Changes between Version 1 and Version 2 of gdpr/logging_policy


Ignore:
Timestamp:
Oct 1, 2019 8:06:07 AM (7 weeks ago)
Author:
Meeh
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • gdpr/logging_policy

    v1 v2  
    2121“The processing of personal data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems, […] by providers of electronic communications networks and services and by providers of security technologies and services, constitutes a legitimate interest of the data controller concerned. This could, for example, include preventing unauthorised access to electronic communications networks and malicious code distribution and stopping ‘denial of service’ attacks and damage to computer and electronic communication systems.”
    2222
    23 === LTDR, Summary ===
     23=== TLDR, Summary ===
    2424
    2525Logs can be kept for 1 day, 24hrs in the purpose of detecting crawlers, DOS attacks and such, beyond that it should be deleted as the service is ran in the name of the organization.