GDPR

Introduction

The General Data Protection Regulation (GDPR) has introduced a list of obligations in the processing of personal data in your software.

This regulation emphasizes 6 main principles:

• 1 - Only collect the data that is truly necessary to achieve your purpose.
• 2 - Be transparent
• 3 - Organize and facilitate the exercise of personal rights
• 4 - Set retention periods
• 5 - Secure data and identify risks
• 6 - Make compliance an ongoing process

You can find the complete list on the CNIL website

Recurring features

To ensure that your software complies with these regulations, we have capitalized on recurring practices.

Setting up consent forms

We can simply add a consent checkbox to any form. If the checkbox is not selected, the form cannot be validated.

During validation, the date of consent is automatically recorded.

Deletion or anonymization of data at the end of the retention period

Depending on your choices, we set up automatic deletion or anonymization tasks.

In practice, we generally implement a warning email to notify the user of his inactivity and the expiry date of the date of the automatic cleanup, giving them the opportunity to reconnect.

Once this deadline has passed without any action on the part of the user, the cleaning process is executed and a confirmation e-mail is sent.

SmartPlatform includes default email templates that you are free to modify.

This deletion or anonymization mechanism is also available via API.