The General Data Protection Regulation (GDPR) is a legal requirement for the handling of personal data in the European Union (EU) and European Economic Area (EEA). Refer to General Data Protection Regulation for more information.
VertiGIS FM includes a tool to help your organization ensure it is compliant with GDPR in its handling of data in VertiGIS FM. You can access it on the GDPR administration page (Administration > Settings > GDPR).
GDPR Administration Page Access
Using the GDPR administration tool, you can set up rules to support privacy and data protection in VertiGIS FM. There are three types of rules VertiGIS FM can programmatically execute on any data objects in the database:
•Make anonymous: make the values of any properties in which a person or contact is selected unrecognizable after a specified amount of time.
•Delete: delete all instances of a data object from the database outright after a specified amount of time.
•Logging: create a log entry for a data object after a specified amount of time but leave the data records unchanged.
Create a Rule
You must create a separate rule for each object and each operation (delete, anonymize, or log). You can create a single rule to anonymize multiple properties associated with the same data object.
To Create a Rule
1.Navigate to the GDPR administration page (Administration > Settings > GDPR).
2.In the Configurations section, click the Add (
) icon.
3.In the Product menu, click the > button and double-click the product in which the data object for which you are creating a rule is managed (for example, VertiGIS FM Maintenance or VertiGIS FM Buildings).
4.In the Object menu that loads, click the > button and double-click the data object for which you are creating a rule.
5.From the Type drop-down menu, select the operation associated with the new rule (Delete, Make anonymous, or Logging). Refer to Rule Details for descriptions of how each operation works.
6.In the Deadline field, enter a number and a unit of time (days, weeks, months, or years) that indicates the amount of time after the event selected in the Reference Date field that you want the operation to occur.
7.In the Reference Date menu, click the > button and select a reference date. The reference date is a property associated with the data object whose value is a date. You do not select or manually enter a date for all instances of the object.
8.If you selected Make Anonymous in the Type menu, proceed to step 9. If you selected Delete or Logging, skip to step 10.
9.In the Properties section, select the properties (data fields) associated with the select Object that you want to anonymize.
You only select properties for a rule whose operation type is Make anonymous.
Refer to Rule Details for descriptions of all form fields.
10.Click Save and Close.
In the example below, the users selected in a device's Installer, Maintenance Contractor, Manufacturer, and Person fields will be anonymized 1 month after the date selected in the device's Start-up Date field.
Sample Rule for Anonymizing Device Contact Data
Field |
Description |
Example |
||||||
|---|---|---|---|---|---|---|---|---|
Product |
The VertiGIS FM product in which the data object associated with the rule is managed. |
VertiGIS FM Buildings VertiGIS FM Contracts VertiGIS FM Maintenance |
||||||
Object |
The data object whose data the rule will anonymize, delete, or log. |
Device Defect Building |
||||||
Description |
A description of the rule or why you are creating it. |
Delete all names stored in maintenance orders one year after the completion of the order, for regulatory and compliance reasons. |
||||||
Active |
Whether the rule is currently in effect. |
Yes No |
||||||
Type |
The operation the rule will perform.
|
Make anonymous Delete Logging |
||||||
Deadline |
The amount of time after the event selected in the Reference Date field that you want the operation to occur. |
3 days 2 weeks 1 year |
||||||
Reference Date |
The event that, with the amount of time entered in the Deadline field, determines when the operation will occur. You must select a property associated with the object selected in the Object menu in which a date is entered as the value. The date entered for each instance of the object determines that object's reference date. You do not select a single date for each instance of the data object. To ensure you are selecting the correct reference date, refer to the topic in this manual that documents the details page and all associated data fields for the data object for which you are creating a rule. |
Start-up date Planned date Expiry |
||||||
Filter expression |
A filter expression you want to use to limit the operation to certain instances of the object in the database. Contact support for assistance creating a filter expression. |
(IsStocktakingMandatory==true) |
||||||
Properties |
The properties associated with the object selected in the Object menu whose values you want to anonymize. You can only select properties in which a person or contact is selected as the value. This field is only relevant to rules whose operation Type is Make anonymous. |
Person Responsible Installer Manufacturer |
