MU Libraries

Česky

Information on the processing and protection of personal data in the library system

In accordance with Art. 13 and 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – hereinafter GDPR – Masaryk University hereby informs data subjects, i.e. persons registered in the MU library system, on the conditions under which their personal data are being processed within the MU library system services.

Personal Data Controller

The controller of the personal data of data subjects, i.e. the person who determines the purpose and means of processing personal data, carries out the processing and is responsible for it, is

Masarykova univerzita, Žerotínovo nám. 617/9, 601 77 Brno
ID No.: 00216224, VAT ID No.: CZ00216224,
data box ID: 9tmj9e4.

Information on the processing of personal data at Masaryk University is available on the official notice board on the Personal Data Protection page.

Data Protection Officer

MU Data Protection Officer is Mgr. Iva Zlatušková,

You can contact the Data Protection Officer if you have any questions or concerns related to the processing and protection of your personal data.

Purposes for which we process personal data

MU Libraries process personal data for the purpose of providing library, information, and other services to users and informing users about these services, as well as for the purpose of protecting property and library collections.

Categories of persons whose personal data we process

Masaryk University processes the personal data of Masaryk University employees and students, as well as other users who have registered for MU library services.

Categories of personal data processed

MU libraries process users' personal data to the following extent:

  • contact details (postal addresses, email addresses, and telephone numbers, if applicable),
  • user identifiers (UČO, barcode number, and university chip card number),
  • the user's relationship to MU (student, employee, external contractor, etc.),
  • history and current status of user obligations to MU libraries (requests, loans, reservations, fees).

Legal reasons for personal data processing

MU Libraries process users' personal data on the basis of a service agreement in accordance with the General Data Protection Regulation (EU) 2016/679.

Personal data transfer

The personal data controller does not transfer processed personal data from the MU library system to third parties, abroad, or to international organizations..

Personal data storage period

The library stores personal data for a maximum of 24 months after the termination of the contract and the settlement of all obligations of the data subject towards MU. After that, personal data is deleted (name, user contact details, etc.) or anonymized (history of library unit loans for statistical purposes, etc.).

Personal data protection

Personal data is stored in such a way as to prevent access by unauthorized persons. Access to personal data is restricted to employees who work with it as part of their job duties.

Personal data in electronic form is stored by the MU libraries in an automated library system. Access to this data is protected by a system of access accounts, passwords, and rights set to the extent necessary for the performance of the work tasks of individual employees.

Data Subjects’ rights

Users can access their personal data after logging into their personal account in the MU library system.

According to the General Data Protection Regulation, data subjects have the right to:

  • request access to their personal data if the conditions set out in Article 15 of the General Regulation are met
  • request their correction or deletion if the conditions set out in Articles 16 and 17 of the General Regulation are met
  • request restriction of processing if the conditions set out in Article 18 of the General Regulation are met
  • object to the processing of personal data concerning them if the conditions set out in Article 21 of the General Regulation are met.

Exercise of Data Subjects' rights

The data subject is entitled to exercise their rights under the General Regulation against the controller,
either:

  • by a written request with an officially certified signature, or on the basis of an officially certified power of attorney, sent to Masaryk University, Data Protection Officer, Žerotínovo nám. 9, 601 77 Brno, or
  • by sending a request to the Masaryk University data box, MU data box ID: 9tmj9e4, or
  • by sending a request in the form of an e-mail message bearing at least a recognised electronic signature of the applicant to the following address: dpo@muni.cz, or
  • by sending a request in the form of an e-mail message from the MU institutional electronic address to the following address: dpo@muni.cz.

Details on the procedure and formalities are provided in Information for Data Subjects on the Exercise of their Rights.

The right to lodge a complaint with the competent supervisory authority

Data subjects shall be entitled to lodge a complaint concerning personal data processing to the competent supervisory authority.
Contact:

The Office for Personal Data Protection / Úřad pro ochranu osobních údajů
address: Pplk. Sochora 27, 170 00 Prague 7, phone: +420 234 665 111, website: www.uoou.cz

You are running an old browser version. We recommend updating your browser to its latest version.

More info