One type of personal data is necessary to provide the technical services of PA, and these data are automatically generated by PA's IT system. The system records data about both registered and non-registered users, for example the internet address users are visiting the PA website from, or the date, length and frequency of the visits. Due to the nature of the internet, such kinds of personal data can be monitored and analyzed by third parties, too.
The other type of personal data comprises information given by the users about themselves, either explicitly or implicitly, when registering to or using the services of PA. These include the personal profile given by the user himself and the conclusions that can be drawn from the content of the uploaded documents, comments, and other kinds of posted information. Such conclusions can be drawn by OSA, the users of PA, and third parties monitoring communications, alike.
Use of Personal Data
OSA limits the range of recorded data which is technically necessary to provide the service to the minimum required by the IT system and by law. After the expiration of the data retention period prescribed by legal provisions, OSA will irreversibly delete these data. The second type of information is provided by the users themselves, including their personal profile which they can edit, change, and optionally keep private; there are no required fields on the personal profile page. The minimum requirements for registration are: username, e-mail, password. OSA does not check the authenticity of the data provided by the users about themselves.
OSA will use neither the personal data relating to the technical use of the services, nor the personal data relating to uploaded, posted, or retrieved content for purposes other than providing and developing the PA services. OSA will not forward, share, sell, or trade any personal data to third parties, except as required by law.
Technical Processing of Data
OSA does not employ a technical data processor; all technical services, including the hosting of the PA servers are provided by the Central European University, of which OSA is an organizational unit. The physical storing and processing of data is taking place in Budapest, Hungary, at the headquarters of CEU. Further information about the data processing in PA, and about personal data recorded about the person concerned, can be requested in writing via e-mail: contact at ceu.hu or snail mail: Nador u. 9, 1051 Budapest, Hungary.
Information Relating to Third Persons
The documents uploaded to the PA repository or information sent to PA Forums, as well as annotation, comments, or other types of information, typically contain personal data relating to so-called third persons (other than the user and the service provider). In the ideal case, such data and documents are uploaded and made available to visitors to the PA website on the basis of the informed consent of the persons concerned. In practice, however, this is not always feasible. Therefore the users of PA must ensure and be held responsible that the rights relating to the personhood and personal data of the individuals concerned will not be violated, neither from the legal, nor from the ethical perspective.
In the case that a person whose data are included in an uploaded document or other type of information in the PA system, or his close relative, requests, OSA will remove these data and documents from the publicly available domain of PA. OSA will not judge the justifiedness of such requests.
OSA is subject to Hungarian and, in a broader sense, EU data protection law, and it will observe the provisions of these laws. In other countries from where users join PA the level of protection of personal data may be lower, however the OSA guarantees that the Hungarian/EU level of protection will be maintained in the PA services and IT system.
Please also read our:
Last edited March 2010.