GDPR Data processing modelAccess control by biometric authentication in the workplace

By: Ludwig Karneth

PrivatePublicGeneral options

This processing model relates to access control to premises as well as access control to business IT devices and applications.

Purposes (2)

A purpose is the objective pursued by the setting up of your file. It indicates what the processing of personal data will be used for, its purpose. This purpose must be clear and understandable

Premises access control

Limitatively identified by the organization as requiring restricted movement

Legitimate interest

Access control for professional IT devices and applications

Limitatively identified organization

Legitimate interest

Data categories (3)

Personal data is any information relating to an identified or identifiable natural person. A natural person can be identified either directly (eg surname and first name) or indirectly (eg phone number, social security number, email or postal address, but also voice or image)

Data generated by the device: logging access to work tools

Data details

Authentication number or individual media numberrequired

Access attempt timestamprequired

Devices or applications concernedrequired

Data conservation rules

Active base:

The access logging data produced by the biometric device cannot be stored in the active database for more than six months from the date of registration. This does not, however, prevent them from being kept in an intermediate archive separate from the active database, with restricted access, insofar as there are specific legislative or regulatory provisions, or if these data would be of interest in the event of litigation, justifying keeping them for the duration of the applicable prescription/forclusion rules.

Data generated by the device: premises access logging

Data details

Authentication number or individual media numberrequired

Access attempt timestamprequired

Access usedrequired

Data conservation rules

Active base:

Data entered by the employer or its agents

Data details

Authorized access times and conditionsrequired

Devices or applications concernedrequired

Authorized access, zones and time slotsrequired

Identity or company name of the person (natural or legal) acting as employerrequired

Graderequired

Corps ou service d'appartenancerequired

Internal registration numberrequired

Authentication number or individual media numberrequired

Raw record of biometric feature and template(s) of one or more biometric features

requiredsensitive data

Photography

required

First namerequired

name

required

Data conservation rules

Active base:

Raw recordings (photo, audio recording, etc.) of the biometric feature can only be processed for the time required to calculate the template(s): they cannot therefore be stored.derived biometric data can only be stored in the form of encrypted templates that do not allow the original biometric feature to be recalculated. They may only be kept for as long as the person concerned has been authorized, and must be deleted if authorizations are withdrawn or if the person concerned ceases to work for the employing organization

Destruction

Data subject (1)

A data subject is any person whose data is collected, retained or processed by the data processing. e.g. In a recruitement process, any candidate for a position proposed in recruitement management process