Iidilesi ze-imeyile kunye nobubanzi be-GDPR. Inkqubo yokuKhuselwa kweDatha ngokubanzi

Kwi 25th kaMeyi, umGaqo-nkqubo oKhuselekileyo woKhuseleko lweDatha (i-GDPR) uza kuqala ukusebenza. Ngokufakelwa kwe-GDPR, ukukhuselwa kweenkcukacha zobuqu kuya kuqala ukubaluleka. Iinkampani kufuneka zithathele ingqalelo ngemithetho engqongqo ngakumbi malunga nokhuseleko lwedatha. Nangona kunjalo, imibuzo eyahlukeneyo iphakama ngenxa yokufakelwa kwe-GDPR. Kwiinkampani, kunokuba kungacacanga ukuba yeyiphi idatha ethathwa njengedatha yobuqu kwaye iwele phantsi komgangatho we-GDPR. Oku kunjalo ngeedilesi ze-imeyile: Ngaba idilesi ye-imeyile ithathwa njengedatha yobuqu? Ngaba iinkampani ezisebenzisa iidilesi ze-imeyile ziphantsi kwe-GDPR? Le mibuzo iza kuphendulwa kweli nqaku.

Idatha yakho

Ukuze uphendule umbuzo wokuba ngaba idilesi ye-imeyile ithathwa njengedatha yobuqu, igama elithi iinkcukacha zobuqu kufuneka lichazwe. Eli gama licacisiwe kwi-GDPR. Ngokusekwe kwinqaku le-4 sub GDPR, ulwazi lomntu buqu lithetha naluphi na ulwazi olunxulumene nomntu ochongiweyo okanye owaziwayo. Umntu wendalo owaziwayo ngumntu onokuchongwa, ngokuthe ngqo okanye ngokungathanga ngqo, ngokubhekisele kwisazisi esinegama, inombolo yokuchonga, idatha yendawo okanye isikhombi esise-intanethi. Idatha yobuqu ibhekisa kubantu bendalo. Ke, ulwazi malunga nabantu abaswelekileyo okanye amaziko asemthethweni awuthathwa njengedatha yobuqu.

Iidilesi ze-imeyile kunye nobubanzi be-GDPR

Idilesi yemeyile

Now that the definition of personal data is determined, it needs to be assed if an email address is considered to be personal data. Dutch case law indicates that email addresses could possibly be personal data, but that this is not always the case. It depends whether or not a natural person is identified or identifiable based on the email address.[1] The way persons have structured their email addresses has to be taken into account in order to determine whether the email address can be seen as personal data or not. A lot of natural persons structure their email address in such a way that the address has to be considered personal data. This is for example the case when an email address is structured in the following way: firstname.lastname@gmail.com. This email address exposes the first and last name of the natural person that uses the address. Therefore, this person can be identified based on this email address. Email addresses that are used for business activities could also contain personal data. This is the case when an e-mail address is structured in the following way: initials.lastname@nameofcompany.com. From this email address can be derived what the initials of the person using the email address are, what his last name is and where this person works. Therefore, the person using this email address is identifiable based on the email address.

An email address is not considered to be personal data when no natural person can be identified from it. This is the case when for example the following email address is used: puppy12@hotmail.com. This email address does not contain any data from which a natural person can be identified. General email addresses that are used by companies, like info@nameofcompany.com, are also not considered to be personal data. This email address does not contain any personal information from which a natural person can be identified. Moreover, the email address is not used by a natural person, but by a legal entity. Therefore, it is not considered to be personal data. From Dutch case law can be concluded that email addresses can be personal data, but this is not always the case; it depends of the structure of the email address.

Kukho ithuba elihle lokuba abantu bendalo banokuchongwa ngedilesi ye-imeyile abayisebenzisayo, eyenza iidilesi ze-imeyile idatha yobuqu. Ukulungiselela iidilesi ze-imeyile yeklasi njengedatha yobuqu, akunandaba ukuba inkampani iyazisebenzisa ngokwenene iidilesi ze-imeyile ukuze ichonge abasebenzisi. Nokuba inkampani ayisebenzisi iidilesi ze-imeyile ngenjongo yokuchonga abantu ngokwendalo, iidilesi ze-imeyile apho abantu banokuchongwa khona basenokuthathwa njengedatha yobuqu. Ayisiyo yonke intsebenzo yezobuchwephesha okanye eyonxibelelwano phakathi komntu nedatha eyaneleyo ukuze umntu aqokelele idatha njengedatha yakhe. Ukanti, ukuba kunokwenzeka ukuba zikho iidilesi ze-imeyile zinokusetyenziswa ukuze zichonge abasebenzisi, umzekelo ukufumana iimeko zobuqhetseba, iidilesi ze-imeyile ziqwalaselwa njengezolwazi lomntu. Kule, akunandaba nokuba inkampani ihlose ukusebenzisa iidilesi ze-imeyile ngenxa yesi sizathu. Umthetho uthetha ngedatha yobuqu xa kunokwenzeka ukuba idatha ingasetyenziselwa injongo echaza umntu onjalo. [2]

Idatha yobuqu ekhethekileyo

Ngelixa iidilesi ze-imeyile zithathwa njengezona datha zobuqu kuninzi lwexesha, azizizo iinkcukacha ezikhethekileyo zobuqu. Idatha ekhethekileyo yomntu yidata eyazisa ulwazi lobuzwe okanye imvelaphi yobuhlanga, izimvo zopolitiko, iinkolo zenkolo okanye intanda-bulumko okanye ubulungu bezorhwebo, kunye nedatha yemfuzo okanye yebhayometri. Oku kuvela kwinqaku le-9 GDPR. Kwakhona, idilesi ye-imeyile iqulethe ulwazi oluphantsi koluntu kunokuba umzekelo idilesi yasekhaya. Kunzima ngakumbi ukufumana ulwazi kwidilesi ye-imeyile yomntu kunedilesi yakhe yekhaya kwaye kuxhomekeke kwinxalenye enkulu yomsebenzisi kwidilesi ye-imeyile ukuba kungenjalo idilesi ye-imeyile ayenziwa esidlangalaleni. Ngaphaya koko, ukufunyanwa kwedilesi ye-imeyile ebekumele ukuba ihlala ifihliwe, kuneziphumo ezibi kakhulu kunokufumana idilesi yasekhaya ebekumele ukuba ifihliwe. Kulula ukutshintsha idilesi ye-imeyile kunedilesi yasekhaya kunye nokufumanisa idilesi ye-imeyile kunokukhokelela ekunxibelelaneni kwidijithali, ngelixa ukufumanisa idilesi yasekhaya kungakhokelela ekunxibelelaneni ngokwakho. [3]

Ukulungiswa kwedatha yobuqu

Sifumene ukuba iidilesi ze-imeyile ziqwalaselwa njengezona nkcukacha zihamba nexesha elininzi. Nangona kunjalo, i-GDPR isebenza kuphela kwiinkampani ezenza idatha yobuqu. Ukuqhubekeka kwedatha yobuqu ikhona kuzo zonke iintshukumo ngokubhekisele kwidatha yomuntu siqu. Oku kuchazwa ngakumbi kwi-GDPR. Ngokwesiqendu 4 sub 2 GDPR, ukulungiswa kwedatha yobuqu kuthetha naluphi na umsebenzi owenziwayo kwidatha yobuqu, nokuba ayizenzeki okanye ayizenzeki. Imizekelo yingqokelela, ukurekhoda, ukucwangcisa, ukwakha, ukugcina kunye nokusebenzisa idatha yobuqu. Xa iinkampani zenza imisebenzi esele ikhankanyiwe malunga nedilesi ye-imeyile, zilungisa idatha yobuqu. Kwimeko enjalo, ziphantsi kwe-GDPR.

isiphelo

Ayizizo zonke iidilesi ze-imeyile ezithathwa ngokuba ziziqu zakho. Nangona kunjalo, iidilesi ze-imeyile zithathwa njengedatha yobuqu xa zinikezela ngolwazi oluchazayo malunga nomntu wendalo. Iidilesi ezininzi ze-imeyile zilungelelaniswe ngendlela umntu yendalo osebenzisa idilesi ye-imeyile anokuchongwa ngayo. Le yimeko xa idilesi ye-imeyile inegama okanye indawo yomsebenzi yendalo. Ke, iidilesi ezininzi ze-imeyile ziya kuqwalaselwa njengedatha yomntu. Kunzima kwiinkampani ukwenza umahluko phakathi kweedilesi ze-imeyile ezijongwa njengedatha yomntu kunye nedilesi ye-imeyile engeyiyo, kuba oku kuxhomekeke ngokupheleleyo kubume bedilesi ye-imeyile. Ke ngoko, kukhuselekile ukuba iinkampani ezenza inkcukacha zobuqu, ziya kuza zidilesi ze-imeyile ezijongwa njengedatha yobuqu. Oku kuthetha ukuba eziinkampani ziphantsi kwe-GDPR kwaye kufuneka zisebenzise umgaqo-nkqubo wabucala ohambelana neGDPR.

[1] ECLI: NL: I-GHAMS: 2002: AE5514.

[2] Kamerstukken II Ngo-1979/80, 25 892, 3 (MvT).

[3] ECLI: NL: I-GHAMS: 2002: AE5514.

isabelo