General Data Protection Regulation (GDPR) compliance

**AlexAv** · 06-11-2018, 09:35 AM

Yes we did since 5.2.0 version. https://www.espocrm.com/documentatio.../data-privacy/
Read more on the blog about EspoCRM GDPR Compliance

**rorosa** · 06-12-2018, 09:40 AM

But if the administration requires a document with all personal data EspoCRM should be able to generate a document with all personal data of database.

**tanya** · 06-12-2018, 09:47 AM

You can get personal data only for specific record in it's view. You can not get all personal data in the system in one place

**rorosa** · 06-12-2018, 06:07 PM

But the main job of DPO (data protection officer) is to get a report with all personal data of any system.

**AlexAv** · 06-13-2018, 02:22 PM

Are you taking about Personal Data or related data?

**rorosa** · 06-14-2018, 01:53 PM

It is a report with all fields and data with personal data. It means the ones you talk in the documentation and also if a new field created by the user contains personal data this should be also in that report. So you have to create something to mark a new field saying it is containing data for GDPR.

**tanya** · 06-14-2018, 02:02 PM

In Entity Manager in your custom field you can find the option Is Personal Data. If you check it, this field will be included in that report.

**rorosa** · 06-14-2018, 02:10 PM

OK, great. But that report will be available or it is? Many thanks!

**tanya** · 06-14-2018, 02:19 PM

it is

**rorosa** · 06-14-2018, 02:25 PM

A DPO needs this report agregated. Get it one by one is crazy.

**olamborelle** · 06-19-2018, 08:42 AM

Originally posted by rorosa

But if the administration requires a document with all personal data EspoCRM should be able to generate a document with all personal data of database.

Really? This sounds strange to me, that it should be so easy or even needed to generate "a print out" of all personal data. It sounds more probable that various people in the administration need to access various personal data.

Of course, A DPO should be able to report WHERE is WHAT data, but by a descriptive document, not a compilation of the data itself.

I would be genuinely interested to hear how/why the administration would need that..
Cheers,

General Data Protection Regulation (GDPR) compliance

General Data Protection Regulation (GDPR) compliance

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment