Below is a list of terms and definitions used in this documentation.

== A ==
* ''AC'': see Actions
* ''AR'': see Access Requests.
* ''Access Request'': a record which allows to manage the lifecycle of a request to access information on how ''personal data'' are managed by a data subject. A specific workflow in Privacy-Now® supports the lifecycle of ''access requests'' (see [[Access Requests]]).
* ''Action'': any activity performed by the ''organization'' in order to manage any other process supported by Privacy Now® (i.e. access requests, audits, consents, data breaches, issues, non conformities, privacy impact assessments, records of processing activities). Privacy Now® allows to record and support the lifecycle of ''actions'' with a specific workflow (see [[Actions]]).
* ''AU'': see Audit.
* ''Audit'': an inspection, either made by internal, external or independent resources (see ''auditors'') aimed at checking the status of ''personal data'' management system and activities. Privacy Now® supports audit activities with a specific workflow (see [[Audits]]).
* ''Auditor'': any resource, internal or external of an organization with auditing responsibilities on ''personal data'' management.

== B ==

== C ==
*''CO'': see Consents.
*''Consent'': the authorization (or denial) to manage ''personal data'' given by a ''data subject''. In Privacy-Now® ''consents'' lifecycle is supported by the consent management workflow (see [[Consents]] for more information).

== D ==
* ''Dashboard'': an information management tool that visually tracks, analyzes and displays key performance indicators (KPI), metrics and key data points to monitor the health of ''privacy management processes''.
* ''DB'': see Data Breaches.
* ''Data breach'': a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
* ''Data controller'': means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
* ''Data processor'': means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
* ''Data Protection Impact Assessment'': an assessment designed to help an organization to assess the risks associated with data processing activities that could compromise the rights and freedoms of individuals. In Privacy-Now® ''data protection impact assessments'' are managed using the ''privacy impact assessment'' workflow (see [[Privacy Impact Assessments]]).
* ''Data Protection Officer'': a data protection officer is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.
* ''Data subject'': a ''natural person'' whose personal data are managed by the ''organization''.
* ''DPA'': abbreviation for Data Processing Activity.
* ''DPA Owner'': the person in charge of managing one or more data processing activity records. This person has the privileges to change the content and status of the record.
* ''DPIA'': see ''data protection impact assessment''.
* ''DPO'': see ''Data Protection Officer''.

== E ==

== F ==

== G ==
* ''Group'': a set of people which can be assigned to a profile to grant specific privileges to manage a process (e.g. ''Actions'' management). See [[Users & Groups]] for more information on how to manage ''groups''.

== H ==

== I ==
* ''INC'': see Issues & Non Conformities.
* ''Issue'': an important topic or problem for debate or discussion related to ''personal data management''. A specific workflow in Privacy-Now® supports the lifecycle of ''issues'' (See [[Issues & Non Conformities]]).

== K ==
* ''Knowledge item'': a piece of information or a knowledge record concerning the protection of ''personal data''. ''Knowledge items'' can be added and managed by the ''users'' but some are by the team of Privacy-Now® and cannot be edited by the ''users''.
* ''Knowledge portal'': a functionality of Privacy-Now® which presents ''knowledge items'' organized in categories. In the portal, ''knowledge items'' are visible to the members of the ''group'' they are published to.

== L ==
* ''Login'': TBC

== M ==

== N ==
* ''Non conformity'': a deviation from the agreed policies and/or ''personal data'' management processes and procedures. A specific workflow in Privacy-Now® supports the lifecycle of ''non conformities'' (See [[Issues & Non Conformities]]).

== O ==
* ''Organization'': the organisation using Privacy Now® to manage ''data subjects''' ''personal data''.

== P ==
* ''PA'': see Processing Activities.
* ''Personal data'': it means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
* ''Personal data breach'': see ''data breach''.
* ''PIA'': see ''Privacy Impact Assessment''.
* ''Privacy Impact Assessment'': a systematic process which identifies and evaluates from the perspectives of all stakeholders the potential effects on privacy of a project, initiative or proposed system or scheme and which includes a search for ways to avoid or mitigate negative privacy impacts. In Privacy-Now®, ''privacy impact assessment'' are focused to assess the impact on ''processing activities'' (see ''data protection impact assessment'').
* ''Privacy management processes'': the processes and corresponding workflows automated by Privacy-Now® and aimed to support effective and efficient ''personal data'' management to achieve compliance against policies and regulations.
* ''Processing activities'': means any operation or set of operations which is performed on ''personal data'' or on sets of ''personal data'', whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Privacy Now® supports ''processing activities'' lifecycle with a specific workflow (see [[Processing Activities]]).

== Q ==

== R ==
* ''RI'': see Risks.
* ''Risks'': TBD
* ''Risks Analysis'': TBD

== S ==
* ''Save & Next'': basic function of the system that enable the ''User'' to save the ticket information and move the ticket status to the Next one. If more than one status is possible the ''User'' has to select the final status to be reach.
* ''Settings'': settings which can be updated for Privacy Now® service.

== T ==
* ''Treats'': TBD

== U ==
* ''User'': users of Privacy Now®.

== V ==

* ''View'': a list of records concerning a specific ''privacy management process''. It is possible to access to ''views'' from the left menu of the application. See also [[How To]] for more information on how to use ''views''.
* ''Vulnerability'': TBD

== X ==

== Y ==

== Z ==

2018-09-21T08:10:16Z

Fbertuletti: /* Related processes */

== Introduction to Issues / Non Conformities ==
This workflow provides the mean to manage the lifecycle of ''issues / non conformities''. An ''issue'' or a ''non conformity'' are different categorization of records but are managed in the same way by the same workflow.

== Workflow ==
A new ''issue / non conformity'' can be created using the '''Add New''' functionality and choosing "New Issue or Non Conformity".

The workflow enables to move ''issues / non conformities'' in several statuses as shown in the following picture.

[[File:Issues_non_Conformities_Workflow_ENG_v1.0.JPG|centre|thumb|800x800px|Issues / non conformities workflow and statuses.]]

The following table explains the meaning of each status:

{| class="wikitable"
! Status !! Description
|-
|Default || A temporary status when the ''issue / non conformity'' is initially created before the first save.
|-
|Draft || An ''issue / non conformity'' in this status is draft and it is not actioned.
|-
|Opened || An ''issue / non conformity'' in this status is confirmed and it is actioned.
|-
|Cancelled || ''Issue / non conformity'' cancelled. This is an end of life status.
|-
|Completed || In this status, all activities related to the ''issue / non conformity'' were completed and closure is expected after confirmation.
|-
|Closed || In this status, all activities related to the ''issue / non conformity'' are completed and confirmed. This is an end of life status, meaning no further status transitions are allowed.
|-
|}

== Information ==
''Issue / non conformity'' records are organized in three sections:

* ''Identification'', where identification data of the ''issue / non conformity'' are recorded,
* ''Ownership & Organization'', containing the assignment of the key roles enabled to manage the ''issue / non conformity'';
* ''Issue / Non Conformity Details'', with the details of the ''issue / non conformity''.

Detailed information on the meaning and use of every field can be found by pointing the mouse on the (i) next to each field. This will activate a tooltip with a brief description of the field.

Additional information can be found in the secondary forms of the record: attachments, related items, messages and history. See [[How To]] for more information.

== Privileges ==
''Issue / non conformity'' can be created by the ''users'' to whom the corresponding privilege is granted (see [[Users & Groups]] for more information on how to set this privilege).

The lifecycle of the ''issue / non conformity'' is managed by the roles described in the table below. ''Groups'' are pre assigned to the roles according to the ''settings'' (see [[Settings]] for more information on how to set these defaults). Initial assignments can be modified according to privileges choosing among the enabled ''groups'' (see once again [[Settings]] for more information on how to enable ''groups'').

{| class="wikitable"
! Role !! Description
|-
|DPO Group || Members of the ''group'' assigned to this role have full privileges. They can:
* transition records to any compatible status,
* update fields when possible,
* update ''data sources'' directly in record management.
|-
|Data Controller Group || Members of the ''group'' assigned to this role have view (read) privileges.
|-
|Data Processor Group || Members of the ''group'' assigned to this role have view (read) privileges.
|-
|Working Team || Members of this ''group'' have several privileges. They can manage the entire lifecycle, being enabled to:
* transition records to any compatible status,
* update fields when possible.
|-
|Audit Team || Members of the ''group'' assigned to this role have view (read) privileges.
|-
|Issue / NCOwner || This role can be assigned to a single user among members of the ''groups'' previously described. The Owner has several privileges:
* transition to any compatible status,
* update fields when possible.
|}

== Reports ==
The list of ''issues / non conformities'' can be filtered and exported to excel format from the ''view'' '''''Issues / Non Conformities'''''.

== Related processes ==
''Issues / non conformities'' can be related to ''actions'', ''audits'' , ''data breaches'', ''Privacy Impact Assessment'' and ''Risks''.

Fbertuletti:

Settings

2018-09-10T14:48:19Z

Fbertuletti:

==Introduction==
''Privacy-Now ®'' show in '''''Settings/Application Settings''''' the setting ticket.

The ''Privacy-Now ®'' work at different level.
* Company level
* Process Level

Process Level setting gain on Company level if defined. The process defined and describe in wiki are:
* [[Access_Requests|Access Requests]]
* [[Actions|Actions]]
* [[Audits|Audits]]
* [[Consents|Consents]]
* [[Data Breaches|Data Breaches]]
* [[Issue & Non conformities|Issue & Non conformities]]
* [[Privacy Impact Assessments|Privacy Impact Assessments]]
* [[Processing Records|Processing Records]]
* [[Risks|Risks]]

==Settings Management==
''Settings/Application Settings'' link open the ''Setting''Ticket.

Selecting the record shown, the ''Administrator'' can see and change the ''Settings'' Application properties.
The information are presented five sections:
* Trackings
* Settings
* Group Settings
* License Details
* Purchase History

The table below report the fields and a short description of them:
{| class="wikitable"
! Section !! Field !! Description
|-
|Tracking ||code||Automatically created by the system identify uniquely the record information
|-
|Tracking ||Project/Service||Project service created when the service is initialized
|-
|Tracking ||Ticket Type||Identify the process the information refer to. In our case "Settings"
|-
|Tracking ||Ticket Op Status||Each process on the system is based on a workflow. This field report current status value.
|-
|Tracking ||Subscription Id || Unique identfier of subscription. This vaule will be used also by renewal process.
|-
|Settings||Consent Matching Mail || This field contains the emails values read by the ''Consent process'' to load automatically the ''consent'' ticket
|-
|Settings||Consent Matching Mail || This field contains the emails values read by the ''Consent process'' to load automatically the ''consent'' ticket
|-
|Settings||Consent Subject Matching criteria || Used by the ''Consent process'', the ''User'' can select from two possible value: "Mail","Username". This information is used to identify the ''User'' the consent information belongs to comparing the "Mail" or the "Username" stored in Privacy-Now ® with the value present into the ''Consent'' mail.
|-
|Settings||Delete Ticket || The ''Administrator'' can cancel physically a ticket from database inserting a ticket number and selecting the command DELETE TICKET
|-
|Settings||Group Settings ||This section is quite important. Here the Administrator can model the behavior of each process, addressing there right ''role'', ''group of people'' to the right set of privileges. The table below shows the information reported in each fields:
{| class="wikitable"
! Field !! Description
|-
|Process || This selection enable the Administrator to select a specific process or Default. Default refer to Company level of setting. Click on the yellow folder to select one item from the list.
|-
|Load || This button ''load'' the existing information and load it on the ticket
|-
|DPO Default || This selection enable the ''Administrator'' to select which group will act as ''[[glossary|Data Protection Officer]]'' by default for the selected process or at company level
|-
|DP Default || This selection enable the ''Administrator'' to select which group will act as '[[glossary|Data Processor]]'' by default for the selected process or at company level
|-
|DC Default || This selection enable the ''Administrator'' to select which group will act as '[[glossary|Data Controller]]'' by default for the selected process or at company level
|-
|AUD Default || This selection enable the ''Administrator'' to select which group will act as '[[glossary|Auditor]]'' by default for the selected process or at company level
|-
|DPO View || This selection enable the ''Administrator'' to select which groups can be added to the default and act as ''[[glossary|Data Protection Officer]]'' for the selected process or at company level.
|-
|DP View || This selection enable the ''Administrator'' to select which groups can be added to the default and act as ''[[glossary|Data Processor]]'' for the selected process or at company level.
|-
|DC View || This selection enable the ''Administrator'' to select which groups can be added to the default and act as ''[[glossary|Data Controller]]'' for the selected process or at company level.
|-
|AUD View || This selection enable the ''Administrator'' to select which groups can be added to the default and act as ''[[glossary|Auditor]]'' for the selected process or at company level.
|}

|-
|License Details||License package|| Type of license subscribed. This information is automatically update by the license process renewal.
|-
|License Details||Licensed User|| Total Number of active ''User'' bought. This information is automatically update by the license process renewal.
|-
|License Details||Licensed Access Requests|| Monthly Number of ''Access Requests'' bought. This information is automatically update by the license process renewal.
|-
|License Details||Licensed Consents|| Monthly Number of ''Consents'' bought. This information is automatically update by the license process renewal.
|-
|License Details||Check License|| Button that enable the ''Administrator'' to perform a self-checking of license compliance.
|-
|License Details||Active Users|| Number of Active User calculated by Check License function
|-
|License Details||Monthly Access Requests|| Number of ''Access Requests'' calculated by Check License function
|-
|License Details||Monthly Consents|| Number of ''Consents'' calculated by Check License function

|}