How to work with GDPR features
Easy Software takes personal data protection seriously. European regulation known as general Data Protection Regulation (GDPR) brings a number of challenges to all organizations and became one of the most resonated business topics. Our mission is to provide Easy Project clients and basically all Project community with a reliable software which allows fulfilling all duties of Data Processors efficiently. Easy Project is 100% GDPR-ready from version 1.3 (May 2018).
Table of contents
Contact and user anonymization
Contact and user anonymization feature allows you to quickly hide/erase sensitive data stored in selected custom fields in any type of Contacts (personal, company, account) and Users. Neither the contact/user nor any custom field is removed after activating this feature, just their data content become empty without the possibility of recovering original data any later. When a custom field is set as "Required", i.e. its content cannot be empty such as name, surname or e-mail address, the original data are automatically replaced with text string "Anonymized" (for a company/account contact) or "Anonymized Contact" (for a personal contact) or "Anonymized User" (for a user profile). The purpose of the feature is to satisfy possible clients' requirements to hide/erase their sensitive personal data as imposed by GDPR. The legislative says that you do not have to delete the data as you need them for understanding your customers in general. But such data cannot be linked with a particular person.
How to use the feature
First of all, you need to select which custom fields in Contacts and Users are considered sensitive and will undergo the anonymization process should your client ask for it. This is be done pretty easily in More » Administration » Custom fields » open subcategory "Contacts" or "Users" » edit a sensitive custom field. A checkbox called "Clear when anonymize" can be found in the bottom settings. When you tick the checkbox and save the settings, all data contents of this particular custom field will be erased immediately on those contacts/users that you later select for anonymization. Therefore, use the feature with caution to prevent unnecessary data loss.
This is how it looks like when the field "Contact's name" has been considered sensitive and selected contacts were anonymized. On the other hand, "address" field was not set to anonymize, therefore, it's visible.
Anonymized contact can be recognized not just from contact list but everywhere else too, such as in Sales activities.
This is how an anonymized contact looks in detail. Some fields are empty because there were anonymized.
In order to anonymize one contact or even more contacts in bulk, just select them from the list and click right mouse button to open context menu. Here you just select "Anonymize" option and confirm the assurance dialogue by clicking "OK".
In addition to Contacts, also Users can be anonymized by repeating the same procedure with right-click button.
Also, you can anonymize user by clicking the particular button in the sidebar of user profile.
This is detail of an anonymized user profile. Take notice that for user profiles with anonymized e-mail address, a new randomly generated e-mail address in the form of "...@anonymized.com" replaces the original one.
See the authentication settings.
See the authentication settings.
Special visibility for custom fields and contacts
This settings enables configuration of visibility of custom fields and default contact fields for selected users, user types and groups. For custom fields, this settings can be found in More » Administration » Custom fields » edit any existing custom field or create a new one. At the bottom of the screen, tick the checkbox "Special visibility" to show related setting options as follows:
User types - select which user types can see this custom field or leave blank to make it visible for all user types
Groups - select which groups can see this custom field or leave blank to make it visible for all groups
Users - select which users can see this custom field or leave blank to make it visible for all users
For Contacts, go to More » Contacts » Settings » Fields settings where you can edit the settings of default contact fields, such as Author, Last updated, First name, Last name, etc.
This is an example of Last name field settings. Here you again select the users, user types and groups allowed to see this field or leave blank to make it visible for all. Analogically, only data visible to a user can be exported.
Request and download logs
Go to More » Administration » Easy logs, select date for which you need a log and click on "Request" button to send request for the log. After couple of seconds try to reload the page to see if the log is prepared. If so, you can download it using the respective button in the list.
These settings allow to automatically log out a user from his current session after a specified time period. Go to More » Administration » Settings » Authentication » Session expiration where you can find two options:
Session maximum lifetime - the maximum time a user can be logged in a session independently on his activity
Session inactivity lifetime - the maximum time a user can be inactive before he is automatically logged out from a session
Contacts visibility can be configured for user types as well as for user roles. To set it up for user types, go to More » Administration » User types » select user type » Visible contact types. The selectable options are All, Account, Personal contacts, Partner, Supplier.
To set it up for user types, go to More » Administration » Roles and permissions » select a role » Contacts visibility. The selectable options are All contacts, Contacts created by or assigned to the user, Contacts created by user, Contacts assigned to the user.
Moreover, working with Contacts can be limited in many aspects simply by using the permissions for each role.