KORDEUS PAX - Data privacy analysis: Difference between revisions
Jump to navigation
Jump to search
Stefanseiler (talk | contribs) |
Stefanseiler (talk | contribs) No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 104: | Line 104: | ||
! style="text-align:left;" |Processor | ! style="text-align:left;" |Processor | ||
|Gets access to this information and keeps it for regulatory and legal litigation purposes. | |Gets access to this information and keeps it for regulatory and legal litigation purposes. | ||
|Data is | |Data is partially appropriated as far as local transactions require them, but will actively be anonymized or deleted after the regulatory period has passed. | ||
|- | |- | ||
! style="text-align:left;" |Consumer | ! style="text-align:left;" |Consumer | ||
|Gets temporary access to this information, but only as long as the party requires it. | |Gets temporary access to this information, but only as long as the party requires it. | ||
|'''Data will only be stored in temporary cache files and will be refetched, if | |'''Data will only be stored in temporary cache files and will be refetched, if cache expires prematurely (depending on strictness of cache-settings)''' | ||
|} | |} | ||
| Line 114: | Line 114: | ||
* [[Kordeus.PAX]] | * [[Kordeus.PAX]] | ||
* [[Kordeus PAX data zones and appropriation]] | |||
* [[Travel assistance service request]] | * [[Travel assistance service request]] | ||
Latest revision as of 15:28, 26 January 2026
A travel assistance service requests holds these data domains, which are each handled differently due to the ownership and sensitivity of contained information:
| O=Owner, P=Processor, C=Consumer | Ownership & Storage | Sensitivity | Details | |||
|---|---|---|---|---|---|---|
| Agent | PAX | OC | Del.P. | |||
| Unstructured Communication | ||||||
| PAX with OC | O | P | high | May contain sensitive information | ||
| Agent with OC | O | P | high | Agent is acting on behalf of the PAX! May contain sensitive information | ||
| Case structured data | ||||||
| Travel Group information | O | C | C | C | normal | |
| Personal information | P | O | P | C | high | May contain sensitive information |
| Medical information | P | O | P | C | very high | Contains also information on medical decision process |
| Journey Information | P | O | P | C | normal | Shared ownership, based on transport contract |
| Request management data | C | C | O | P | normal | This holds the case decision process and associated meta-information |
| Delivery information | ||||||
| Delivery requests & instructions | O | P | high | May contain sensitive information | ||
| Delivery status information | O | P | normal | LH ownership, due to service contract | ||
Data processing roles
| Access | Storage | |
|---|---|---|
| Owner | Has permanent (physical and logical access to the information) | permanent (database) |
| Processor | Gets access to this information and keeps it for regulatory and legal litigation purposes. | Data is partially appropriated as far as local transactions require them, but will actively be anonymized or deleted after the regulatory period has passed. |
| Consumer | Gets temporary access to this information, but only as long as the party requires it. | Data will only be stored in temporary cache files and will be refetched, if cache expires prematurely (depending on strictness of cache-settings) |