http://wiki.privacy-now.eu/en/api.php?action=feedcontributions&feedformat=atom&user=CbissoPrivacy-Now - User contributions [en]2026-05-14T13:44:37ZUser contributionsMediaWiki 1.30.0http://wiki.privacy-now.eu/en/index.php?title=Consents&diff=712Consents2018-10-19T10:28:00Z<p>Cbisso: /* Bulk operations on consent records */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is selected.<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''consent type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Date</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=709Consents2018-10-19T09:51:28Z<p>Cbisso: /* Bulk operations on consent records */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is selected.<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''consent type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=708Consents2018-10-19T09:51:17Z<p>Cbisso: /* Bulk operations on consent records */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is selected.<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''consent type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=707Consents2018-10-19T09:23:39Z<p>Cbisso: /* Consent Mail Structure and Procedure */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is selected.<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newsletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''conset type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=706Consents2018-10-19T08:14:44Z<p>Cbisso: /* Warning and alerts */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is selected.<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''conset type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=705Consents2018-10-19T07:43:52Z<p>Cbisso: /* Warning and alerts */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the current ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is set to "true"<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''conset type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=704Consents2018-10-18T15:17:32Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Settings#Consents Source Details|Consents Source Details]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set manually or automatically. It can be set automatically by bulk import from xlsx.<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Is possible to select only one ''consent type'' and one ''consent subject'' for each ''consent'' record.<br />
When the ''consent type'' is selected/updated the following fields could be automatically updated too (check details in table below).<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consent Expires</u>||At record insert/update: the value of this field will be set to "Yes" if selected ''consent type'' <u>Duration (days)</u> is > 0, otherwise "No".<br />
|-<br />
|<u>Consent Last Update</u>||At record insert/update: The value of this field will be set to current date and time.<br />
|-<br />
|<u>First Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>First Warning (days)</u>.<br />
|-<br />
|<u>Second Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Second Warning (days)</u>.<br />
|-<br />
|<u>Final Consent Warning</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Third Warning (days)</u>.<br />
|-<br />
|<u>Retention Deadline</u>||This field is updated only if <u>Consent Expires</u> is set to "yes", otherwise not. At record insert/update: The value of this field will be set to current date + days specified in <u>Retention Period (days)</u>.<br />
|}<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
A ''consent'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Each ''consent'' will be set as an expiring consent or not depending from the property <u>Duration (days)</u> of selected ''consent type'':<br />
* <u>Duration (days)</u> = 0: in this case the current ''consent'' will never expire and <u>'''no warning will be raised'''</u>.<br />
* <u>Duration (days)</u> > 0: in this case the consent ''consent'' will expire and will be possible to configure four levels of warning.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Code</u>||The value of this field shall be an integer and shall be univocal. It is the matching code used by Privacy Now® to automatically acquire ''consent'' from external system.<br />
|-<br />
|<u>Consent Type</u>||The value of this field shall be univocal. It is the name of ''consent type'' (i.e.: "Newsletter").<br />
|-<br />
|<u>Description</u>||Description of ''consent type''.<br />
|-<br />
|<u>Duration (days)</u>||The value of this field shall be an integer >= 0. It is used by Privacy Now® mainly to set current ''consent'' record as expiring ''consent'' or not.<br />
|-<br />
|<u>First Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the first warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Second Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the second warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Third Warning (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the third warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Retention Period (days)</u>||The value of this field shall be an integer >= 0. It will be used to evaluate the last warning threshold in case current ''consent'' is an expiring one.<br />
|-<br />
|<u>Web Site URL</u>||The value of this field will be the URL of front-end web site area to allow the ''data subject'' management of their ''consent'' (renew or revoke). It will be used in warning email sent by Privacy Now® to ''data subject'' in case the below option <u>Send Warning to Data Subject</u> is set to "true"<br />
|-<br />
|<u>Send Warning to Data Subject</u>||This field shall be set to "true" if consent record for selected ''consent type'' shall cause warning sending to ''data subject'' too, otherwise the warning will be sent only to receivers set into <b>''Settings\Application Settings''</b> (see the paragraph dedicated to [[Settings#Notification Settings|Consents Warnings Recipients ]]).<br />
|}<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Consents Import ==<br />
Privacy-Now® allows to acquire ''consents'' from external source (using structured email or xlsx file).<br />
<br />
=== Consent Mail Structure and Procedure ===<br />
Privacy-Now® can be connected to a mailbox to acquire ''consents'' (see the paragraph dedicated to [[Settings#Consents Source Details|Consents Source Details]]).<br />
<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example of a well structured email:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
== Bulk operations on consent records ==<br />
Privacy Now® allows the bulk management of ''consent'' from <b>''Consents\Manage Consents from xlsx''</b>.<br />
[[File:Consent bulk import - xlsx example.jpg|centre|thumb|800x800px|Consents bulk management.]]<br />
<br />
Use below template to perform following bulk operations:<br />
<br />
[[File:Consent Import Template.xlsx|centre|thumb|800x71px|Consents management template.]]<br />
<br />
<br />
<br />
The operations allowed are:<br />
* "insert": Insert/Update of ''consents''<br />
The data in current xlsx row will be updated on an existing ''consent'' if system match it univocally by ''conset type'' code, ''data subject'' <u>email</u> and ''source'', otherwise a new ''consent'' will be created.<br />
If ''data subject'' is not found: it will be created.<br />
<br />
* "remove": Removal of ''consents''<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be removed.<br />
<br />
* "wrongemail": Move ''consents'' in status "Wrong Email"<br />
The ''consent'' matched by ''consent type'' code, ''data subject'' <u>email</u> and ''source'' will be moved in "Wrong Email" status. Only consent in "Valid" status can be moved in "Wrong Email" status.<br />
<br />
<br />
<br />
The details of expected xlsx structure is explained in following table: for each operations is detailed which are the mandatory data. <br />
<br />
{| class="wikitable"<br />
! Field !! Description!!Insert/Update!!Remove!!Move to "Wrong Email"<br />
|-<br />
|<u>Id</u>||Univocal Id of ''Data Subject'' in Privacy Now®.||Optional||Optional||Optional <br />
|-<br />
|<u>Name</u>||Name of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Surname</u>||Surname of ''Data Subject'' in acquiring system.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Email</u>||Email of ''Data Subject'' in acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Phone</u>||Phone of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>City</u>||City of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Province/State</u>||Province/State of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Country</u>||Country of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Username</u>||Login of ''Data Subject'' in acquiring system.||Optional||Optional||Optional<br />
|-<br />
|<u>Consent</u>||<u>Consent Type Code</u> to be granted to imported ''Data Subject'' (defined in Privacy Now®).||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Value</u>|| <u>Consent Value</u> given by ''Data Subject'' for the imported <u>Consent Type</u>. The value could be "1" (''consent'' granted) or "0" (''consent'' not granted).||Mandatory||Optional||Optional<br />
|-<br />
|<u>Data</u>||''consent'' date.||Mandatory||Optional||Optional<br />
|-<br />
|<u>Description</u>||record description.||Optional||Optional||Optional<br />
|-<br />
|<u>Service</u>||Privacy Now® ''service'' used as import target.||Optional||Optional||Optional<br />
|-<br />
|<u>Lang</u>||''Data Subject'' selected language.||Optional||Optional||Optional<br />
|-<br />
|<u>uid</u>||Univocal Id of ''Data Subject'' in acquiring system.||Optional||Optional||Optional <br />
|-<br />
|<u>Source</u>||A key word defining univocally the acquiring system.||Mandatory||Mandatory||Mandatory<br />
|-<br />
|<u>Operation</u>||This field specify which is the operation expected for current xlsx record: "insert", "remove" or "wrongemail"||Mandatory||Mandatory||Mandatory<br />
|}<br />
<br />
A ''consent'' can be removed individually from Application Settings (see the paragraph dedicated to [[Settings#Utility|Appication Settings - Utility]]).</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=638Settings2018-10-15T08:19:04Z<p>Cbisso: /* Application settings */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Types'''''|| The type of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source of ''consent''. Could be a website name or the name of the company. <br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''Notification Settings''</u><br />
* <u>''Utility''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identify the ''service name'' and the <u>Subscription id</u> they have subscribed and the current status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|-<br />
|<u>Consents Matching Mail </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|}<br />
<br />
==== Consents Source Details ====<br />
This section allows to configure the mailbox to import ''consents'' in current Privacy-Now® environment.<br />
<br />
The front-end web site shall be able to gather ''consents'' and send them to this mailbox as a structured email (described in next chapter).<br />
<br />
Each correctly parsed email will generate one or more ''consents'' in current Privacy-Now® environment.<br />
<br />
IMPORTANT WARNING: IS STRONGLY RECOMMENDED TO CREATE A BACKUP MAILBOX TO STORE ALL THE EMAIL (TO BE FORWARDED FROM MAIN MAILBOX) BECAUSE PRIVACY-NOW® WILL DELETE THEM DURING PARSING PROCESS.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Host</u>|| This field shall be filled with the mailbox server address.<br />
|-<br />
|<u>Port</u>|| This field shall be filled with the mailbox server port.<br />
|-<br />
|<u>Username</u>|| This field shall be filled with the mailbox login.<br />
|-<br />
|<u>Password</u>|| This field shall be filled with the mailbox password.<br />
|-<br />
|<u>Email</u>|| This field shall be filled with the email.<br />
|-<br />
|<u>Protocol</u>|| This field shall be filled with the mailbox server protocol (available: "POP3", "IMAP", "POP3S", "IMAPS").<br />
|-<br />
|<u>Status</u>|| This field contains values: "Active", "Inactive". When it will be saved in "Active": Privacy-Now® will start to download and elaborate all the email.<br />
|}<br />
<br />
==== Expected Consent Mail Structure and Procedure ====<br />
A ''consent'' email shall contain the following parameters (one for each row): some of them are mandatory, while some other optional (check the detailed description of each one).<br />
The email format shall be '''plain text''' (HTML email will not be processed correctly) and shall not contain any signature.<br />
<br />
Each mail shall contain one or more ''consent''. Each ''consent'' is manageable only if 3 parameters are present and valorized: <u>Consent_'''[consent name]'''</u> , <u>Value_'''[consent name]'''</u> and <u>Date_Time_'''[consent name]'''</u>.<br />
<br />
Each ''consent'' present in mail will create a new ticket or update an existing ticket in Privacy-Now®. The existence of a consent is matched on <u>Consent_'''[consent name]'''</u>, <u>Source</u> and the option selected in <u>Data Subject Matching criteria</u>.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Source</u>|| The value of this parameter is '''mandatory''' and shall be filled with the ''consent'' source (ie: could be the company name or business unit name or web site name). The value of this parameter shall match with the value(s) inserted in '''''Settings/Data Sets/Consents/Consent Sources'''''.<br />
|-<br />
|<u>Name</u>|| The value of this parameter is '''mandatory'''. The first name of ''data subject''.<br />
|-<br />
|<u>Surname</u>|| The family name of ''data subject''.<br />
|-<br />
|<u>Email</u>|| The email of ''data subject''.<br />
|-<br />
|<u>City</u>|| The town of ''data subject''.<br />
|-<br />
|<u>Province_State</u>|| The province or state of ''data subject''.<br />
|-<br />
|<u>Country</u>|| The country of ''data subject''.<br />
|-<br />
|<u>Phone</u>|| The phone number of ''data subject''.<br />
|-<br />
|<u>User_id</u>|| The univocal id (integer) of the user corresponding to ''data subject'' in consent source (ie: id of user in web site).<br />
|-<br />
|<u>Username</u>|| The univocal login of the user corresponding to ''data subject'' in consent source (ie: login of user in web site).<br />
|-<br />
|<u>IP_address</u>|| The ip address used by ''data subject'' during web site browsing.<br />
|-<br />
|<u>Lang</u>|| The main language of ''data subject''. Possible values: "en-GB", "it-IT" and "fr-FR".<br />
|-<br />
|<u>Consent_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). At least one Consent_'''[consent name]''' shall exist in the email. The value of this parameter shall be a univocal code corresponding to one of the <u>Code</u> inserted in '''''Settings/Data Sets/Consents/Consent Types'''''.<br />
|-<br />
|<u>Value_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Value_'''[consent name]'''</u> (ie: <u>Value_Newsletter</u>). The value of this parameter shall be "1" (''consent'' given) or "0" (''consent'' denied).<br />
|-<br />
|<u>Date_Time_'''[consent name]'''</u>||'''[consent name]''' shall be replaced by the name of ''consent'' (ie: consent_newseletter). For each of the Consent_'''[consent name]''' defined in the email shall be present a corresponding <u>Date_Time_'''[consent name]'''</u> (ie: <u>Date_Time_Newsletter</u>). The value of this parameter shall be the date and time of ''consent'' management in web site. It shall be in format '''dd-mm-yyyy hh:mm:ss''' .<br />
|}<br />
<br />
'''Example:'''<br />
Source:myCompanyName<br />
Name:Jhon<br />
Surname:Smith<br />
Email:jhon.smith@mymail.com<br />
City:myTown<br />
Province_State:myProvince<br />
Country:myCountry<br />
Phone:002235468<br />
User_id:12345<br />
Username:jsmith<br />
IP_address:192.168.1.27<br />
Lang:en-GB<br />
Consent_A:1<br />
Value_A:0<br />
Date_Time_A:12-10-2018 10:14:50<br />
Consent_B:2<br />
Value_B:0<br />
Date_Time_B:12-10-2018 10:14:50<br />
Consent_Newsletter:3<br />
Value_Newsletter:1<br />
Date_Time_Newsletter:12-10-2018 10:14:50<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>GDPR Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== Notification Settings ===<br />
The table below report the settings fields available and a short description of their meaning:<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Breach Warnings Recipients</u> || This field contains the emails addresses notified when ''data breach'' warnings are triggered.<br />
|-<br />
|<u>Authority Warnings Recipients</u> || This field contains the emails addresses notified when ''data breach'' warnings for authority are triggered.<br />
|-<br />
|<u>Access Warnings Recipients</u> || This field contains the emails addresses notified when ''access request'' warnings are triggered.<br />
|}<br />
<br />
=== Utility ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Delete ticket ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Ticket Code to Delete</u> and launch the '''Delete Ticket''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=591Users & Groups2018-10-10T12:27:05Z<p>Cbisso: /* Users Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item lists the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add New''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges as the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=590Settings2018-10-10T12:19:01Z<p>Cbisso: /* Delete ticket */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>GDPR Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Utility ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Delete ticket ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Ticket Code to Delete</u> and launch the '''Delete Ticket''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=589Settings2018-10-10T12:18:14Z<p>Cbisso: /* Tools */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>GDPR Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Utility ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Delete ticket ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=588Settings2018-10-10T12:16:01Z<p>Cbisso: /* Group Settings */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>GDPR Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Tools ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Record deletion ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=587Settings2018-10-10T12:13:37Z<p>Cbisso: /* Group Settings */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Tools ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Record deletion ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=586Settings2018-10-10T12:10:55Z<p>Cbisso: /* Consents Settings */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Audit Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Audit Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Tools ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Record deletion ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Settings&diff=585Settings2018-10-10T12:10:47Z<p>Cbisso: /* Consents Settings */</p>
<hr />
<div>==Introduction==<br />
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:<br />
<br />
* Master data<br />
* Application settings<br />
<br />
== Master data ==<br />
Master data tables contain the sources data of the fields using single or multi choice options.<br />
<br />
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by ''users'' with the <u>Admin</u> field set to "Yes". <br />
<br />
Editing of master data table can be done from the left menu '''''Settings/Data Sets''''' or directing from the records using the fields based on the master data (in both cases if the ''user'' has the required privileges).<br />
<br />
The table below lists the master data tables and provides a short description of their content.<br />
<br />
{| class="wikitable"<br />
! Access menu !! Description<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Access Requests Types'''''|| The types of ''access requests'', e.g. "Personal data deletion".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Communication Channels'''''|| The communication channels used to acquire the ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Results Notification Methods'''''|| The communication channels to be used to communicate the results of an ''access request'', e.g. "email".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Data Subject Types'''''|| The type of subject requesting the ''access request'', e.g. "employee".<br />
|-<br />
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship".<br />
|-<br />
|'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail.<br />
|-<br />
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Categories'''''|| The category of the consent, for example the consent to send a newsletter. This table is very likely to be updated.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source where the consent is given or denied, for example a "contract".<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person.<br />
|-<br />
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data".<br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. <br />
|-<br />
|'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach".<br />
|-<br />
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified.<br />
|-<br />
|'''''Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period'''''|| Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Applications'''''|| The applications which may be used to access ''personal data'', for example "web browsers".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Connections'''''|| The connections which may be used when accessing ''personal data'', for example "internet".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Processing Purposes'''''|| The purposes of data processing, for example "marketing activities".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Extra EU Measures'''''|| The types of measures in place to mitigate the risks of extra EU ''processing activities'', e.g. a "code of conduct".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Lawful Basis for Processing'''''|| The lawful basis on which the processing of ''personal data'' is authorized, e.g. "legal obligations".<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Processing Activities'''''|| The types of ''processing activities'' performed during the processing of ''personal data'', e.g. collection, adaptation, etc.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Provision Agreements'''''|| The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years.<br />
|-<br />
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. <br />
|-<br />
|'''''Settings/Data Sets/ Processors / Controllers Entities'''''|| The details of the controller entities involved in ''processing activities''.<br />
|-<br />
|'''''Settings/Data Sets/ Processors / Data Controller Officers'''''|| The details of the data controller officers involved in ''processing activities''.<br />
|-<br />
|}<br />
<br />
== Application settings ==<br />
<br />
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from '''''Settings/Application Settings'''''.<br />
<br />
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges.<br />
<br />
<b>''Settings/Application Settings''</b> link open the ''Setting'' Ticket. <br />
<br />
Settings are organized in six sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Consents Settings''</u><br />
* <u>''Group Settings''</u><br />
* <u>''License Details''</u><br />
* <u>''Purchase History''</u><br />
* <u>''Tools''</u><br />
<br />
=== Tracking ===<br />
These setting enable the ''User'' to identity the ''service name'' and the <u>Subscription id</u> they have subscribed and the actual status of the ''service''<br />
<br />
=== Consents Settings ===<br />
These settings refer to ''consents'' management process. See the [[consents]] guide for more information on the process.<br />
<br />
The table below report the settings fields available and a short description of their meaning:<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>Consents Matching Mails </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored.<br />
|-<br />
|<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered.<br />
|-<br />
|<u>Data Subjects Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). <br />
|}<br />
<br />
=== Group Settings ===<br />
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.).<br />
<br />
The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Audit Team Profile</u> and <u>Working Team Profile</u> allow to define which "groups" the ''user'' will be able to see and select in each process.<br />
<br />
The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Audit Team Default</u> and <u>Working Team Default</u> allow to define the default "groups" which will be set everytime a new record is created.<br />
<br />
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc.<br />
<br />
In order to update the fields for a process, perform the following steps:<br />
<br />
*Choose the process by setting the <u>Process</u> field<br />
*Load the set values for all the field by using the '''LOAD''' command<br />
*Set the values for the fields<br />
*Save the settings by using the '''SAVE''' command at the bottom of the form.<br />
<br />
Repeat the above steps for all the processes you need to configure.<br />
<br />
=== License Details ===<br />
This section allows to view the details of the license active for the current Privacy-Now® environment.<br />
<br />
{| class="wikitable"<br />
! Field !! Description<br />
|-<br />
|<u>License Package</u>|| This field shows the type of subscription active.<br />
|-<br />
|<u>Licensed User</u>|| This field shows the number of activated ''users'' (those in status "Active").<br />
|-<br />
|<u>Licensed Access Requests</u>|| Monthly number of ''access requests'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|<u>Licensed Consents</u>|| Monthly number of ''consents'' that it is possible to open. This numbers is depending on the type of subscription.<br />
|-<br />
|'''Check License'''|| This commands launches a system check that refreshes the values of <u>Active Users</u>, <u>Monthly Access Requests</u> and <u>Monthly Consents</u> fields.<br />
|-<br />
|<u>Active Users</u>|| Number of "users" currently activated (in status "active").<br />
|-<br />
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month.<br />
|-<br />
|<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month.<br />
|-<br />
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated.<br />
|-<br />
|<u>Expected End Date</u>|| The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date.<br />
|-<br />
|}<br />
<br />
=== Purchase History ===<br />
In this section, the history of the purchase transaction is reported for control aims.<br />
Every transaction is added after the last before.<br />
<br />
=== Tools ===<br />
In this sections, special functionalities are grouped.<br />
<br />
==== Record deletion ====<br />
From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool.<br />
<br />
To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command.<br />
<br />
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Privacy_Impact_Assessments&diff=584Privacy Impact Assessments2018-10-10T10:44:40Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Privacy Impact Assessments ==<br />
In Privacy-Now®, ''Privacy Impact assessments'' are focused to assess the risks associated with data processing activities (actually they are ''Data Protection Impact Assessments'').<br />
<br />
The process enables to record ''Privacy Impact Assessments'' and to support their fulfilment. ''Privacy Impact Assessments'' are typically related to one or more ''processing activities'', those to which they refer to. <br />
<br />
== Workflow ==<br />
A new ''Privacy Impact Assessment'' can be created using the '''Add New''' functionality and choosing "New Privacy Impact Assessment".<br />
<br />
A workflow enables to move the ''Privacy Impact Assessment" in several statuses as shown in the following picture.<br />
<br />
[[File: Privacy_Impact_Assessment_workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Privacy Impact Assessments workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''Privacy Impact Assessment'' is initially created before the first save.<br />
|-<br />
|Opened || A ''Privacy Impact Assessment'' in this status is draft.<br />
|-<br />
|Detailed Assessment || This status means that a detailed assessment needs to be executed. If a significant risk is found during the preliminary assessment, the transition through this status is required before closing the ''Privacy Impact Assessment''.<br />
|-<br />
|Suspended || Activities concerning the ''Privacy Impact Assessment'' are temporarily suspended.<br />
|-<br />
|Closed || In this status, the assessment is completed. <br />
|-<br />
|Cancelled || ''Privacy Impact Assessment'' cancelled. This is an end of life status.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Privacy Impact Assessment'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''Privacy Impact Assessment'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''Privacy Impact Assessment'';<br />
* <u>''Risk Assessment Questions''</u>, containing the preliminary assessment questions;<br />
* <u>''Impact Assessment Questions''</u>, if any significant risk is found in the <u>''Risk Assessment Questions''</u> section, it contains detailed impact assessment questions (''DPIA'');<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Privacy Impact Assessments'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''Privacy Impact Assessment'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Assessment Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>PIA Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''Privacy Impact Assessments'' can be filtered and exported to excel format from the ''view'' '''''Privacy Impact Assessments'''''.<br />
<br />
== Related processes ==<br />
''Privacy Impact Assessments'' can be related to ''processing activities'', ''risks'' and ''issues / non conformities''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Data_Breaches&diff=583Data Breaches2018-10-10T10:31:05Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Data Breaches ==<br />
Data breaches workflow provide the mean to manage the lifecycle of ''data breaches''. This means recording and updating the information related to the ''data breach'', supporting the tasks needed for remediation and the needed communication.<br />
<br />
== Workflow ==<br />
A new ''data breach'' can be created using the '''Add New''' functionality and choosing "New Data Breach".<br />
<br />
A workflow enables to move ''data breaches" in several statuses as shown in the following picture.<br />
<br />
[[File:Data_Breaches_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Data Breaches workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''data breach'' is initially created before the first save.<br />
|-<br />
|Opened || A ''data breach'' in this status is raised for analysis.<br />
|-<br />
|Analysed || In this status, the analysis of a ''data breach'' is completed. The ''data breach'' is therefore to be cancelled or to be actioned (taken in charge).<br />
|-<br />
|In charge || In this status, the ''data breach'' has been taken in charge and it is being actioned. <br />
|-<br />
|Notified || In this status, the ''data breach'' has been notified to the interested parties.<br />
|-<br />
|Resolved || In this status, all activities related to the ''data breach'' are completed and closure is expected after confirmation of remediation.<br />
|-<br />
|Suspended || Activities concerning the ''data breach'' are temporarily suspended.<br />
|-<br />
|Closed || In this status, all activities related to the ''data breach'' are performed and remediation / communications are completed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|Cancelled || ''Data breach'' cancelled. This is an end of life status.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Data breach'' records are organized in seven sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''data breach'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''data breach'';<br />
* <u>''Investigator''</u>, with the details of the resource in charge of investigating the ''data breach'';<br />
* <u>''Data Breach Details''</u>, with the details of the ''data breach'';<br />
* <u>''Data Breach Impact''</u>, containing information about the ''data breach'' impact;<br />
* <u>''Data Breach Notification''</u>, containing information about the notification of the ''data breach'';<br />
* <u>''Remediation Actions''</u>, containing information about the remediation actions for the ''data breach''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Data breaches'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''dta breach'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Investigation Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Warning and alerts ==<br />
TBC<br />
<br />
== Reports ==<br />
The list of ''data breaches'' can be filtered and exported to excel format from the ''view'' '''''Data Breaches'''''.<br />
<br />
== Related processes ==<br />
''Data breaches'' can be related to ''risks'', ''actions'' and ''issues / non conformities''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Risks&diff=582Risks2018-10-10T10:28:10Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Risks ==<br />
This workflow provides the mean to manage the lifecycle of ''risks'' related to ''personal data'' management. <br />
<br />
== Workflow ==<br />
A new ''risk'' can be created using the '''Add New''' functionality and choosing "New Risk".<br />
<br />
The workflow enables to move ''risks" in several statuses as shown in the following picture.<br />
<br />
[[File:Risks_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Risks workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''risk'' is initially created before the first save.<br />
|-<br />
|Draft || A ''risk'' in this status is draft and is not confirmed nor actioned yet.<br />
|-<br />
|Potential || A ''risk'' in this status is confirmed and shall be actioned.<br />
|-<br />
|Mitigated || In this status, the ''risk'' has been actioned and mitigated. <br />
|-<br />
|Cancelled || ''Risk'' cancelled. This is an end of life status.<br />
|-<br />
|Closed || In this status, risk has been threated successfully and no more actions are needed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Risks'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''risk'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''risk'';<br />
* <u>''Pre-mitigation Assessment''</u>, with the assessment details of the ''risk'' before mitigation actions;<br />
* <u>''Post-mitigation Assessment''</u>, with the details of the ''risk'' after mitigation actions.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Risks'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''risk'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Risk Assessment Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''risks'' can be filtered and exported to excel format from the ''view'' '''''Risks'''''.<br />
<br />
== Related processes ==<br />
''Risks'' can be related to ''actions'', ''audits'', ''data breaches'', ''issues / non conformities'', ''privacy impact assessments'' and ''processing activities''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Access_Requests&diff=581Access Requests2018-10-10T10:18:18Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Access Requests ==<br />
''Access requests'' provide the mean for data subjects to exercise their right to access information about the processing of their <br />
''personal data'' (e.g. according to section 2, article 13 of ''GDPR Regulation'').<br />
<br />
The workflow enables to record ''access requests'' and to support their fulfilment.<br />
<br />
== Workflow ==<br />
A new ''access request'' can be created using the '''Add New''' functionality and choosing "New Access Request".<br />
<br />
A workflow enables to move ''access requests" in several statuses as shown in the following picture.<br />
<br />
[[File:Access_Requests_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Access Requests workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''access request'' is initially created before the first save.<br />
|-<br />
|Opened || An ''access request'' in this status is draft and it is not actioned.<br />
|-<br />
|Requested || An ''access request'' in this status is confirmed and it is waiting to be actioned.<br />
|-<br />
|In charge || In this status, the ''access request'' has been taken in charge and it is being actioned. <br />
|-<br />
|Cancelled || ''Access request'' cancelled. This is an end of life status.<br />
|-<br />
|Completed || In this status, all activities related to the ''access request'' were completed and closure is expected after confirmation.<br />
|-<br />
|Suspended || Activities concerning the ''access request'' are temporarily suspended, meaning no further status transitions are allowed.<br />
|-<br />
|Closed || In this status, all activities related to the ''access request'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Access request'' records are organized in five sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''access request'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''access request'';<br />
* <u>''Access Request Details''</u>, with the details of the ''access request'';<br />
* <u>''Data Subject Details''</u>, with the details of the ''data subject'' issuing the ''access request'';<br />
* <u>''Data Subject Representative''</u>, containing the details of the representative of the ''data subject'', if any.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Access request'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''access request'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Warning and alerts ==<br />
TBC<br />
<br />
== Reports ==<br />
The list of ''access requests'' can be filtered and exported to excel format from the ''view'' '''''Access Requests'''''.<br />
<br />
== Related processes ==<br />
''Access Requests'' can be related to ''processing activities''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Processing_Activities&diff=580Processing Activities2018-10-10T10:06:16Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Processing Activities ==<br />
''Processing activities'' are the core element of ''personal data'' management. Many regulations require to document and assess them. <br />
<br />
Privacy-Now® dedicated process enables to record ''processing activities'', to maintain them and to use them for assessment or other tasks related to ''personal data'' management.<br />
<br />
== Workflow ==<br />
A new ''processing activity'' can be created using the ''Add New'' functionality and choosing "New Processing Activity".<br />
<br />
A workflow enables to move the ''processing activities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Processing Activities Workflow ENG v1.0.JPG|centre|thumb|800x800px|Processing activities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''processing activity'' is initially created before the first save. <br />
|-<br />
|Draft || A ''processing activity'' in this status is draft.<br />
|-<br />
|Active || A ''processing activity'' in this status is actually executed by the ''organization''.<br />
|-<br />
|Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. <br />
|-<br />
|Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled ''users''.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Processing activities'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''processing activity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''processing activity'';<br />
* <u>''Characteristics''</u>, with the key attributes of the ''processing activity'';<br />
* <u>''Information Technology''</u>, with information about the technologies used to process ''personal data'' by the ''processing activivty''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.<br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Processing activities'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''processing activity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management,<br />
* revert from "Cancelled" status.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Representative</u> || This role can be assigned to a single user among members of the ''DPO group'' or the ''Data Controller Group''. The <u>Representative</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''processing activities'' can be filtered and exported to excel format from the ''view'' '''''Processing Activities'''''.<br />
<br />
Finally, it is possible to print the ''processing activity'' card using the '''Print''' command positioned up right in the ''<u>General</u>'' form of the ''processing activity'' record.<br />
<br />
== Related processes ==<br />
Many other entities can be related to ''processing activity'' records, in particular:<br />
* ''access requests'',<br />
* ''actions'',<br />
* ''impact assessments'',<br />
* ''risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Issues_%26_Non_Conformities&diff=579Issues & Non Conformities2018-10-10T09:54:56Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Issues / Non Conformities ==<br />
This workflow provides the mean to manage the lifecycle of ''issues / non conformities''. An ''issue'' or a ''non conformity'' are different categorization of records but are managed in the same way by the same workflow.<br />
<br />
== Workflow ==<br />
A new ''issue / non conformity'' can be created using the '''Add New''' functionality and choosing "New Issue or Non Conformity".<br />
<br />
The workflow enables to move ''issues / non conformities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Issues_non_Conformities_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Issues / non conformities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''issue / non conformity'' is initially created before the first save.<br />
|-<br />
|Draft || An ''issue / non conformity'' in this status is draft and it is not actioned.<br />
|-<br />
|Opened || An ''issue / non conformity'' in this status is confirmed and it is actioned.<br />
|-<br />
|Cancelled || ''Issue / non conformity'' cancelled. This is an end of life status.<br />
|-<br />
|Completed || In this status, all activities related to the ''issue / non conformity'' were completed and closure is expected after confirmation.<br />
|-<br />
|Closed || In this status, all activities related to the ''issue / non conformity'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Issue / non conformity'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''issue / non conformity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''issue / non conformity'';<br />
* <u>''Issue / Non Conformity Details''</u>, with the details of the ''issue / non conformity''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Issue / non conformity'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''issue / non conformity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>Data Protection Officer (DPO) Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Issue / NC Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''issues / non conformities'' can be filtered and exported to excel format from the ''view'' '''''Issues / Non Conformities'''''.<br />
<br />
== Related processes ==<br />
''Issues / non conformities'' can be related to ''actions'', ''audits'' , ''data breaches'', ''Privacy Impact Assessment'' and ''Risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Issues_%26_Non_Conformities&diff=578Issues & Non Conformities2018-10-10T09:54:25Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Issues / Non Conformities ==<br />
This workflow provides the mean to manage the lifecycle of ''issues / non conformities''. An ''issue'' or a ''non conformity'' are different categorization of records but are managed in the same way by the same workflow.<br />
<br />
== Workflow ==<br />
A new ''issue / non conformity'' can be created using the '''Add New''' functionality and choosing "New Issue or Non Conformity".<br />
<br />
The workflow enables to move ''issues / non conformities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Issues_non_Conformities_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Issues / non conformities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''issue / non conformity'' is initially created before the first save.<br />
|-<br />
|Draft || An ''issue / non conformity'' in this status is draft and it is not actioned.<br />
|-<br />
|Opened || An ''issue / non conformity'' in this status is confirmed and it is actioned.<br />
|-<br />
|Cancelled || ''Issue / non conformity'' cancelled. This is an end of life status.<br />
|-<br />
|Completed || In this status, all activities related to the ''issue / non conformity'' were completed and closure is expected after confirmation.<br />
|-<br />
|Closed || In this status, all activities related to the ''issue / non conformity'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Issue / non conformity'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''issue / non conformity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''issue / non conformity'';<br />
* <u>''Issue / Non Conformity Details''</u>, with the details of the ''issue / non conformity''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Issue / non conformity'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''issue / non conformity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>Data Protection Officer (DPO) Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditor Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Issue / NC Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''issues / non conformities'' can be filtered and exported to excel format from the ''view'' '''''Issues / Non Conformities'''''.<br />
<br />
== Related processes ==<br />
''Issues / non conformities'' can be related to ''actions'', ''audits'' , ''data breaches'', ''Privacy Impact Assessment'' and ''Risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Issues_%26_Non_Conformities&diff=577Issues & Non Conformities2018-10-10T09:54:16Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Issues / Non Conformities ==<br />
This workflow provides the mean to manage the lifecycle of ''issues / non conformities''. An ''issue'' or a ''non conformity'' are different categorization of records but are managed in the same way by the same workflow.<br />
<br />
== Workflow ==<br />
A new ''issue / non conformity'' can be created using the '''Add New''' functionality and choosing "New Issue or Non Conformity".<br />
<br />
The workflow enables to move ''issues / non conformities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Issues_non_Conformities_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Issues / non conformities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''issue / non conformity'' is initially created before the first save.<br />
|-<br />
|Draft || An ''issue / non conformity'' in this status is draft and it is not actioned.<br />
|-<br />
|Opened || An ''issue / non conformity'' in this status is confirmed and it is actioned.<br />
|-<br />
|Cancelled || ''Issue / non conformity'' cancelled. This is an end of life status.<br />
|-<br />
|Completed || In this status, all activities related to the ''issue / non conformity'' were completed and closure is expected after confirmation.<br />
|-<br />
|Closed || In this status, all activities related to the ''issue / non conformity'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Issue / non conformity'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''issue / non conformity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''issue / non conformity'';<br />
* <u>''Issue / Non Conformity Details''</u>, with the details of the ''issue / non conformity''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Issue / non conformity'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''issue / non conformity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>Data Protection Officer Group (DPO) Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditor Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Issue / NC Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''issues / non conformities'' can be filtered and exported to excel format from the ''view'' '''''Issues / Non Conformities'''''.<br />
<br />
== Related processes ==<br />
''Issues / non conformities'' can be related to ''actions'', ''audits'' , ''data breaches'', ''Privacy Impact Assessment'' and ''Risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Issues_%26_Non_Conformities&diff=576Issues & Non Conformities2018-10-10T09:51:03Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Issues / Non Conformities ==<br />
This workflow provides the mean to manage the lifecycle of ''issues / non conformities''. An ''issue'' or a ''non conformity'' are different categorization of records but are managed in the same way by the same workflow.<br />
<br />
== Workflow ==<br />
A new ''issue / non conformity'' can be created using the '''Add New''' functionality and choosing "New Issue or Non Conformity".<br />
<br />
The workflow enables to move ''issues / non conformities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Issues_non_Conformities_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Issues / non conformities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''issue / non conformity'' is initially created before the first save.<br />
|-<br />
|Draft || An ''issue / non conformity'' in this status is draft and it is not actioned.<br />
|-<br />
|Opened || An ''issue / non conformity'' in this status is confirmed and it is actioned.<br />
|-<br />
|Cancelled || ''Issue / non conformity'' cancelled. This is an end of life status.<br />
|-<br />
|Completed || In this status, all activities related to the ''issue / non conformity'' were completed and closure is expected after confirmation.<br />
|-<br />
|Closed || In this status, all activities related to the ''issue / non conformity'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Issue / non conformity'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''issue / non conformity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''issue / non conformity'';<br />
* <u>''Issue / Non Conformity Details''</u>, with the details of the ''issue / non conformity''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Issue / non conformity'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''issue / non conformity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Audit Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Issue / NC Owner</u> || This role can be assigned to a single user among members of the ''groups'' previously described. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''issues / non conformities'' can be filtered and exported to excel format from the ''view'' '''''Issues / Non Conformities'''''.<br />
<br />
== Related processes ==<br />
''Issues / non conformities'' can be related to ''actions'', ''audits'' , ''data breaches'', ''Privacy Impact Assessment'' and ''Risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Knowledge_Items&diff=575Knowledge Items2018-10-10T09:32:12Z<p>Cbisso: /* Workflow */</p>
<hr />
<div><br />
== Introduction to Knowledge Items ==<br />
''Knowledge items'' provide the mean to publish useful information and knowledge to specific audiences.<br />
<br />
The workflow enables to record ''knowledge items'' and to support their lifecycle (publish / unpublish).<br />
<br />
== Workflow ==<br />
A new ''knowledge item'' can be created using the '''Add New''' functionality and choosing "New Knowledge Item".<br />
<br />
A workflow enables to move ''knowledge items'' in several statuses as shown in the following picture.<br />
<br />
[[File:Knowledge_Items_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Knowledge items workflow and statuses.]]<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''knowledge item'' is initially created before the first save.<br />
|-<br />
|Draft || A ''knowledge item'' in this status is draft and not visible yet to its target audience.<br />
|-<br />
|Published || A ''knowledge item'' in this status is published and visible to its target audience. The target audience is the ''group'' set in the ''knowledge item'' <u>Publisher</u> field.<br />
|-<br />
|Dismissed || A ''knowledge item'' in this status is no longer visible and cannot be updated. This is an end of life status. <br />
|-<br />
|}<br />
<br />
== Information ==<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Knowledge items'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''knowledge item'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>Publisher</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Readers</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''knowledge items'' can be filtered and exported to excel format from the ''view'' '''''knowledge items'''''.<br />
<br />
== Visibility of Knowledge Items and Knowledge Portal ==<br />
<br />
''Knowlegde items'' are published and visibile in the ''knowledge portal'', accessible from '''''Knowledge Portal''''' menu. Note that ''knowledge items'' are visible in the ''knowledge portal'' to ''users'' who are members of the ''group'' they are published to.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=574Consents2018-10-10T09:18:43Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Consents#Configuration of consents sources|Configuration of consents sources]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set (manually or automatically by an external system) when ……………TBC..<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Consents'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Four levels of warning are foreseen.<br />
How to set them....<br />
How to configure related messages...<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Configuration of consents sources ==<br />
TBC<br />
Process<br />
Structure of the incoming email<br />
Matching criterias<br />
<br />
== Removal of consents ==<br />
<br />
=== Removal of single consent records ===<br />
<br />
=== Bulk removal of consent records ===<br />
<br />
TBC</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Consents&diff=573Consents2018-10-10T09:09:55Z<p>Cbisso: /* Introduction to Consents */</p>
<hr />
<div><br />
== Introduction to Consents ==<br />
Consents management provide the mean to acquire, update and use ''consents'' information. For example, it is possible to use Privacy Now® as a central repository of information about all the ''consents''. Information about ''consents'' can be created and updated manually or interfacing Privacy Now® with external system. See the paragraph [[Consents#Configuration of consents sources|Configuration of consents sources]] for more information.<br />
<br />
== Workflow ==<br />
A new ''consent'' can be created using the '''Add New''' functionality and choosing "New Consent". Alternatively, a new ''consent'' can be automatically acquired or updated by an external system.<br />
<br />
A workflow enables to move ''consents'' in several statuses as shown in the following picture.<br />
<br />
[[File:Consents_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Consents workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''consent'' is initially created before the first save.<br />
|-<br />
|Valid || A ''consent'' in this status is valid and its information can be used accordingly.<br />
|-<br />
|Wrong email || This status is set (manually or automatically by an external system) when ……………TBC..<br />
|-<br />
|Expired || In this status a ''consent'' is expired and therefore should be removed.<br />
|-<br />
|To be Removed || In this status, the ''consent'' shall be removed (the status is used to identify ''consents'' by the automatic removal procedure).<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Consent'' records are organized in three sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''consent'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''consent'';<br />
* <u>''Consent Details''</u>, with the details of the ''consent'';<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Consents'' can be automatically created by authorized external systems or by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''consent'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have several privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Audit Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|}<br />
<br />
However, some steps may be performed automatically (see the paragraph dedicated to [[Consents#Warning and alerts|warning and alerts]]).<br />
<br />
== Warning and alerts ==<br />
Four levels of warning are foreseen.<br />
How to set them....<br />
How to configure related messages...<br />
<br />
== Reports ==<br />
The list of ''consents'' can be filtered and exported to excel format from the ''view'' '''''Consents'''''.<br />
<br />
== Configuration of consents sources ==<br />
TBC<br />
Process<br />
Structure of the incoming email<br />
Matching criterias<br />
<br />
== Removal of consents ==<br />
<br />
=== Removal of single consent records ===<br />
<br />
=== Bulk removal of consent records ===<br />
<br />
TBC</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Glossary&diff=572Glossary2018-10-05T12:32:33Z<p>Cbisso: /* S */</p>
<hr />
<div>Below is a list of terms and definitions used in this documentation.<br />
<br />
== A ==<br />
* ''AC'': see Actions<br />
* ''AR'': see Access Requests.<br />
* ''Access Request'': a record which allows to manage the lifecycle of a request to access information on how ''personal data'' are managed by a data subject. A specific workflow in Privacy-Now® supports the lifecycle of ''access requests'' (see [[Access Requests]]). <br />
* ''Action'': any activity performed by the ''organization'' in order to manage any other process supported by Privacy Now® (i.e. access requests, audits, consents, data breaches, issues, non conformities, privacy impact assessments, records of processing activities). Privacy Now® allows to record and support the lifecycle of ''actions'' with a specific workflow (see [[Actions]]).<br />
* ''AU'': see Audit.<br />
* ''Audit'': an inspection, either made by internal, external or independent resources (see ''auditors'') aimed at checking the status of ''personal data'' management system and activities. Privacy Now® supports audit activities with a specific workflow (see [[Audits]]).<br />
* ''Auditor'': any resource, internal or external of an organization with auditing responsibilities on ''personal data'' management.<br />
<br />
== B ==<br />
<br />
<br />
== C ==<br />
*''CO'': see Consents.<br />
*''Consent'': the authorization (or denial) to manage ''personal data'' given by a ''data subject''. In Privacy-Now® ''consents'' lifecycle is supported by the consent management workflow (see [[Consents]] for more information).<br />
<br />
== D ==<br />
* ''Dashboard'': an information management tool that visually tracks, analyzes and displays key performance indicators (KPI), metrics and key data points to monitor the health of ''privacy management processes''.<br />
* ''DB'': see Data Breaches.<br />
* ''Data breach'': a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.<br />
* ''Data controller'': means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.<br />
* ''Data subject'': a ''natural person'' whose personal data are managed by the ''organization''.<br />
* ''Data Protection Impact Assessment'': an assessment designed to help an organization to assess the risks associated with data processing activities that could compromise the rights and freedoms of individuals. In Privacy-Now® ''data protection impact assessments'' are managed using the ''privacy impact assessment'' workflow (see [[Privacy Impact Assessments]]).<br />
* ''Data Protection Officer'': a data protection officer is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.<br />
* ''Data Processor'': means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.<br />
* ''DPIA'': see ''data protection impact assessment''.<br />
* ''DPO'': see ''Data Protection Officer''.<br />
<br />
== E ==<br />
<br />
<br />
== F ==<br />
<br />
<br />
== G ==<br />
* ''Group'': a set of people which can be assigned to a profile to grant specific privileges to manage a process (e.g. ''Actions'' management). See [[Users & Groups]] for more information on how to manage ''groups''.<br />
<br />
== H ==<br />
<br />
<br />
== I ==<br />
* ''INC'': see Issues & Non Conformities.<br />
* ''Issue'': an important topic or problem for debate or discussion related to ''personal data management''. A specific workflow in Privacy-Now® supports the lifecycle of ''issues'' (See [[Issues & Non Conformities]]).<br />
<br />
== K ==<br />
* ''Knowledge item'': a piece of information or a knowledge record concerning the protection of ''personal data''. ''Knowledge items'' can be added and managed by the ''users'' but some are by the team of Privacy-Now® and cannot be edited by the ''users''.<br />
* ''Knowledge portal'': a functionality of Privacy-Now® which presents ''knowledge items'' organized in categories. In the portal, ''knowledge items'' are visible to the members of the ''group'' they are published to.<br />
<br />
== L ==<br />
* ''Login'': TBC<br />
<br />
== M ==<br />
<br />
<br />
== N ==<br />
* ''Non conformity'': a deviation from the agreed policies and/or ''personal data'' management processes and procedures. A specific workflow in Privacy-Now® supports the lifecycle of ''non conformities'' (See [[Issues & Non Conformities]]).<br />
<br />
== O ==<br />
* ''Organization'': the organisation using Privacy Now® to manage ''data subjects''' ''personal data''.<br />
<br />
== P ==<br />
* ''PA'': see Processing Activities.<br />
* ''Personal data'': it means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.<br />
* ''Personal data breach'': see ''data breach''.<br />
* ''PIA'': see ''Privacy Impact Assessment''.<br />
* ''Privacy Impact Assessment'': a systematic process which identifies and evaluates from the perspectives of all stakeholders the potential effects on privacy of a project, initiative or proposed system or scheme and which includes a search for ways to avoid or mitigate negative privacy impacts. In Privacy-Now®, ''privacy impact assessment'' are focused to assess the impact on ''processing activities'' (see ''data protection impact assessment'').<br />
* ''Privacy management processes'': the processes and corresponding workflows automated by Privacy-Now® and aimed to support effective and efficient ''personal data'' management to achieve compliance against policies and regulations.<br />
* ''Processing activities'': means any operation or set of operations which is performed on ''personal data'' or on sets of ''personal data'', whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Privacy Now® supports ''processing activities'' lifecycle with a specific workflow (see [[Processing Activities]]).<br />
<br />
== Q ==<br />
<br />
<br />
== R ==<br />
* ''RI'': see Risks.<br />
* ''Risks'': TBD<br />
<br />
== S ==<br />
* ''Save & Next'': basic function of the system that enable the ''User'' to save the ticket information and move the ticket status to the Next one. If more than one status is possible the ''User'' has to select the final status to be reach.<br />
* ''Settings'': settings which can be updated for Privacy Now® service.<br />
<br />
== T ==<br />
<br />
<br />
== U ==<br />
* ''User'': users of Privacy Now®.<br />
<br />
== V ==<br />
<br />
* ''View'': a list of records concerning a specific ''privacy management process''. It is possible to access to ''views'' from the left menu of the application. See also [[How To]] for more information on how to use ''views''.<br />
<br />
== X ==<br />
<br />
<br />
== Y ==<br />
<br />
<br />
== Z ==</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Processing_Activities&diff=571Processing Activities2018-10-05T10:57:12Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Processing Activities ==<br />
''Processing activities'' are the core element of ''personal data'' management. Many regulations require to document and assess them. <br />
<br />
Privacy-Now® dedicated process enables to record ''processing activities'', to maintain them and to use them for assessment or other tasks related to ''personal data'' management.<br />
<br />
== Workflow ==<br />
A new ''processing activity'' can be created using the ''Add New'' functionality and choosing "New Processing Activity".<br />
<br />
A workflow enables to move the ''processing activities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Processing Activities Workflow ENG v1.0.JPG|centre|thumb|800x800px|Processing activities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''processing activity'' is initially created before the first save. <br />
|-<br />
|Draft || A ''processing activity'' in this status is draft.<br />
|-<br />
|Active || A ''processing activity'' in this status is actually executed by the ''organization''.<br />
|-<br />
|Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. <br />
|-<br />
|Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled ''users''.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Processing activities'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''processing activity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''processing activity'';<br />
* <u>''Characteristics''</u>, with the key attributes of the ''processing activity'';<br />
* <u>''Information Technology''</u>, with information about the technologies used to process ''personal data'' by the ''processing activivty''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.<br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Processing activities'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''processing activity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management,<br />
* revert from "Cancelled" status.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Audit Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Representative</u> || This role can be assigned to a single user among members of the ''DPO group'' or the ''Data Controller Group''. The <u>Representative</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''processing activities'' can be filtered and exported to excel format from the ''view'' '''''Processing Activities'''''.<br />
<br />
Finally, it is possible to print the ''processing activity'' card using the '''Print''' command positioned up right in the ''<u>General</u>'' form of the ''processing activity'' record.<br />
<br />
== Related processes ==<br />
Many other entities can be related to ''processing activity'' records, in particular:<br />
* ''access requests'',<br />
* ''actions'',<br />
* ''impact assessments'',<br />
* ''risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Processing_Activities&diff=570Processing Activities2018-10-05T10:55:10Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Processing Activities ==<br />
''Processing activities'' are the core element of ''personal data'' management. Many regulations require to document and assess them. <br />
<br />
Privacy-Now® dedicated process enables to record ''processing activities'', to maintain them and to use them for assessment or other tasks related to ''personal data'' management.<br />
<br />
== Workflow ==<br />
A new ''processing activity'' can be created using the ''Add New'' functionality and choosing "New Processing Activity".<br />
<br />
A workflow enables to move the ''processing activities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Processing Activities Workflow ENG v1.0.JPG|centre|thumb|800x800px|Processing activities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''processing activity'' is initially created before the first save. <br />
|-<br />
|Draft || A ''processing activity'' in this status is draft.<br />
|-<br />
|Active || A ''processing activity'' in this status is actually executed by the ''organization''.<br />
|-<br />
|Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. <br />
|-<br />
|Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled ''users''.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Processing activities'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''processing activity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''processing activity'';<br />
* <u>''Characteristics''</u>, with the key attributes of the ''processing activity'';<br />
* <u>''Information Technology''</u>, with information about the technologies used to process ''personal data'' by the ''processing activivty''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.<br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Processing activities'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''processing activity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management,<br />
* revert from "Cancelled" status.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Audit Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Representative</u> || This role can be assigned to a single user among members of the ''DPO group'' or the ''Data Controller Group''. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''processing activities'' can be filtered and exported to excel format from the ''view'' '''''Processing Activities'''''.<br />
<br />
Finally, it is possible to print the ''processing activity'' card using the '''Print''' command positioned up right in the ''<u>General</u>'' form of the ''processing activity'' record.<br />
<br />
== Related processes ==<br />
Many other entities can be related to ''processing activity'' records, in particular:<br />
* ''access requests'',<br />
* ''actions'',<br />
* ''impact assessments'',<br />
* ''risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Processing_Activities&diff=569Processing Activities2018-10-05T10:54:41Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Processing Activities ==<br />
''Processing activities'' are the core element of ''personal data'' management. Many regulations require to document and assess them. <br />
<br />
Privacy-Now® dedicated process enables to record ''processing activities'', to maintain them and to use them for assessment or other tasks related to ''personal data'' management.<br />
<br />
== Workflow ==<br />
A new ''processing activity'' can be created using the ''Add New'' functionality and choosing "New Processing Activity".<br />
<br />
A workflow enables to move the ''processing activities'' in several statuses as shown in the following picture.<br />
<br />
[[File:Processing Activities Workflow ENG v1.0.JPG|centre|thumb|800x800px|Processing activities workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''processing activity'' is initially created before the first save. <br />
|-<br />
|Draft || A ''processing activity'' in this status is draft.<br />
|-<br />
|Active || A ''processing activity'' in this status is actually executed by the ''organization''.<br />
|-<br />
|Inactive || A ''processing activity'' in this status is not executed by the ''organization''. Either it was in the past or it will in the future. <br />
|-<br />
|Cancelled || ''Processing activity'' cancelled. It is still possible to recover a ''processing activity'' from this status by enabled ''users''.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Processing activities'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''processing activity'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''processing activity'';<br />
* <u>''Characteristics''</u>, with the key attributes of the ''processing activity'';<br />
* <u>''Information Technology''</u>, with information about the technologies used to process ''personal data'' by the ''processing activivty''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.<br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Processing activities'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''processing activity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management,<br />
* revert from "Cancelled" status.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Audit Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>DPO Owner</u> || This role can be assigned to a single user among members of the ''DPO group'' or the ''Data Controller Group''. The <u>Owner</u> has several privileges:<br />
* transition to any compatible status,<br />
* update fields when possible.<br />
|}<br />
<br />
== Reports ==<br />
The list of ''processing activities'' can be filtered and exported to excel format from the ''view'' '''''Processing Activities'''''.<br />
<br />
Finally, it is possible to print the ''processing activity'' card using the '''Print''' command positioned up right in the ''<u>General</u>'' form of the ''processing activity'' record.<br />
<br />
== Related processes ==<br />
Many other entities can be related to ''processing activity'' records, in particular:<br />
* ''access requests'',<br />
* ''actions'',<br />
* ''impact assessments'',<br />
* ''risks''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=568How To2018-10-05T08:59:38Z<p>Cbisso: /* Search */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the record in the destination status (if a reload of the record data is done, the status will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or manage attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. However, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Two main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=567How To2018-10-05T08:46:58Z<p>Cbisso: /* Delete */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the record in the destination status (if a reload of the record data is done, the status will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or manage attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. However, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=566How To2018-10-05T08:40:30Z<p>Cbisso: /* Update */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the record in the destination status (if a reload of the record data is done, the status will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or manage attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=565How To2018-10-05T08:07:58Z<p>Cbisso: /* Update */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the record in the destination status (if a reload of the record data is done, the status will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=564How To2018-10-05T08:02:35Z<p>Cbisso: /* Update */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=563How To2018-10-05T07:58:26Z<p>Cbisso: /* Update */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit from the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=562How To2018-10-05T07:42:26Z<p>Cbisso: /* Update */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functionalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit form the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=561How To2018-10-05T07:15:19Z<p>Cbisso: /* Menus and Views */</p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected records list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functinoalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit form the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Audits&diff=560Audits2018-09-28T15:24:31Z<p>Cbisso: /* Privileges */</p>
<hr />
<div><br />
== Introduction to Audits ==<br />
''Audits'' provide a control mechanism over ''personal data'' management system and activities. <br />
<br />
The process enables to record ''audits'' information and to support their fulfilment.<br />
<br />
== Workflow ==<br />
A new ''audit'' can be created using the '''Add New''' functionality and choosing "New Audit".<br />
<br />
A workflow enables to move ''audits" in several statuses as shown in the following picture.<br />
<br />
[[File:Audits_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Audits workflow and statuses.]]<br />
<br />
<br />
The following table explains the meaning of each status:<br />
<br />
{| class="wikitable"<br />
! Status !! Description<br />
|-<br />
|Default || A temporary status when the ''audit'' is initially created before the first save.<br />
|-<br />
|Opened || An ''audit'' in this status is draft and it is not actioned yet.<br />
|-<br />
|Planned || An ''audit'' in this status is planned for execution.<br />
|-<br />
|In progress || In this status, the ''audit'' is in progress. <br />
|-<br />
|Completed || In this status, all activities related to the ''audit'' were completed and closure is expected after confirmation.<br />
|-<br />
|Closed || In this status, all activities related to the ''audit'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.<br />
|-<br />
|Cancelled || ''Audit'' cancelled. This is an end of life status.<br />
|-<br />
|}<br />
<br />
== Information ==<br />
''Audit'' records are organized in four sections:<br />
<br />
* <u>''Identification''</u>, where identification data of the ''audit'' are recorded,<br />
* <u>''Ownership & Organization''</u>, containing the assignment of the key roles enabled to manage the ''audit'';<br />
* <u>''Details''</u>, with the details of the ''audit'' to accomplish;<br />
* <u>''Results''</u>, with the conclusions of the ''audit''.<br />
<br />
Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field. <br />
<br />
Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.<br />
<br />
== Privileges ==<br />
''Audit'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).<br />
<br />
The lifecycle of the ''audit'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').<br />
<br />
{| class="wikitable"<br />
! Role !! Description<br />
|-<br />
|<u>DPO Group</u> || Members of the ''group'' assigned to this role have full privileges. They can:<br />
* transition records to any compatible status,<br />
* update fields when possible,<br />
* update ''data sources'' directly in record management.<br />
|-<br />
|<u>Data Controller Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Data Processor Group</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|<u>Working Team</u> || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:<br />
* transition records to any compatible status,<br />
* update fields when possible.<br />
|-<br />
|<u>Auditors Supervisory Team</u> || Members of the ''group'' assigned to this role have view (read) privileges.<br />
|-<br />
|}<br />
<br />
== Reports ==<br />
The list of ''audits'' can be filtered and exported to excel format from the ''view'' '''''audits'''''.<br />
<br />
== Related processes ==<br />
''Audits'' can be related to ''risks'' and ''issues / non conformities''.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=559How To2018-09-27T15:50:23Z<p>Cbisso: </p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the Overview ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected recors list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functinoalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit form the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=How_To&diff=558How To2018-09-27T15:48:24Z<p>Cbisso: </p>
<hr />
<div>This section of Privacy-Now® guide introduces how to use the main functionalities of the tool.<br />
<br />
== Dashboards ==<br />
<br />
''Dashboards'' are automatically presented when logging to the system for the first time. The following ''dashboards'' are available:<br />
<br />
* Privacy Overview<br />
* ''Access Requests''<br />
* ''Actions''<br />
* ''Audits''<br />
* ''Consents''<br />
* ''Data Breaches''<br />
* ''Issues / Non Conformities''<br />
* ''Privacy Impact Assessments''<br />
* ''Processing Activities''<br />
* ''Risks''<br />
<br />
Apart from the General ''dashboard'', which presents information from several processes, each ''dashboard'' is dedicated to a ''privacy management process''.<br />
<br />
''Dashboards'' are composed of widgets (see the figure below).<br />
<br />
[[File:Dashboard_Widget_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''dashboard'' widget.]]<br />
<br />
Widgets are generally configured to be interactive. Clicking on a part of the widget with the left mouse button opens a context menu which presents the following options:<br />
<br />
- '''Open Ticket List''', allowing to open a list of the records which correspond to the result clicked in the widget;<br />
<br />
- '''Break Down''', allowing to drill down into the shown dimension;<br />
<br />
- '''Back''', allowing to return to the upper dimension from which the drill down was done.<br />
<br />
Depending on the subscribed packaged, ''dashboards'' can be directly created or configured by ''users''. However, the guide to customize them is not included in this wiki.<br />
Additionally, ''Dashboards'' are continuously improved and clients suggestions are welcome to this aim.<br />
<br />
Finally, remember that the trial subscription has limited access to the '''dashboards'''.<br />
<br />
== Menus and Views ==<br />
Menu items are accessible from the left menu bar of the and they may launch functionalities or ''views''.<br />
<br />
[[File:View_ENG_v1.0.JPG|centre|thumb|800x800px|Example of ''view''.]]<br />
<br />
In ''views'' records can be sorted with column headers and paged with paging commands.<br />
<br />
It is also possible to filter data. Pressing on the magnifier icon activates the grid filtering fields. They work logically in AND and they filter the records in ''view''. The '''GO''' command activates the entered criteria and the '''RESET''' command removes them.<br />
<br />
'''PRINT''' prints the selected (using tick boxes column) records cards. A new browser window is opened for each card. '''PRINT LIST''' prints the selected recors list. '''EXPORT TO EXCEL''' export the selected data in Excel format.<br />
<br />
== News ==<br />
News is a service functionality used by Privacy Now® staff to publish information about the service. Typical information may be announcements of new features or information on maintenance windows or service issues. News are scrolling titles in the news box positioned after below the left application menu. Just click on a scrolling news to access its detailed content.<br />
<br />
== Records Management ==<br />
<br />
=== Create ===<br />
Creating new records, including ''users'', is done by accessing and navigating the '''''Add New''''' menu item.<br />
<br />
[[File:Add_New_Self_Service_ENG_v1.0.JPG|centre|thumb|800x800px|Self service area to add new records.]]<br />
<br />
Just click on the item you want to create and this opens a dialog box where you can enter the related description or just press '''Create''' to generate a new record. Press ''Close'' to exit without creating.<br />
<br />
=== Update ===<br />
<br />
Updating a record can be done immediately after creating it or later when saved. See [[How_To#Search|Search]] section for more information on how to search existing records. <br />
<br />
When focused on a record, the command bars allow to save it and additional tasks on the record:<br />
<br />
* '''Save''' - simply saves the record;<br />
* '''Save & Exit''' - saves the record and exits from the update form;<br />
* '''Save & Next''' - this command first performs a save and then immediately enables to move the record to the next desired step in the workflow;<br />
* '''Cancel''' - exits from the record without saving (unsaved updates will be lost);<br />
* '''Reload''' - reloads the record (unsaved updates will be lost);<br />
* '''Print''' - prints the record;<br />
* ''' Quick Actions''': enables a context menu showing some shortcuts for commands enabling functinoalities.<br />
<br />
<br />
[[File:Update_Record_v1.0.JPG|centre|thumb|800x800px|Record update screen.]]<br />
<br />
When saving, remember to update all mandatory fields which are marked with a red asterisk in the form. If some mandatory content is missing, the system will warn by showing a textual message before the update form where the missing fields are reported. The ''User'' will then have the possibility to update and save again.<br />
<br />
'''Save & Next''' command opens a dialog form to choose the workflow transition to perform (and therefore the target status).<br />
<br />
[[File:SaveNext_v1.0.JPG|centre|thumb|800x800px|'''Save&Next''' dialog form.]]<br />
<br />
In the dialog form, the ''user'' shall select the transition to perform and the command to execute:<br />
<br />
* '''Cancel''' - to exit form the form without executing any transition;<br />
* '''Apply''' - to execute the selected transition without saving the record in the destination status (if a reload of the record data is done before saving, the status will remain unchanged);<br />
* '''Apply & Save''' - to execute the selected transition and save the the record in the destination status (if a reload of the record data is done, the status will will be the target one).<br />
<br />
Note that the '''Apply & Save''' command won't be enabled if mandatory fields are missing to save the record in the target status. In such a case, use the '''Apply''' command, fill the missing values and then save the record.<br />
<br />
In the ''Save & Next'' dialog box by clicking the <u>Transition Comment</u> tick box it is possible to enter a comment for the transition (e.g. the reason to perform it) which will be visibile in the history of the record.<br />
<br />
If the ''user'' is lost and doesn't know how to proceed (which are the next posible workflow statuses), the ''Explore Workflow'' command will help by opening the explorer workflow window (see the figure above).<br />
<br />
In this window, the workflow is graphically presented. Each rectangle represents a workflow status and arrows connect possible transitions. The current status is yellow, the past ones grey, the target ones red (if the ''user'' hasn't privileges on a transition needed to move the record in the target status) or green (if the ''user'' has the privileges to execute a transition moving the record to the target status). The form is interactive:<br />
<br />
* the ''user'' can see details about the roles and resources enabled to perform a transition by clicking on the <u>details</u> label on the same transition;<br />
* the ''user'' can recall the ''Save & Next'' dialog box by double clicking with the left mouse button on a green status (this will start the dialog box with a preselected transition).<br />
<br />
<br />
In the record, the ''user'' can move to the different content form by using the form selector (see the figure above). Depending on the type of record and the privileges of the 'user'', the visible form are:<br />
<br />
* <u>''General''</u> - containing the main information of the records;<br />
* <u>''Attachments''</u> - allowing to view or mange attachments;<br />
* <u>''Related Items''</u> - allowing to view and manage related records (e.g. ''risks'' related to a ''processing activity'');<br />
* <u>''Messages''</u> - allowing to view and manage messages (mails) which will remain related to the record;<br />
* <u>''History''</u> - showing the history of the changes performed for the record.<br />
<br />
=== Delete ===<br />
''Privacy management processes'' are designed with end of life statuses for records (e.g. cancellation or completion). Therefore, the physical cancellation of records should not be necessary. however, should there be a reason to physically delete a record, this is possible for ''users'' with administrative privileges from the settings management. Go to [[Settings]] for more information on how to deleted specific records.<br />
<br />
== Reports ==<br />
Available reports are accessible from the left application menu or via command buttons in the records.<br />
<br />
A main source for reporting is the export to excel functionality present in all ''views'' of data (see [[How_To#Menus_and_Views|Views]]). <br />
<br />
Additionally, ''dashboards'' are available (see [[How_To#Dashboards|Dashboards]]).<br />
<br />
== Search ==<br />
Teo main mechanisms support the search for record and information.<br />
<br />
* search tool;<br />
* views and grid filtering.<br />
<br />
=== Search tool ===<br />
The search tool is positioned in the top right corner of the application and it is shown in the picture below.<br />
<br />
[[File:Search_ENG_v1.0.JPG|centre|thumb|800x800px|Search tool.]]<br />
<br />
Before starting to search, it is necessary to set the search context among one of the possible values: "Text" or "Ticket". By default, "Ticket" is set if no value is entered.<br />
<br />
The "Ticket" search context assumes that the ''user'' is trying to access a record directly, by knowing its id (code). Therefore, just enter the id and press enter or the magnifier icon. If the corresponding record exists and the ''user'' has privileges to view it, the system will directly open the record form.<br />
<br />
<br />
The "Text" search context assumes that the ''user'' is searching a string text. Therefore, just enter the text and press enter or the magnifier icon. The system will present the list of the records where the text is found and the ''user'' will be able to access any by clicking on the list.<br />
<br />
=== Views and grid filtering ===<br />
By accessing and filtering views, it is possible to search and access records. See [[How_To#Menus_and_Views|Views]] for more information.</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=557Users & Groups2018-09-27T14:48:19Z<p>Cbisso: /* Add group */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item lists the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add New''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges as the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=556Users & Groups2018-09-27T14:04:15Z<p>Cbisso: /* Groups Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item lists the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add New''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=555Users & Groups2018-09-27T13:24:38Z<p>Cbisso: /* Groups Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item lists the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=554Users & Groups2018-09-27T13:20:13Z<p>Cbisso: /* Groups Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item lists the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller]]'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=553Users & Groups2018-09-27T13:18:52Z<p>Cbisso: /* Groups Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group''</b> menu item list the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller]]'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=552Users & Groups2018-09-27T13:03:02Z<p>Cbisso: /* Users Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u>, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group Management''</b> menu item list the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller]]'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=551Users & Groups2018-09-27T13:00:50Z<p>Cbisso: /* Users Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group Management''</b> menu item list the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller]]'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbissohttp://wiki.privacy-now.eu/en/index.php?title=Users_%26_Groups&diff=550Users & Groups2018-09-27T12:59:15Z<p>Cbisso: /* Users Management */</p>
<hr />
<div>==Users Management==<br />
New ''users'' can be created using '''''Add New''''' and choosing '''New User''' in the self service menu. <br />
Existing ''users'' can be update selecting <b>''Users & Groups Management / Users Management''</b> menu and selecting the record to manage from the list.<br />
Access to ''users'' creation and administration is limited to ''users'' having administrative role (see later).<br />
<br />
''Users'' shall be activated (in status "Active") to be operational. In other statuses, ''users'' are not active (they cannot login into Privacy-Now®) nor they are counted as licensed ''users''.<br />
<br />
''Users'' information are organized in five sections:<br />
<br />
* <u>''Tracking''</u><br />
* <u>''Identification''</u><br />
* <u>''Details''</u><br />
* <u>''Process Settings''</u><br />
* <u>''Password Management''</u><br />
<br />
The table below reports the fields and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''Tracking''</u>|| <u>Code</u> || Unique ''user'' identifier, automatically created by the system.<br />
|-<br />
|<u>''Tracking''</u>|| <u>Project/Service</u> || Environment identifier, corresponding to the organization owner of Privacy-Now® subscription and automatically managed by the system.<br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Type</u> || Record type identifier, automatically managed by the system. <br />
|-<br />
|<u>''Identification''</u>|| <u>Ticket Op Status</u> || Status of the ''user''. Possible statuses are "Inactive" (when initially created) or ''Active''. <br />
|-<br />
|<u>''Details''</u>|| <u>Name</u> || Name of the ''user''.<br />
|-<br />
|<u>''Details''</u>|| <u>Surname</u> || Surname of the ''user''<br />
|-<br />
|<u>''Details''</u>|| <u>Username</u> || Login name used to access Privacy-Now®.<br />
|-<br />
|<u>''Details''</u>|| <u>Email</u> || Email of the ''user''. <br />
|-<br />
|<u>''Details''</u>|| <u>Admin</u> || This field may have two possible values "Yes" or "No". If set to "Yes" the ''user'' has administrative privileges and can perform special tasks such as ''users'' and ''groups'' administration but also manage [[Settings#Introduction|settings]].<br />
|-<br />
|<u>''Details''</u>|| <u>Language</u> || The application interface language set for the ''user''. Supported languages are currently "English", "French" and "Italian". "Spanish" will come next.<br />
|-<br />
|<u>''Details''</u>|| <u>Timezone</u> || The time zone of the ''user'' who will see time accordingly.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Access Request Creator</u> || If set to "Yes", it enables the user to create new ''access requests''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Action Creator</u> || If set to "Yes", it enables the user to create new ''actions''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Audit Creator</u> || If set to "Yes", it enables the user to create new ''audits''.<br />
|-<br />
|<u>''Process Settings''</u>s|| <u>Consent Creator</u> || If set to "Yes", it enables the user to create new ''consents''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Data Breach Creator</u> || If set to "Yes", it enables the user to create new ''data breaches''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Privacy Impact Assessment Creator</u> || If set to "Yes", it enables the user to create new ''privacy impact assessments''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Issue / NC Creator</u> || If set to "Yes", it enables the user to create new ''issues / non conformities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Processing Activity Creator</u> || If set to "Yes", it enables the user to create new ''processing activities''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Risk Creator</u> || If set to "Yes", it enables the user to create new ''risks''.<br />
|-<br />
|<u>''Process Settings''</u>|| <u>Knowledge Item Creator</u> || If set to "Yes", it enables the user to create new ''knowledge items''.<br />
|-<br />
|<u>''Password Management''</u>|| <u>New Password</u>, <u>Old Password</u>, <u>Confirm New Password</u> || These fields work together, enter a new password in <u>New Password</u>, enter the previous password in <u>Old Password</u, confirm the new password in <u>Confirm New Password</u> and press '''CHANGE PASSWORD''' to change the ''user'' password. <br />
|-<br />
|}<br />
<br />
Note that when the environment is initially created, a ''user'' with administrative role is created and activated using subscription information. The access credentials of this ''user'' are sent by mail.<br />
<br />
For more information on how to manage the ''user'' record, visit [[How_To#Records_Management|records management]].<br />
<br />
==Groups Management==<br />
<br />
<b>''Users & Groups Management / Add Group Management''</b> menu item list the available ''groups'' and allows to manage ''groups'' (create, modify, delete). Only ''users'' with administrative privileges have the rights to perform ''group'' management.<br />
<br />
When a Privacy-Now® environment is created, a set of default ''groups'' are generated. They are:<br />
<br />
{| class="wikitable"<br />
! Group!! Description<br />
|-<br />
|<organization> - AUD || Designed to include the ''auditors'' ''users''.<br />
|-<br />
|<organization> - DC || Designed to include the ''data controller]]'' ''users''.<br />
|-<br />
|<organization> - DP || Designed to include the ''data processor'' ''users''. <br />
|-<br />
|<organization> - DPO || Designed to include the ''data protection officers'' ''users''<br />
|}<br />
<br />
In the table above, <organization> is to be replaced with the name of the organization used for Privacy-Now® subscription.<br />
<br />
Note that ''groups'' are only collections of ''users'' and that actual privileges are defined in process records (e.g. ''access requests'') by assigning a ''group'' to one of the available profiles (see process guides). <br />
<br />
The pre configured groups cannot be deleted but they can be renamed and modified in terms of belonging members.<br />
<br />
If Privacy process defined at ''Company'' level required the implementation of others roles, the ''Administrator'' can define all the other necessary Groups,to make the standard process complaint the company one using the <b>''Add Group''</b> function<br />
<br />
<br />
=== Add group ===<br />
<b>''Users & Groups Management / Add Group''</b> menu item enables to create a new ''group''.<br />
<br />
The table below reports the fields belonging to a ''group'' and a short description of them:<br />
{| class="wikitable"<br />
! Section !! Field !! Description<br />
|-<br />
|<u>''General''</u>|| <u>Name</u> ||The name of the group.<br />
|-<br />
|<u>''General''</u>|| <u>Description</u> ||A description for the group (e.g. its purpose).<br />
|-<br />
|<u>''General''</u>|| <u>Default</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''General''</u>|| <u>Status</u> ||Non editable, automatically managed by Privacy-Now®.<br />
|-<br />
|<u>''Members''</u>|| <u>Code</u> ||The ''user'' identifier of the member, not editable and automatically managed by Privacy-Now®. <br />
|-<br />
|<u>''Members''</u>|| <u>Full Name</u> ||Surname and Name of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>User Login</u> ||Login identifier of the member, not editable here because assigned in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>Group Manager</u> ||Used to identify and mark if the member of the ''group'' is the manager of the group. Actually, the manager will have the same privileges has the members.<br />
|-<br />
|<u>''Members''</u>|| <u>Type</u> ||Field not used.<br />
|-<br />
|<u>''Members''</u>|| <u>Status</u> ||Status of the member, not editable here because modified in ''user'' management.<br />
|-<br />
|<u>''Members''</u>|| <u>VIP Type</u> ||Field not used.<br />
|}<br />
<br />
In the <u>''General''</u> form, use '''SAVE''' or '''SAVE&EXIT''' to update the ''group''. Use '''DELETE''' to delete a ''group''.<br />
<br />
In the <u>''Members''</u> form see the figure below for the available commands.<br />
<br />
[[File:Groups_management_ENG_v1.0.JPG|centre|thumb|800x800px|Groups management controls and commands.]]<br />
<br />
=== Modify group ===<br />
Use <b>''Users & Groups Management / Groups Management''</b> menu item to see the list of available ''groups'' and click on the one to update. Modify using the features and commands described above in [[Users_&_Groups#Add_group|Add group]].</div>Cbisso