The UNSSC is committed to protecting individual privacy and securing the personal information processed by the UNSSC. As an international organization belonging in the United Nations System, the UNSSC enjoys privileges and immunities and is not bound by privacy and data protection regulations enacted by nation States, including the EU’s General Data Protection Regulation (GDPR).
The UNSSC processes personal data in accordance with the Personal Data Protection and Privacy Principles adopted by the UN High-Level Committee on Management (HLCM) at its 36th Meeting on 11 October 2018, and this document.
The UNSSC defines personal data as “information relating to an identified or identifiable natural person (“data subject”). The UNSSC uses the term “data processing” to describe all the activities associated with the handling of personal data, including collection, storage, usage, transfer, and disposal.
On this basis, the UNSSC processes personal data in accordance with the following principles:
Fair and Legitimate Processing
The UNSSC processes personal data in a fair manner, in accordance with its mandate and on the basis of any of the following:
Personal data should be processed for one or more specific purposes(s), consistent with the UNSSC’s mandate and considering the balancing of relevant rights, freedoms and interests. Personal data should not be processed in a way incompatible with such purpose(s). The UNSSC may process personal data to provide information to the users of its learning platform, such as new training opportunities and event. It may also use personal data to perform data analytics to understand, support and optimize the learning experience.
Proportionality and Necessity
The processing of personal data should be relevant, adequate and limited to what is necessary in relation to the specified purpose(s) of personal data processing. For example, if you apply to work at the UNSSC, we will not use your data in any other context.
Personal data should be retained only for the time that is necessary for the specified purpose(s).
Personal data should be accurate and, where necessary, up to date to fulfil the specified purpose(s).
Personal data should be processed with due regard to confidentiality.
The UNSSC should implement appropriate organizational, administrative, physical and technical safeguards and procedures to protect the security of personal data, including against or from unauthorized or accidental access, damage, loss or other risks presented by data processing.
Processing of personal data should be carried out with transparency to the data subjects, as appropriate and whenever possible. This should include, for example, provision of information about the processing of their personal data as well as information on how to request access, verification, rectification, and/or deletion of that personal data, insofar as the specified purpose for which personal data is processed is not frustrated.
In carrying out its mandated activities, the UNSSC may transfer personal data to a third party, provided that, under the circumstances, the UNSSC satisfies itself that the third party affords appropriate protection for the personal data.
The Legal Officer is the focal point for data protection and privacy issues, and it provides advice to ensure that personal data is processed in accordance with the above principles.
Privileges and Immunities
Should you have any questions or concerns about the protection or processing of your personal data by the UNSSC, please contact the UNSSC at firstname.lastname@example.org