Difference between revisions of "Settings"
(→Application settings) |
(→Master data) |
||
| (72 intermediate revisions by 3 users not shown) | |||
| Line 26: | Line 26: | ||
|- | |- | ||
|'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship". | |'''''Settings/Data Sets/Access Requests/Relationships to Data Subjects'''''|| The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship". | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Access Request/Access Request Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. | ||
|- | |- | ||
|'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective". | |'''''Settings/Data Sets/Actions/Action Type'''''|| The type of action, for example "corrective". | ||
|- | |- | ||
| − | |'''''Settings/Data Sets/Consents/Consent | + | |'''''Settings/Data Sets/Consents/Consent Types'''''|| The type of the consent, for example the consent to send a newsletter. This table is very likely to be updated. |
|- | |- | ||
| − | |'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source | + | |'''''Settings/Data Sets/Consents/Consent Sources'''''|| The source of ''consent''. Could be a website name or the name of the company. |
|- | |- | ||
|'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person. | |'''''Settings/Data Sets/Consents/Consent Subjects'''''|| The subject giving the consent, typically a person. | ||
|- | |- | ||
|'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. | |'''''Settings/Data Sets/Consents/Consent Matching Mail'''''|| The email address of the recipient where the consent is sent. | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Data Breaches/Affected Personal Data Categories'''''|| The categories of subjects whose ''personal data'' are treated during the ''data breach'', for example "employees master data". | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Data Breaches/Data Breach Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail. | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Data Breaches/Authority Warning Schedule'''''|| This data set enable the ''user'' to set the plan the sent of warning mail to the Authority. | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Data Breaches/Type of Breaches'''''|| Identify the type of Breaches , for example "Security Breach". | ||
|- | |- | ||
|'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified. | |'''''Settings/Data Sets/Issues / Non Conformities/Issue Types'''''|| The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified. | ||
| Line 47: | Line 57: | ||
|'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer". | |'''''Settings/Data Sets/Processing Activities/Access Devices''''' || The devices which may be used when accessing ''personal data'', for example "personal computer". | ||
|- | |- | ||
| − | |'''''Settings/Data Sets/Processing Activities/ | + | |'''''Settings/Data Sets/Processing Activities/Applicable Regulations''''' || The regulation applicable to the processing activity. |
| + | |- | ||
| + | |'''''Settings/Data Sets/Processing Activities/Concerned Business Processes''''' || Processes concerned by this processing activity. | ||
|- | |- | ||
|'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre". | |'''''Settings/Data Sets/Processing Activities/Data Locations'''''|| The locations where the ''personal data'' can be stored during their processing, for example "New York data centre". | ||
| Line 55: | Line 67: | ||
|'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server. | |'''''Settings/Data Sets/Processing Activities/Data Repositories'''''|| The type of data repositories where ''personal data'' are stored during the ''processing activities'', for example a specific SQL database server. | ||
|- | |- | ||
| − | |'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'', for example "clients". | + | |'''''Settings/Data Sets/Processing Activities/Data Subjects'''''|| The types of data subjects whose ''personal data'' are treated during the ''processing activities'' or declared in ''Data Breach'', for example "clients". |
|- | |- | ||
|'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''. | |'''''Settings/Data Sets/Processing Activities/Data Types'''''|| The types of data, e.g. identification or judicial data, which are processed during the ''processing activities''. | ||
| Line 68: | Line 80: | ||
|- | |- | ||
|'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years. | |'''''Settings/Data Sets/Processing Activities/Retention Periods'''''|| The possible retention periods for the ''personal data'' which is processed, for example 10 years. | ||
| + | |- | ||
| + | |'''''Settings/Data Sets/Processing Activities/Special Data Categoris'''''|| The special data treated by a ''Processing Activity'' | ||
|- | |- | ||
|'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. | |'''''Settings/Data Sets/Processing Activities/Suppliers'''''|| The suppliers of data repository tools, access applications, access devises or connectivity. | ||
|- | |- | ||
| − | |'''''Settings/Data Sets/ | + | |'''''Settings/Data Sets/Risks/Control Lists'''''|| The list of control to implement and to take in account during the ''risks'' analysis. |
| + | |- | ||
| + | |'''''Settings/Data Sets/Risks/Risk Sources List'''''|| Person or non-human source that can cause a ''risk''. | ||
|- | |- | ||
| − | |'''''Settings/Data Sets/ | + | |'''''Settings/Data Sets/Risks/Threats List'''''|| List of possible ''threats''. |
|- | |- | ||
| + | |'''''Settings/Data Sets/Risks/Vulnerability List'''''|| List of ''vulnerability'' that threats can exploit. | ||
|} | |} | ||
| Line 83: | Line 100: | ||
Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges. | Application settings are accessible only by ''users'' with administration privileges (see below how to set them). The first ''user'' created when Privacy-Now® environment is created is set with administration privileges. | ||
| − | <b>''Settings/Application Settings''</b> link open the ''Setting'' | + | <b>''Settings/Application Settings''</b> link open the ''Setting'' of Privacy Now® service. |
Settings are organized in six sections: | Settings are organized in six sections: | ||
| Line 90: | Line 107: | ||
* <u>''Consents Settings''</u> | * <u>''Consents Settings''</u> | ||
* <u>''Group Settings''</u> | * <u>''Group Settings''</u> | ||
| + | * <u>''Notification Settings''</u> | ||
| + | * <u>''Utility''</u> | ||
* <u>''License Details''</u> | * <u>''License Details''</u> | ||
* <u>''Purchase History''</u> | * <u>''Purchase History''</u> | ||
| − | + | ||
| + | === Tracking === | ||
| + | These setting enable the ''User'' to identify the ''service name'' and the <u>Subscription id</u> they have subscribed and the current status of the ''service''. | ||
| + | |||
| + | Here is possible to upload a new logo for Privacy Now® service, by use '''BROWSE''' command. | ||
=== Consents Settings === | === Consents Settings === | ||
| Line 101: | Line 124: | ||
! Field !! Description | ! Field !! Description | ||
|- | |- | ||
| − | |<u> | + | |<u>Data Subject Matching criteria</u> || This field allow to define the criteria to match an incoming ''consent'' sent by mail with the existing ''consents'' in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). |
|- | |- | ||
| − | |<u>Consents | + | |<u>Consents Matching Mail </u>|| ''Consents'' can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the ''consents''. Emails in the inbox with other recipients will be ignored. |
| + | |} | ||
| + | |||
| + | ==== Consents Source Details ==== | ||
| + | This section allows to configure the mailbox to import ''consents'' in current Privacy-Now® environment. | ||
| + | |||
| + | The front-end web site shall be able to gather ''consents'' and send them to this mailbox as a structured email (see the paragraph dedicated to [[Consents#Consent Mail Structure and Procedure|Consent Mail Structure and Procedure]]). | ||
| + | |||
| + | Each correctly parsed email will generate one or more ''consents'' in current Privacy-Now® environment. | ||
| + | |||
| + | IMPORTANT WARNING: IS STRONGLY RECOMMENDED TO CREATE A BACKUP MAILBOX TO STORE ALL THE EMAIL (TO BE FORWARDED FROM MAIN MAILBOX) BECAUSE PRIVACY-NOW® WILL DELETE THEM DURING PARSING PROCESS. | ||
| + | |||
| + | {| class="wikitable" | ||
| + | ! Field !! Description | ||
| + | |- | ||
| + | |<u>Host</u>|| This field shall be filled with the mailbox server address. | ||
| + | |- | ||
| + | |<u>Port</u>|| This field shall be filled with the mailbox server port. | ||
| + | |- | ||
| + | |<u>Username</u>|| This field shall be filled with the mailbox login. | ||
| + | |- | ||
| + | |<u>Password</u>|| This field shall be filled with the mailbox password. | ||
| + | |- | ||
| + | |<u>Email</u>|| This field shall be filled with the email. | ||
| + | |- | ||
| + | |<u>Protocol</u>|| This field shall be filled with the mailbox server protocol (available: "POP3", "IMAP", "POP3S", "IMAPS"). | ||
|- | |- | ||
| − | |<u> | + | |<u>Status</u>|| This field contains values: "Active", "Inactive". When it will be saved in "Active": Privacy-Now® will start to download and elaborate all the email. |
|} | |} | ||
| Line 111: | Line 159: | ||
Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.). | Privacy-Now® has several profiles for ''user'' privileges. The profiles determines what ''users'' can do while executing processes (e.g. ''access requests'', ''consents'', etc.). ''Users'' can be assigned to ''groups'' and ''groups'' can be finally assigned to profiles in each record (e.g. ''access request'', ''consent'' etc.). | ||
| − | The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u> | + | The fields <u>DPO Profile</u>, <u>DP Profile</u>, <u>DC Profile</u>, <u>Auditors Team Profile</u> and <u>Working Team Profile</u> allow to define which ''groups'' the ''user'' will be able to see and select in each process. |
| − | The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u> | + | The fields <u>DPO Default</u>, <u>DP Default</u>, <u>DC Default</u>, <u>Auditors Team Default</u> and <u>Working Team Default</u> allow to define the default ''groups'' which will be set everytime a new record is created. |
The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc. | The above fields, shall be defined for each process/workflow, e.g. ''access requests'', ''actions'', ''audits'' management, etc. | ||
| Line 119: | Line 167: | ||
In order to update the fields for a process, perform the following steps: | In order to update the fields for a process, perform the following steps: | ||
| − | *Choose the process by setting the <u>Process</u> field | + | *Choose the process by setting the <u>GDPR Process</u> field |
*Load the set values for all the field by using the '''LOAD''' command | *Load the set values for all the field by using the '''LOAD''' command | ||
*Set the values for the fields | *Set the values for the fields | ||
| Line 125: | Line 173: | ||
Repeat the above steps for all the processes you need to configure. | Repeat the above steps for all the processes you need to configure. | ||
| + | |||
| + | === Notification Settings === | ||
| + | The table below report the settings fields available and a short description of their meaning: | ||
| + | |||
| + | {| class="wikitable" | ||
| + | ! Field !! Description | ||
| + | |- | ||
| + | |<u>Consents Warnings Recipients</u> || This field contains the emails addresses notified when ''consents'' warnings are triggered. | ||
| + | Is possible to select one or more ''group'' using field <u>Send Consent Warnings to Groups</u>: in this case all the members of selected ''groups(s)'' will be notified when ''consents'' warnings are triggered. | ||
| + | |- | ||
| + | |<u>Data Breach Warnings Recipients</u> || This field contains the emails addresses notified when ''data breach'' warnings are triggered. | ||
| + | Is possible to select one or more ''group'' using field <u>Send Data Breach Warnings to Groups</u>: in this case all the members of selected ''groups(s)'' will be notified when ''data breach'' warnings are triggered. | ||
| + | |||
| + | Is possible to select the ''owner'' of record as email address notified by click on option ''Send Data Breach Warnings to Owner''. | ||
| + | |- | ||
| + | |<u>Authority Warnings Recipients</u> || This field contains the emails addresses notified when ''data breach'' warnings for authority are triggered. | ||
| + | Is possible to select one or more ''group'' using field <u>Send Data Breach Authority Warnings to Groups</u>: in this case all the members of selected ''groups(s)'' will be notified when ''data breach'' warnings for authority are triggered. | ||
| + | |||
| + | Is possible to select the ''owner'' of record as email address notified by click on option ''Send Data Breach Authority Warnings to Owner''. | ||
| + | |- | ||
| + | |<u>Access Warnings Recipients</u> || This field contains the emails addresses notified when ''access request'' warnings are triggered. | ||
| + | Is possible to select one or more ''group'' using field <u>Send Access Request Warnings to Groups</u>: in this case all the members of selected ''groups(s)'' will be notified when ''access request'' warnings are triggered. | ||
| + | |||
| + | Is possible to select the ''owner'' of record as email address notified by click on option ''Send Access Request Warnings to Owner''. | ||
| + | |} | ||
| + | |||
| + | === Utility === | ||
| + | In this sections, special functionalities are grouped. | ||
| + | |||
| + | ==== Delete Record ==== | ||
| + | From records management (e.g. ''access requests'', ''consents'') physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal ''users'' cannot physically delete records. This can be done instead by ''users'' with administrative privileges with this tool. | ||
| + | |||
| + | To delete a record, simply enter the record code to be deleted in <u>Record Code to Delete</u> and launch the '''Delete Record''' command. | ||
| + | |||
| + | IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION. | ||
=== License Details === | === License Details === | ||
| Line 146: | Line 229: | ||
|<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month. | |<u>Monthly Access Requests</u>|| Number of ''access requests'' opened in the current month. | ||
|- | |- | ||
| − | |<u>Monthly Consents</u>|| Number of consents'' opened in the current month. | + | |<u>Monthly Consents</u>|| Number of ''consents'' opened in the current month. |
|- | |- | ||
|<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated. | |<u>Initial Activation Date</u>|| The date when the Privacy-Now® service was initially activated. | ||
| Line 157: | Line 240: | ||
In this section, the history of the purchase transaction is reported for control aims. | In this section, the history of the purchase transaction is reported for control aims. | ||
Every transaction is added after the last before. | Every transaction is added after the last before. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Latest revision as of 16:27, 31 October 2019
Contents
Introduction
This part of the guide covers some fundamental settings which are needed to work with Privacy Now®:
- Master data
- Application settings
Master data
Master data tables contain the sources data of the fields using single or multi choice options.
Master data tables are preloaded with initial values when the environment is initially created. These values can be later changed by users with the Admin field set to "Yes".
Editing of master data table can be done from the left menu Settings/Data Sets or directing from the records using the fields based on the master data (in both cases if the user has the required privileges).
The table below lists the master data tables and provides a short description of their content.
| Access menu | Description |
|---|---|
| Settings/Data Sets/Access Requests/Access Requests Types | The types of access requests, e.g. "Personal data deletion". |
| Settings/Data Sets/Access Requests/Communication Channels | The communication channels used to acquire the access request, e.g. "email". |
| Settings/Data Sets/Access Requests/Results Notification Methods | The communication channels to be used to communicate the results of an access request, e.g. "email". |
| Settings/Data Sets/Access Requests/Data Subject Types | The type of subject requesting the access request, e.g. "employee". |
| Settings/Data Sets/Access Requests/Relationships to Data Subjects | The type of relationship between the access request requester and the data subject representative, if any, for example "family relationship". |
| Settings/Data Sets/Access Request/Access Request Warning Schedule | This data set enable the user to set the plan the sent of warning mail. |
| Settings/Data Sets/Actions/Action Type | The type of action, for example "corrective". |
| Settings/Data Sets/Consents/Consent Types | The type of the consent, for example the consent to send a newsletter. This table is very likely to be updated. |
| Settings/Data Sets/Consents/Consent Sources | The source of consent. Could be a website name or the name of the company. |
| Settings/Data Sets/Consents/Consent Subjects | The subject giving the consent, typically a person. |
| Settings/Data Sets/Consents/Consent Matching Mail | The email address of the recipient where the consent is sent. |
| Settings/Data Sets/Data Breaches/Affected Personal Data Categories | The categories of subjects whose personal data are treated during the data breach, for example "employees master data". |
| Settings/Data Sets/Data Breaches/Data Breach Warning Schedule | This data set enable the user to set the plan the sent of warning mail. |
| Settings/Data Sets/Data Breaches/Authority Warning Schedule | This data set enable the user to set the plan the sent of warning mail to the Authority. |
| Settings/Data Sets/Data Breaches/Type of Breaches | Identify the type of Breaches , for example "Security Breach". |
| Settings/Data Sets/Issues / Non Conformities/Issue Types | The type of issue, i.e. an "issue" or a "non conformity". These values are unlikely to be modified. |
| Settings/Data Sets/Privacy Impact Assessments/PIA Reference Period | Th timeframe to which the privacy impact assessment refers to, for example "2018 Q4". |
| Settings/Data Sets/Processing Activities/Access Applications | The applications which may be used to access personal data, for example "web browsers". |
| Settings/Data Sets/Processing Activities/Access Connections | The connections which may be used when accessing personal data, for example "internet". |
| Settings/Data Sets/Processing Activities/Access Devices | The devices which may be used when accessing personal data, for example "personal computer". |
| Settings/Data Sets/Processing Activities/Applicable Regulations | The regulation applicable to the processing activity. |
| Settings/Data Sets/Processing Activities/Concerned Business Processes | Processes concerned by this processing activity. |
| Settings/Data Sets/Processing Activities/Data Locations | The locations where the personal data can be stored during their processing, for example "New York data centre". |
| Settings/Data Sets/Processing Activities/Data Processing Purposes | The purposes of data processing, for example "marketing activities". |
| Settings/Data Sets/Processing Activities/Data Repositories | The type of data repositories where personal data are stored during the processing activities, for example a specific SQL database server. |
| Settings/Data Sets/Processing Activities/Data Subjects | The types of data subjects whose personal data are treated during the processing activities or declared in Data Breach, for example "clients". |
| Settings/Data Sets/Processing Activities/Data Types | The types of data, e.g. identification or judicial data, which are processed during the processing activities. |
| Settings/Data Sets/Processing Activities/Extra EU Measures | The types of measures in place to mitigate the risks of extra EU processing activities, e.g. a "code of conduct". |
| Settings/Data Sets/Processing Activities/Lawful Basis for Processing | The lawful basis on which the processing of personal data is authorized, e.g. "legal obligations". |
| Settings/Data Sets/Processing Activities/Processing Activities | The types of processing activities performed during the processing of personal data, e.g. collection, adaptation, etc. |
| Settings/Data Sets/Processing Activities/Provision Agreements | The type of provision agreement with the suppliers of data repository tools, access applications, access devices, connectivity, for example a "software as a service" agreement. |
| Settings/Data Sets/Processing Activities/Retention Periods | The possible retention periods for the personal data which is processed, for example 10 years. |
| Settings/Data Sets/Processing Activities/Special Data Categoris | The special data treated by a Processing Activity |
| Settings/Data Sets/Processing Activities/Suppliers | The suppliers of data repository tools, access applications, access devises or connectivity. |
| Settings/Data Sets/Risks/Control Lists | The list of control to implement and to take in account during the risks analysis. |
| Settings/Data Sets/Risks/Risk Sources List | Person or non-human source that can cause a risk. |
| Settings/Data Sets/Risks/Threats List | List of possible threats. |
| Settings/Data Sets/Risks/Vulnerability List | List of vulnerability that threats can exploit. |
Application settings
This section concerns the preferences and settings which can be defined at application level for Privacy-Now®. These settings are accessible from Settings/Application Settings.
Application settings are accessible only by users with administration privileges (see below how to set them). The first user created when Privacy-Now® environment is created is set with administration privileges.
Settings/Application Settings link open the Setting of Privacy Now® service.
Settings are organized in six sections:
- Tracking
- Consents Settings
- Group Settings
- Notification Settings
- Utility
- License Details
- Purchase History
Tracking
These setting enable the User to identify the service name and the Subscription id they have subscribed and the current status of the service.
Here is possible to upload a new logo for Privacy Now® service, by use BROWSE command.
Consents Settings
These settings refer to consents management process. See the consents guide for more information on the process.
The table below report the settings fields available and a short description of their meaning:
| Field | Description |
|---|---|
| Data Subject Matching criteria | This field allow to define the criteria to match an incoming consent sent by mail with the existing consents in Privacy-Now®. After trying to match if the consent subject is found, the existing consent record is updated. If the consent subject is not found, a new consent record is created. This field may have one of the following two values: "Mail" (consent subject is matched using the email address), "Username" (consent subject is matched using the user name identifier, for example the login used by the consent subject to access a website). |
| Consents Matching Mail | Consents can be acquired from emails. With this field it is possible to define the recipients of the emails which will be checked to process the consents. Emails in the inbox with other recipients will be ignored. |
Consents Source Details
This section allows to configure the mailbox to import consents in current Privacy-Now® environment.
The front-end web site shall be able to gather consents and send them to this mailbox as a structured email (see the paragraph dedicated to Consent Mail Structure and Procedure).
Each correctly parsed email will generate one or more consents in current Privacy-Now® environment.
IMPORTANT WARNING: IS STRONGLY RECOMMENDED TO CREATE A BACKUP MAILBOX TO STORE ALL THE EMAIL (TO BE FORWARDED FROM MAIN MAILBOX) BECAUSE PRIVACY-NOW® WILL DELETE THEM DURING PARSING PROCESS.
| Field | Description |
|---|---|
| Host | This field shall be filled with the mailbox server address. |
| Port | This field shall be filled with the mailbox server port. |
| Username | This field shall be filled with the mailbox login. |
| Password | This field shall be filled with the mailbox password. |
| This field shall be filled with the email. | |
| Protocol | This field shall be filled with the mailbox server protocol (available: "POP3", "IMAP", "POP3S", "IMAPS"). |
| Status | This field contains values: "Active", "Inactive". When it will be saved in "Active": Privacy-Now® will start to download and elaborate all the email. |
Group Settings
Privacy-Now® has several profiles for user privileges. The profiles determines what users can do while executing processes (e.g. access requests, consents, etc.). Users can be assigned to groups and groups can be finally assigned to profiles in each record (e.g. access request, consent etc.).
The fields DPO Profile, DP Profile, DC Profile, Auditors Team Profile and Working Team Profile allow to define which groups the user will be able to see and select in each process.
The fields DPO Default, DP Default, DC Default, Auditors Team Default and Working Team Default allow to define the default groups which will be set everytime a new record is created.
The above fields, shall be defined for each process/workflow, e.g. access requests, actions, audits management, etc.
In order to update the fields for a process, perform the following steps:
- Choose the process by setting the GDPR Process field
- Load the set values for all the field by using the LOAD command
- Set the values for the fields
- Save the settings by using the SAVE command at the bottom of the form.
Repeat the above steps for all the processes you need to configure.
Notification Settings
The table below report the settings fields available and a short description of their meaning:
| Field | Description |
|---|---|
| Consents Warnings Recipients | This field contains the emails addresses notified when consents warnings are triggered.
Is possible to select one or more group using field Send Consent Warnings to Groups: in this case all the members of selected groups(s) will be notified when consents warnings are triggered. |
| Data Breach Warnings Recipients | This field contains the emails addresses notified when data breach warnings are triggered.
Is possible to select one or more group using field Send Data Breach Warnings to Groups: in this case all the members of selected groups(s) will be notified when data breach warnings are triggered. Is possible to select the owner of record as email address notified by click on option Send Data Breach Warnings to Owner. |
| Authority Warnings Recipients | This field contains the emails addresses notified when data breach warnings for authority are triggered.
Is possible to select one or more group using field Send Data Breach Authority Warnings to Groups: in this case all the members of selected groups(s) will be notified when data breach warnings for authority are triggered. Is possible to select the owner of record as email address notified by click on option Send Data Breach Authority Warnings to Owner. |
| Access Warnings Recipients | This field contains the emails addresses notified when access request warnings are triggered.
Is possible to select one or more group using field Send Access Request Warnings to Groups: in this case all the members of selected groups(s) will be notified when access request warnings are triggered. Is possible to select the owner of record as email address notified by click on option Send Access Request Warnings to Owner. |
Utility
In this sections, special functionalities are grouped.
Delete Record
From records management (e.g. access requests, consents) physical deletion is not possible. In other words, records can always be moved to one or more end of life status(es) where no changes are possible. however, normal users cannot physically delete records. This can be done instead by users with administrative privileges with this tool.
To delete a record, simply enter the record code to be deleted in Record Code to Delete and launch the Delete Record command.
IMPORTANT WARNING: IT WILL NOT BE POSSIBLE TO RESTORE THE RECORD CONTENT AFTER DELETION.
License Details
This section allows to view the details of the license active for the current Privacy-Now® environment.
| Field | Description |
|---|---|
| License Package | This field shows the type of subscription active. |
| Licensed User | This field shows the number of activated users (those in status "Active"). |
| Licensed Access Requests | Monthly number of access requests that it is possible to open. This numbers is depending on the type of subscription. |
| Licensed Consents | Monthly number of consents that it is possible to open. This numbers is depending on the type of subscription. |
| Check License | This commands launches a system check that refreshes the values of Active Users, Monthly Access Requests and Monthly Consents fields. |
| Active Users | Number of "users" currently activated (in status "active"). |
| Monthly Access Requests | Number of access requests opened in the current month. |
| Monthly Consents | Number of consents opened in the current month. |
| Initial Activation Date | The date when the Privacy-Now® service was initially activated. |
| Expected End Date | The date when the Privacy-Now® service will terminate. Access wont' be possible after this date. The environment and all data will be fully erased 30 days after this date. |
Purchase History
In this section, the history of the purchase transaction is reported for control aims. Every transaction is added after the last before.
