Microbizz's GDPR handling can be set up in the User module, the CRM module, Task module, Project module and the Person module.
The GDPR handling allows to specify what should happen when a company expires. This is to prevent that you retain old data for employees that have left your company long ago.
Each company has an expiration date; when the date is reached the company is deleted or some of the company's data is cleared.
The company gives consent by accepting the GDPR consent agreement which you have created; they receive a mail or similar containing a link to the GDPR consent agreement. The agreement cannot be edited once it has been published.
Here you'll find the following settings:
- Default expiration period: When the company is edited the Microbizz will suggest an expiration this far into the future
- When expiring: What should happen when the expiration date is reached. Choose between one of the following:
- Do nothing
- Anonymize the selected data fields:
- When anonymizing data, also delete...: Specify which additional data that should also be deleted when the expiration date is reached
- Delete the task
- Users should give consent in regards to GDPR by default: If this is set then a GDPR content mail is sent automatically to the companies, otherwise the mail is only sent when you request it
- Mail text for requesting consent: This is the mail text that is included when a mail is sent to the company to request GDPR content
- Person data fields: These fields should be cleared when the expiration date is reached, this should be the fields containing sensitive personal data
The "Request consent from all" button this will request consent from all users.
When consent is requested for a company, a mail is sent to all the companies who do not have web access to Microbizz. The mail contains the mail text from above, and a link to the a web page where they can see the agreement and accept it.
For companies with web access to Microbizz a GDPR accept page will appear the next time they log in.
On the company search page you may select one or more companies and then select "Request GDPR consent again". On the same search page you can enable the columns "Version accepted" and "Version requested" to see which agreement version have been accepted/requested for the companies.
Edit consent agreements
You can have multiple consent agreements, but you can only edit the unpublished ones. When an agreement is published it may possibly be sent automatically to all relevant companies. When the companies go to see/accept the agreement, they will always see the latest published agreement.
When you publish an agreement it is given a version number. When the company accepts the agreement the version number is stored with the company.
Send test to me
The "Send test to me" button sends a test mail to you, so that you can see how the GDPR consent agreement looks.