Skip to main content
Version: 6.5

GDPR

Introduction

GDPR stands for EU general data protection regulation. According to European Council, GDPR is the strongest privacy and security law in the world. When working in EU space, companies are obliged to respect and follow GDPR rules.

According to law, an individual has the right to find out what data an organisation is holding on this individual. Therefore, anyone can exercise their right to ask for data erasure by various means.

In order to respect GDPR rules and allow companies to pseudonymize or anonymize data when requested, Axelor created GDPR module.

The GDPR module comprises 2 distinct things: pseudonymization and the GDPR module itself, which uses pseudonymization.

Pseudonymization becomes available when the basic module is installed, and GDPR is activated when the GDPR module is installed.

The GDPR module

The GDPR module helps to manage :

1. Access rights:
This right allows you to find out what data an organisation holds on you. You can ask an organisation if it holds any data about you (website, shop, bank, etc.) and request that it disclose it to you in order to check its content." Source : CNIL

2. The right to be forgotten or otherwise known as the right to erasure:

You can exercise your right to erasure by various means: electronically (form, e-mail address, download button, etc.) or by post, for example. It is very important to indicate precisely what data you wish to delete." Source : CNIL

When a person makes a request, the right to be forgotten allows any record linked to the person who made the request to be pseudonymised.

It is also possible for users to have recourse to processing registers. Processing registers are automatic registers that either archive data or archive data with pseudonymisation. The data is no longer visible in the ERP.

Pseudonymization

Pseudonymization is a tool that aims to create pseudonymized databases.

Pseudonymization makes it possible to take a production database and convert it into a database of fake but consistent data.

info

Thanks to pseudonymisation, when a person asks for their account to be deleted, their name (or other information) will no longer be visible in the system.

However, the object will still exist, and any links it may have with other objects such as invoices/orders, will also remain.

Following pseudonymization, the surname and first name are removed and replaced by dummy values.

caution

Relationship anonymizer is added to GDPR module in version 7.1. It becomes possible to break the links between certains objects. New documentation on this functionality will be released soon.

Configuring pseudonymization

In AOS, pseudonymization replaces data with dummy data.

There are two menu entries for pseudonymization, Pseudonymization templates and Fields for Faker API :

  1. Access: Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates.

  2. Access : Application Config → Technical maintenance → Pseudonymization → Faker API fields.

The fields for the Faker API are used in the pseudonymization templates.

Configuring fields for the Faker API

The Axelor solution offers a list of pre-configured fields, however it is always possible to create new fields.

  1. In the Faker API Fields menu click +New.

  2. To create a new Field, you need to enter Class name and Method name (you can consult the class and method in the Faker Java library).

  3. Next, open the Java library (Java Faker). This library can be used to generate fake data. Click on the link hidden in the word "here" which will take you to the Java Faker technical documentation site.

  4. On Java Faker, find the Class (for example, Address), and then the Method (for example, City).

  5. Then click on a Class to access a Method. Copy and paste the Class and Method you are interested in onto the Fields form for the Faker API.

1.1. The available by default list of Fields for the Faker API. Click + to create a new Field.
1.1. The available by default list of Fields for the Faker API. Click + to create a new Field.
1.2. On the Faker API fields form indicate the class and method names. The class and method can be found in a Java Faker library. Click on “Here” for a link to the Java Faker site.
1.2. On the Faker API fields form indicate the class and method names. The class and method can be found in a Java Faker library. Click on “Here” for a link to the Java Faker site.
1.3. On the Java faker page, click on a Class in the All Classes list, and then select a Method (methods can be found in the Method Summary / Method and Description section).
1.3. On the Java faker page, click on a Class in the All Classes list, and then select a Method (methods can be found in the Method Summary / Method and Description section).

Once the fields have been configured to generate false data, it is possible to generate pseudonymization templates.

Configuring pseudonymization templates

The pseudonymization templates are used to create the dummy database and are useful for GDPR requests.

A list of pseudonymization templates is available by default, however it is always possible to create a new one.

1.1. The list of default pseudonymisation templates (Access : Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates).
1.1. The list of default pseudonymisation templates (Access : Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates).
  1. In the Pseudonymization Templates entry menu, click + to create a new template or click on an existing template to modify it.

Access : Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates.

  1. On the Pseudonymization Template form, define the template that the user wishes to pseudonymize (for example, partner / user / email address / address).

Each template has a different pseudonymization field for which you will need to create false data.

caution

Please note that if there is a need to pseudonymize the partner's first and last names using this pseudonymization template, don't forget to add fields to be pseudonymized such as "name", "Firstname", "fullName" and so on.

  1. To create a new pseudonymization line, click +New on the form. A new window called "Pseudonymization line" will appear. On this window, select the model to be pseudonymized and then select the field to be pseudonymized.

For example, select "Partner" as model, and then select "full name" as the field to pseudonymize.

info

The checkbox "Use fake data" is used to create consistent fake data.

For instance: if the user has selected a date as the field to be pseudonymised and has not activated the box, the date will be created randomly by default (for example, 1 January 1910). On the other hand, if the box is ticked, the date will be false but consistent.

  1. Following the activation of the "Use fake data" box, a new field named "Field for Faker API " will appear.
1.2. Access : Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates. Open a pseudonymization file or create a new one. On the Pseudonymisation Template file, select a Model to pseudonymize (for example, Partner). Click +New to add other elements.
1.2. Access : Application Config → Technical maintenance → Pseudonymization → Pseudonymization templates. Open a pseudonymization file or create a new one. On the Pseudonymisation Template file, select a Model to pseudonymize (for example, Partner). Click +New to add other elements.
1.3. Clicking on +New in Models to pseudonymize on the pseudonymization file will result in opening the Pseudonymizer Line window. There, select the model, define what field to pseudonymize (for example, full name) and, if there is a need, activate the “Use Fake Data” box. This box is used to create consistent fake data.
1.3. Clicking on +New in Models to pseudonymize on the pseudonymization file will result in opening the Pseudonymizer Line window. There, select the model, define what field to pseudonymize (for example, full name) and, if there is a need, activate the “Use Fake Data” box. This box is used to create consistent fake data.
1.4. When selecting a new model on the Pseudonymizer Line window, clicking on the magnifying glass icon will result in opening the Models window. Select a model. Repeat the same action with the Field to pseudonymize.
1.4. When selecting a new model on the Pseudonymizer Line window, clicking on the magnifying glass icon will result in opening the Models window. Select a model. Repeat the same action with the Field to pseudonymize.
1.5. Checking the “Use Fake Data” box will bring up a new field to fill in (Faker API field).
1.5. Checking the “Use Fake Data” box will bring up a new field to fill in (Faker API field).
note

Sometimes the user simply wants to apply the GDPR and consistency is of little importance to them. In this case, the "Use fake data" box will remain unchecked.

info

To create a new pseudonymization template, the elements must be configured one by one, but once the template has been generated, it will be reused as is (unless the user decides to modify it).

Configuring the pseudonymization template has no immediate impact in itself.

Application of the GDPR module

The GDPR module includes several functions:

-The processing register ;

-The access request (GDPR request) ;

-The deletion request (GDPR request).

To be able to use the GDPR functions, install the module first and then configure it.

Configuring the GDPR module

Access : Application Config → Apps management → GDPR, configure.

  • Field "Maximum days to respond": this field is used as an indication. In other words, once the request has been made, the user will know that he or she must respond within the specified timeframe. The person who submitted the request will know how long it will take to process it.

  • Field "Email template for access request response": select the response template once the data has been extracted. The email template can be configured in Application Config → Message → Template.

  • Field "Email template for erasure request response": select the response template once the data has been erased. The email template can be configured in Application Config → Message → Template.

  • Field "Pseudonymizer": select the template for the purpose of pseudonymizing the data when an erasure request has been made (for example, Pseudonymization base).

  • Table "Request origins" : the table shows the different origins of requests. By default, two origins are entered, "email" and "phone". It is possible to add other origins by clicking on "New".

1.1. Configuration of the GDPR module. 1) Maximum days to respond field ; 2) Email template for access request response ; 3) Email template for erasure request response ; 4) Pseudonymizer ; 5) Request origins ; 6) click on “+New” to add other origins ; 7) Search configurations ; 8) Relationship anonymizer ; 9) Elements to exclude from the access request.
1.1. Configuration of the GDPR module. 1) Maximum days to respond field ; 2) Email template for access request response ; 3) Email template for erasure request response ; 4) Pseudonymizer ; 5) Request origins ; 6) click on “+New” to add other origins ; 7) Search configurations ; 8) Relationship anonymizer ; 9) Elements to exclude from the access request.

Search configuration

When configuring GDPR on the application page, add other objects in the "Search configuration" section by clicking on "+New". Clicking on "New" will result in opening a new "Search configuration" window, where it's possible to add other objects.

For a better understanding of how this works, here's an example :

What happens when the user receives a deletion request from Mr X? Mr X, who has just made a GDPR request, may be present in several ERP records.

In order to find the different people in the existing records, configure the GDPR Module search. On the GDPR application page, in the "Search configuration" section, the default objects are "Lead " and "Partner ". It is also possible to add other objects by clicking on "+New".

When clicking on "+New", a new window "Search configuration" will appear. In this window, new fields can be added as you go along (for example, it's possible to have several keys / queries / matches such as Address, Email, Last Name, First Name etc).

info

Key - name of the key for the search engine;

Query - JPQL filter to add to the query;

Match - field displayed in the query result.

In total there are four search keys (Email / Phone / Last Name / First Name).

The configuration elements for the search will be found in the GDPR query.

1.1. Access : Application Config → Apps management → GDPR, configure → on GDPR app page, click on “+New” in Search Configurations section. New Search Configuration window will open, where it's possible to add other objects.
1.1. Access : Application Config → Apps management → GDPR, configure → on GDPR app page, click on “+New” in Search Configurations section. New Search Configuration window will open, where it's possible to add other objects.

GDPR request: the access request

If a customer has requested access to personal data, create a GDPR request file.

Access : GDPR → Request → New

On the request page there are four keys that were configured beforehand on the GDPR application page.

  1. Select the type of request (for example, Access).

  2. On the request form, indicate the last name / first name / email / phone number of the person in question.

  3. Enter the origin of the request (for example, email).

  4. Click on "Search".

  5. Consult the results in the results section.

info

Note that the Request date and Due sending date (i.e. deadline) are indicated on the GDPR request form. The dates can be configured on the GDPR application page (for example, here the deadline is 30 days).

  1. Select one of the results displayed in the list.

  2. Click on "Confirm".

  3. A file with all the data concerning this person will be created.

  4. Click on "send response". This reply will be sent to the email address, the one from the "reply email address" field. This email address is the one on the contact record of a person who made a request.

info

It's possible to download the file with the data, open it and decide which data is to send or to keep.

1.1. Access : GDPR → Request → New. On the request form select the type of request (Access) and its origin. Also enter the last name / first name / email / phone number. In the space on the right you will find the date of the request and the deadline for sending it. Then click on “Search”.
1.1. Access : GDPR → Request → New. On the request form select the type of request (Access) and its origin. Also enter the last name / first name / email / phone number. In the space on the right you will find the date of the request and the deadline for sending it. Then click on “Search”.
1.2. Once you have clicked Search, the Results table will display the results of the search. Select the third party and click on “Confirm”.
1.2. Once you have clicked Search, the Results table will display the results of the search. Select the third party and click on “Confirm”.
1.3. When clicking on “Confirm”, the file changes its status to “Confirmed”. The data file and the email address are displayed on the request form. Before sending the response, the data file can be consulted in order to extract and retain certain important information for the company. Check the email address to make sure it's the right one.
1.3. When clicking on “Confirm”, the file changes its status to “Confirmed”. The data file and the email address are displayed on the request form. Before sending the response, the data file can be consulted in order to extract and retain certain important information for the company. Check the email address to make sure it's the right one.

GDPR request: request for erasure

If a customer has requested the deletion of personal data, create a GDPR request file.

Access: GDPR → Request → New.

On the request file find the four keys that have been configured beforehand on the GDPR application page.

  1. Select the type of request (for example, Erasure).

  2. On the request file, enter the last name / first name / email / phone number of the person concerned.

  3. Enter the request origin (for example, email).

  4. Click on "Search".

  5. Consult the results in the results section.

info

Note that the date of the request and the deadline for submission are indicated on the GDPR request file. The dates can be configured on the RGPD application page (for example, here the deadline is 30 days).

  1. Select one of the results displayed in the list.

  2. Click on "Confirm".

  3. Following this action, the GDPR request changes status to "Confirmed". Consult the GDPR erasure logs which contain all the items to be deleted. Note that the third party name will be encrypted.

  4. Click on "Send a response". This reply will be sent to the email address (the one from the "reply email address" field). This email address is the one on the contact record of a person who made a request.

Please note that it's possible to download the file with the data, open it and check which data is to send or to keep. Not valid for deletion requests.

info

The fake data created by the pseudonymisation model will destroy the old data and then replace it.

caution

Axelor currently offers data pseudonymisation, not total data destruction.

Please note, when someone is requesting the data erasure, the company still has the right to keep invoices / delivery notes / accounting records or other documents that are required by law.

  1. Once the erasure request has been made on the GDPR request form, it will be impossible to find this person's file in Contacts (Application config → Referential → Contact).
caution

The pseudonymization template must be configured correctly so that the person becomes impossible to find in the system. If certain elements are not pseudonymized, they will be used as a search key.

For instance: if in the pseudonymization template the "full name" and / or the email address are not configured and therefore are not pseudonymized, these elements will make it possible to find the contact in AOS.

1.1 On the request form, select the type of request (erasure) and indicate its origin. Then fill in the last name / first name / email / phone number. Click on “Search” and then select a result if there are several. Click on “Confirm”. In the space on the right find the date of the request and the deadline for sending it.
1.1 On the request form, select the type of request (erasure) and indicate its origin. Then fill in the last name / first name / email / phone number. Click on “Search” and then select a result if there are several. Click on “Confirm”. In the space on the right find the date of the request and the deadline for sending it.
1.2. Erasure request file with status “Confirmed”.
1.2. Erasure request file with status “Confirmed”.
1.3. When the erasure request is confirmed, the third party's data will be pseudonymised. Note that the name of the third party is no longer legible. If the name is still displayed, this means that the pseudonymization template has not been correctly configured and does not contain the fullName / name etc. field to be pseudonymised. If the contact file is open in another tab, and at the same time the erasure request is being launched, the contact file will become unreadable after refreshing the page. Once closed, the deleted contact file will disappear from the contact list.
1.3. When the erasure request is confirmed, the third party's data will be pseudonymised. Note that the name of the third party is no longer legible. If the name is still displayed, this means that the pseudonymization template has not been correctly configured and does not contain the fullName / name etc. field to be pseudonymised. If the contact file is open in another tab, and at the same time the erasure request is being launched, the contact file will become unreadable after refreshing the page. Once closed, the deleted contact file will disappear from the contact list.

Deleted contact information is displayed on certain documents

The data on the deleted contact becomes illegible on an invoice that contains it (the name will be replaced by symbols).

However, when it becomes necessary to print this invoice, the last name and first name of the deleted person will be still present on the printed invoice.

The invoice is an item that may be requested by the authorities, and it is compulsory for it to include the person's first and last names.

Other documents such as bank orders or accounting entries may show data that has been deleted, when printed.

info

The difference between pseudonymisation and anonymisation is that when anonymization is applied, the links between the person and other objects such as an invoice or delivery note will be destroyed, which is not the case when pseudonymisation is applied.

With pseudonymization it is no longer possible to find the person in the system with the key information (last name, first name, email, telephone number), however certain legal elements when printed will display the 'deleted' information of the person in question.

Axelor currently only offers the pseudonymization function.

Processing register

Access : GDPR → Processing register → New

The Processing Register serves a purpose of archiving data.

Example: a company may receive a lot of external data, such as invoices. The company has a legal obligation to keep invoices for ten years. However, when using ERP, the user may not want to view all the invoices for the last ten years. In this case, you need to use the processing register.

info

The processing register can be used with many objects, not just invoices.

It is possible to archive an invoice manually, but the processing register offers mass archiving.

How to manually archive an invoice : in the list of invoices select an invoice and then click on "Archive" (this action is available by clicking on the triangle button at the top of the page).

In addition, it is always possible to find an archived invoice (or any other object) using the advanced search filters (click on "Show archive").

1.1 How to archive manually? Select an invoice from the list, and then click on the triangle icon at the top, then click on “Archive”. It's also possible to do so directly on an invoice file itself.
1.1 How to archive manually? Select an invoice from the list, and then click on the triangle icon at the top, then click on “Archive”. It's also possible to do so directly on an invoice file itself.
1.2. In order to find an archived document, click on Advanced Search and then tick the “Show Archives” box.
1.2. In order to find an archived document, click on Advanced Search and then tick the “Show Archives” box.

The processing register

Access : GDPR → Processing register → New

  1. On the Processing Register form, complete the necessary information.

  2. Indicate the length of the retention period (in months).

  3. Click on "New" to add a new item to the "GDPR processing register rule list" table.

  4. Following this action, a new tab "Processing Register Rule" will open. Select the model you wish to process (for example, Account).

  5. Define the rule (for example, createdOn).

  6. It is also possible to add a pseudonymization model in the "Pseudonymizer" field.

  7. Click on "Archive data".

  8. Click on "Activate".

  9. Click on "Run process".

  10. The "GDPR Processing Register Log" displays the data that has been processed.

It is always possible to find an archived object using the advanced search filters (click on "View archives").

1.1. The processing register file. Fill in the code, name and retention period. Add a Pseudonymizer. Click on “Archive data” to activate it. Add a new rule to the list of processing log rules by clicking on +New.
1.1. The processing register file. Fill in the code, name and retention period. Add a Pseudonymizer. Click on “Archive data” to activate it. Add a new rule to the list of processing log rules by clicking on +New.
1.2. When you click +New to add a new treatment register rule, you will be redirected to the new Processing register rule window.
1.2. When you click +New to add a new treatment register rule, you will be redirected to the new Processing register rule window.
1.3. When the processing register file is ready, click on the “Activate” button.
1.3. When the processing register file is ready, click on the “Activate” button.
1.4. GDPR Processing Register Log will display the data that has been processed. Click “Run process” in order to launch the processing register.
1.4. GDPR Processing Register Log will display the data that has been processed. Click “Run process” in order to launch the processing register.