- GIODO to check nasza-klasa.pl social networking website
- The Act of 29 August 1997 on the Protection of Personal Data (unified text: Journal of Laws of 2002 No. 101 item 926 with amendments)
- nasza-klasa.pl social networking website - inspection results presented at the press conference
- Privacy Policy http:// www.giodo.gov.pl
- Amendment to the act
- Spring Conference of European Data Protection Authorities
Press Conference of the Inspector General for Personal Data Protection
Does the Warsaw Transport Authority (ZTM) collect too much data from passengers? Is the monitoring by ZTM of everyday route of passengers too big an interference in their privacy?
On 8 July 2009, Michał Serzycki, the Inspector General for Personal Data Protection, organised the Press Conference devoted to the recently conducted inspection at the Warsaw Transport Authority (ZTM) terminated with an administrative decision.
In its decision, GIODO ordered ZTM to remedy the negligence in personal data processing consisting in collecting too much passenger data by ZTM; in particular it emphasised the need to stop collecting the number of an individual travelcard each time it is read by the card reader, if not only activation of the travelcard takes place. The Inspector General ordered the Warsaw Transport Authority not to collect too much passenger data, among others geolocation data, and to store images of persons no longer than necessary for achieving the purpose of the processing of such data, i.e. till the issuance of the individual travelcard. In its decision, GIODO also ordered ZTM to specify the periods envisaged for erasure of data collected from the requests for individual travelcard’s issuance.
During the Conference, the Inspector General for Personal Data Protection stressed that PESEL number (Personal Identification Number) could be collected exclusively with the data subject’s consent; however, it mustn’t be placed on the individual travelcard, but only in computer systems for the purposes of unambiguous identification of travelcard’s owner by ZTM. Stealing or losing the individual travelcard containing PESEL number could lead to the individual travelcard owner’s identity theft.
At the end of the Conference, GIODO emphasised that ZTM was not an institution whose task was tracking the citizens and therefore the collection of travelcards owners’ geolocation data for the performance of the carrier’s statutory tasks constituted too big an interference in the privacy of individual travelcard’s users.