Skip to main content
Version: 8.2

GDPR

Introduction

The GDPR app comprises 2 distinct things: pseudonymisation and the GDPR app itself, which uses pseudonymisation. Pseudonymisation becomes available when the Base app is installed, and GDPR is activated when the GDPR app is installed.

Pseudonymisation

The aim of pseudonymisation is to create pseudonymised databases. Pseudonymisation makes it possible to take a database in production and convert it into a dummy but coherent database.

info

With the help of pseudonymisation, when a person asks for their account to be deleted, their name (or other information) will no longer be visible in the ERP.

However, the object will still exist and any links it may have with other objects such as invoices/orders, will also remain.

Following pseudonymisation, the first and last names are removed and replaced by dummy values.

The GDPR app

caution

The following links that cite the source on GDPR are provided by French Data Protection Authority (Commission nationale de l'informatique et des libertés). The original website is in French, however, you can mechanically translate it with the help of a browser.

The GDPR app enables you to manage :

  1. Access rights : this right allows you to find out what data an organisation holds on you. You can ask an organisation if it holds any data about you (website, shop, bank, etc.) and request that it disclose it to you in order to check its content. ‘_ Source : CNIL

  2. The right to be forgotten or otherwise known as the right to erasure: you can exercise your right to erasure by various means: electronically (form, e-mail address, download button, etc.) or by post, for example. It is very important to indicate precisely what data you wish to delete. ‘_ Source : CNIL

When a person makes a request, the right to be forgotten allows any record linked to the person making the request to be pseudonymised.

It is also possible for users to use processing registers. Processing registers are automatic registers that either archive data or archive data with pseudonymisation. The data is no longer visible in the ERP.

Configuring pseudonymisation

In AOS, pseudonymisation replaces data with the dummy data. There are two menu entries for pseudonymisation, Pseudonymisation templates and Fields for the Faker API:

  1. Access: Application config → Technical maintenance → Pseudonymization → Pseudonymization templates.

  2. Access : Application config → Technical maintenance → Pseudonymization → Faker API Fields.

The fields for the Faker API are used in the pseudonymisation templates.

Configuring fields for the Faker API

Access : Application config → Technical maintenance → Pseudonymization → Faker API Fields.

The Axelor solution offers a list of pre-configured fields, however it is always possible to create new ones.

  1. In the Faker API Fields menu click +New.

  2. To create a new Field, enter a Class name and a Method name (the class and method can be consulted in the Faker Java library).

  3. Next, you need to use the Java library (Java Faker). This library can be used to generate fake data.

tip

Here: click on the link hidden in the word ‘here’ which will take you to the Java Faker website so that you can find classes and methods.

Java documentation: click on the link hidden in the phrase ‘Java documentation’ for TimeUnit syntax.

  1. On Java Faker, find the Class (for example, Address), and then the Method (for example, City).

  2. Then click on a Class to access a Method. Copy and paste the class and method you are interested in onto the Fields form for the Faker API. Once the fields have been configured to generate false data, it is possible to generate pseudonymisation templates.

Configuring pseudonymisation templates

The pseudonymisation templates are then used to create the dummy database.

A list of pseudonymisation templates is available by default, but it is always possible to create a new record.

  1. In the Pseudonymisation Templates entry menu, click + to create a new record or click on an existing record to modify it.

Access: Application config → Technical maintenance → Pseudonymisation → Pseudonymisation templates.

  1. On the Pseudonymisation Template form, define the template that the user wishes to pseudonymise (for example, partner / user / emailaddress / address). Each template has a different pseudonymisation field for which you will need to create false data.
caution

Please note that if you later wish to pseudonymise the partner's first and last names using this pseudonymisation template, you will need to add pseudonymisation fields such as ‘name’, ‘Firstname’, ‘fullName’, etc.

  1. When you need to create a new pseudonymisation line, click +New on the form. A new window called ‘Pseudonymisation line’ will appear. On this window, select the template that will be pseudonymised and then select the field to be pseudonymised. To select the template, you can search for it in the window.
info

The ‘Use fake data’ checkbox is used to create consistent fake data.

For example: if the user has selected a date as the field that is going to be pseudonymised and has not ticked the box, the date will be created randomly by default (for example, 1 January 1910). However, if the box is ticked, the date will be false but consistent.

  1. Once the ‘Use fake data’ box has been activated, a new field called ‘Faker API Field’ will appear.
note

Sometimes the user simply wants to apply the GDPR and consistency is not very important to them. In this case, the ‘Use fake data’ box will remain unchecked.

info

In a new pseudonymisation template, the elements must be configured one by one, but once the template has been generated, it will be reused as is (unless the user decides to modify it). Configuring the pseudonymisation template has no immediate impact in itself.

Using the GDPR app

The GDPR app includes several functions:

  • The processing register ;

  • The access request (GDPR request) ;

  • The deletion request (GDPR request).

To be able to use the GDPR functions, you need to install the app and then configure it.

Configuring the GDPR app

Access : Application config → Apps management → GDPR, configure.

  • Maximum days to respond: this field is used for informative purposes. In other words, once the request has been made, the user will know that he or she must respond within the specified timeframe. The person who submitted the request will know how long it will take to process it.

  • ‘Email template for access request response’: select the response template once the data has been extracted. The mail template can be configured in Application config → Message → Template.

  • Email template for erasure request response: select the response template once the data has been erased. The mail template can be configured in Application config → Message → Template.

  • Pseudonymizer: select the template for the purpose of pseudonymising the data when an erasure request has been made (for example, Pseudonymisation base).

  • Request origins: the table showing the different origins of requests. By default, two origins are entered, ‘email’ and ‘phone’. Add other origins by clicking on ‘New’.

Search configuration

When you are on the GDPR application page, you can also add other objects in the ‘Search configuration’ section by clicking on +New. You will then be redirected to the new ‘Search configuration’ window where you can add other objects.

To better understand how this works, here's an example:

What happens when the user receives a request for deletion from Mr X? Mr X, who has just made a GDPR request, may be present in several ERP records.

In order to find the different people in the existing records, you need to configure the GDPR app search. On the GDPR application page, in the ‘Search configuration’ section, the default objects are ‘Lead’ and ‘Partner’. You can also add other objects by clicking on ‘New’.

If you click on ‘New’, a new ‘Search configuration’ window will appear. In this window, new fields can be added as you go along (for example, you can have several keys/queries/matches such as Address, Email, Last name, First name etc).

info

Key - name of the key for the search engine;

Query - JPQL filter to add to the query;

Match - field displayed in the query result.

In total there are four search keys (Email / Phone / Last Name / First Name).

The elements of the search configuration will be found in the GDPR request.

GDPR request: the access request

If a customer has requested access to personal data, a GDPR request form must be created.

Access: GDPR → Request → New.

On the request page there are four keys that have been configured beforehand on the GDPR application page.

  1. Select the type of request (for example, access).

  2. On the request form, enter the surname/first name/email/phone number of the person concerned.

  3. Enter the origin of the request (e.g. email).

  4. Click on ‘Search’.

  5. Consult the results in the results section.

info

Note that the date of the request and the deadline for sending it are indicated on the GDPR request form. The dates can be configured on the GDPR application page (for example, here the deadline is 30 days).

  1. Select one of the results displayed in the list.

  2. Click on ‘Confirm’.

  3. A file with all the data concerning this person will then be created.

  4. Click on ‘Send a reply’. This reply will be sent to the email address entered in the ‘reply email address’ field. In other words, it will be the email address allocated to the contact of the person who made the request.

info

You can download the file with the data, open it and check which data you want to send or keep.

GDPR request: erasure request

If a customer has requested the deletion of personal data, a GDPR request form must be created.

Access: GDPR → Request → New.

On the request page there are four keys that have been configured beforehand on the GDPR application page.

  1. Select the type of request (for example, erasure).

  2. On the request form, enter the surname/first name/email/phone number of the person concerned.

  3. Enter the origin of the request (e.g. email).

  4. Click on ‘Search’.

  5. Consult the results in the results section.

info

Note that the date of the request and the deadline for sending it are indicated on the GDPR request form. The dates can be configured on the GDPR application page (for example, here the deadline is 30 days).

  1. Select one of the results displayed in the list.

  2. Click on ‘Confirm’.

  3. Following this action, the GDPR request changes status to ‘Confirmed’. You can also consult the GDPR deletion logs which contain all the items to be deleted. You will also notice that the third party name is now encrypted.

  4. Click on ‘send a reply’. This response will be sent to the email address entered in the ‘response email address’ field. In other words, it will be the email address allocated to the contact of the person who made the request. Please note that it is possible to download the file with the data, open it and check which data should be sent or kept.

caution

Not valid for deletion requests.

info

The dummy data created by the pseudonymisation model will destroy the old data and then replace it.

caution

Axelor currently offers data pseudonymisation, not total data destruction.

Please note that the company from which the person is requesting the deletion of data has the right to keep invoices / delivery notes / accounting records or other documents that are required by law.

  1. Once the deletion request has been made on the GDPR request form, it will be impossible to find this person's form in Contacts (Application config → Repository → Contact).
caution

The pseudonymisation model must be configured correctly so that the person becomes impossible to find in the system. If certain elements are not pseudonymised, they will be used as a search key.

For example: if the ‘full name’ and/or the email address are not configured in the pseudonymisation model and are therefore not pseudonymised, they will be used to find the contact record in the ERP.

Deleted contact information is displayed on certain documents

The information on this contact becomes illegible on the form of an invoice that contains a contact that has been deleted following a GDPR request. For example, its name is now replaced by symbols. However, when it becomes necessary to print this invoice, the surname and first name of the deleted person will still be present on the printed invoice.

The invoice is an item that may be requested by the authorities, and it is compulsory for it to include the person's first and last names. Other documents such as bank orders or accounting entries may show data that has been deleted during printing.

info

The difference between pseudonymisation and anonymisation is that when anonymisation is applied, the links between the person and other objects such as an invoice or delivery note are destroyed, which is not the case when pseudonymisation is applied.

With pseudonymisation, it is no longer possible to find the person in the system using key information (surname, first name, email, telephone number), although certain legal elements will display the person's ‘deleted’ information when printed.

Axelor currently only offers pseudonymisation functionality.

Processing register

The Processing Register is used to archive data.

Example: a company may receive a lot of external data, such as invoices. The company has a legal obligation to keep invoices for ten years. However, when using ERP, the user may not want to view all the invoices for the last ten years. In this case, you need to use the processing register.

info

The processing register can be used with many objects, not just invoices. It is possible to archive an invoice manually, but the processing register offers mass archiving.

To archive an invoice manually, for example, select an invoice in the list of invoices and then click on ‘Archive’ (this action is available by clicking on the triangle button in the top bar). In addition, it is always possible to find an archived invoice (or any other object) by using the advanced search filters (click on ‘Show archives’).

The processing register

Access : GDPR → Processing register → New.

  1. On the Processing Register form, complete the necessary information.

  2. Indicate the retention period (in months).

  3. Click on ‘New’ to add a new item to the ‘Gdpr processing register rule list’ table.

  4. Following this action, a new ‘Processing register rules’ window will open. Select the model you wish to process (e.g. Opportunity).

  5. Define the rule (for example, expectedCloseDate).

  6. You can also add a pseudonymisation model in the ‘Pseudonymiser’ field if you wish to pseudonymise certain elements.

  7. Click on ‘Archive data’.

  8. Click on ‘Activate’.

  9. Click on ‘Run process’.

  10. ‘GDPR Processing Register Log’ will display the data that has been processed. It is always possible to find an archived object using the advanced search filters (click on ‘Show archives’).