the email address which is a general practice, the email itself has Personally Identifiable Information.

Personal data is defined by the as “any information relating to an identified or identifiable natural person.”1 This broad definition encompasses work email addresses containing the business partner’s name or any business contact information tied to or related to an individual, such as the individual’s name, job title, company, business address, work phone number, etc. In contrast, personal data does not include generic business names, business addresses, generic email addresses or any other general business information, as long as this information has not been linked to an individual. So, for example, “rickyjha@abc.com” would most likely be considered “personal data” governed by the GDPR whereas “contact@acme.com” would not.

 

What do you need to do with your emails :

  1. Make it generic and tie it with non name based nomenclature , such as empid@domain.com
  2. In case you have such emails (like what you mentioned) – keep them secure, encrypted and on a DSAR you should be able to either Purge or Archive it
  3. Treat them just like a contact information and your risk parity should be fine

 


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.