Skip to main content
Version: 2023 R2

GDPR

The tab allows you to define a current process as a Personal data dictionary, i.e. a personal data source for other processes.

A personal data dictionary is a suitably configured process or data source. Values retrieved from a personal data dictionary and entered in form fields are regarded as personal data in light of the GDPR regulation.

A proper configuration of a personal data dictionary and the form fields that retrieve data from it is necessary for correct operation of the data anonymization mechanism. The configuration enables the system to find form fields in all workflow instances. As a result, the mechanism finds all system locations populated with values from a given instance and removes them if removal of a specified personal data dictionary item is required (right to be forgotten).

The relation between the personal data dictionary and processes that utilize it as a data source requires additional configuration in each form field designated as storing personal data (the Style and behavior tab).

drex_Process_RODO_screen.png

Process is a personal data dictionary

This option designates the current process as a source of personal data for other processes. A relation between the Personal data dictionary and a process which uses such a dictionary as a data source requires additional configuration in every from field marked as containing personal data. Once configured, such a relationship allows the system to trace which instance of a Personal data dictionary the form field obtained its value from. Thanks to this, actions that delete or modify (anonymize) personal data will be able to locate all places that obtained data from a specific ‘Personal data dictionary’ instance.

Personal data removal action configuration

This parameter defines the mode in which personal data is modified. Actions (that clean personal data) are activated for a specified instance of a Personal data dictionary. All form fields that hold values originating from the specified instance will be modified.

  • Anonymize – personal data undergo anonymisation, form field values will be changed to be unrecognizable.
  • Delete – a worklfow instance containing personal data is deleted completely from the content database. Access to this instance will not be possible. Selecting the Delete option purges the entire workflow instance, regardless of the Cleaning mode settings for other form fields in the instance.
  • Do not change – the cleaning actions will not modify the values, they remain accessible.

Clean personal data in workflow instance history – if checked, the form field history (historical data) also undergo cleaning.

info

To learn more about GDPR settings, read the ARTICLE available in the WEBCON Community website.