GDPR Data Subject Requests Guide

Source:

Published:

Keywords: GDPR, Data Subject Requests, DSRs, PII, Certain, CertainAPP

Document ID: https://platform-support.certain.com/hc/en-us/articles/10901759065111#split1

Foreword

This document is a guide to responding to Data Subject Requests (DSRs) made under the General Data Protection Regulation (GDPR) where the data is held in your Certain database.

This document covers the rights granted to individuals under the GDPR.

The right of access to personal information

The right of access to personal information is the right for an individual to obtain a copy of their data in a standard format.

Certain standard reporting tools help you find and export the information held about any registrant or user. Certain standard reporting tools also help you email that information to the requester. See “View” Requests below.

The right to be forgotten

The right to be forgotten is the right for an individual to ask you to remove their personal data.

Certain “Anonymize” feature helps you remove all personally identifiable information. See “Delete” (Forget me) Requests below.

The right to rectification

The right to rectification is the right for an individual to ask you to rectify incorrect personal information held about them.

Certain helps you find and edit an individual’s details. Certain helps you email updated details to the requester as confirmation. See “Edit” Requests below.

Contents

Introduction

Three types of requests may be received from individuals who may have Personally-Identifying Information (PII) on file.

The “Forget Me” request type is a request to Delete their information.

The individuals concerned may be any of the following types.

The steps are similar for each request type and individual type. The steps are listed separately below. The steps for Registrants and Speakers are identical. All request types start with logging into the Certain App. All request types also start with navigating to the relevant account(s). The relevant account(s) are described next.

Logging In to Certain

1. Log in to Certain with your usual credentials. 2. Your user type must be at least “Registration and Support”. 3. The higher levels include “Event Planner” and “Administrator”. 4. Note: To use the Profile Anonymization feature described on page 10, you must be an Administrator. 5. You are automatically logged in to your account. 6. Follow the steps listed below in that account and in its active sub-accounts (if any). 7. To change accounts, click the account selector icon below the account name in the upper left corner. 8. Select a sub-account.

Registrants’ and Speakers’ Information

A “Registrant” is usually an “attendee” at one or more events. A “Registrant” may also be an exhibitor, staff member, or other person registered for an event.

A “Speaker” is a speaker at an event where the Speaker and Session management module is used.

The following steps assume you have logged into the relevant account as described above.

“View” Requests

To View a Registrant’s or Speaker’s Information

1. For the registrant’s or speaker’s profile record. 2. Click the Search icon on the global navigation toolbar in the upper right corner of the screen. 3. Choose to Profiles. 4. The Profiles page opens. 5. Search for the registrant using their Email address. 6. A list of matching records is displayed. 7. If your account is set to use unique email addresses, only one record is displayed. 8. Click the record to view the details.

To Export a Registrant’s Information

A) Create a Profile Report

1. Create an account-level Profile Report and include columns of interest. 2. Note: You only need to do this once for an account. 3. The same report becomes available for future use. 4. Click the menu icon in the top left corner of the screen. 5. Select Profiles in the list of options. 6. The Profiles page opens. 7. Click Reports, the only menu choice at the top of the page. 8. The Profile Reports page opens. 9. Click Create Report (in the upper right corner of the page). 10. The Report Setup page opens. 11. Give the report a name. 12. Optionally add a description. 13. These inputs become visible in the list of reports when you find and run the report in the future. 14. Under the Visibility heading, select the All Accounts option. 15. Selecting All Accounts makes the report available not only in the current account but also in any sub-accounts below it. 16. Under Report Type, select one of two options. 17. The default option is “Profiles”. 18. The detailed option is “Profiles and Registrations”. 19. A “Profiles” report includes name and address and other Personally Identifiable Information (PII). 20. A “Profiles and Registrations” report includes registration history across events. 21. You cannot change the report type after you have created the report. 22. Click Save the report.

2. Configure Display, Format, and Data Format

1. Select Display in the left navigation panel. 2. Select a Report Format such as “Export to .CSV”. 3. Select a Data Format such as the default “Output data as stored”. 4. Click Save the report again.

3. Select Columns

1. Click Columns in the left navigation panel. 2. Select the data to include in the report. 3. Select the appropriate fields in Available Data Fields on the left. 4. Click » to move fields into Selected Data Fields on the right. 5. Click Save the report again.

B) Run the Report for a Registrant

1. Select Filters in the left navigation panel. 2. At the end of the page, filter on the registrant’s or speaker’s email address. 3. Click Run Report (in the lower left corner of the page) to create the export file. 4. Download the report to share with the requester.

To Email a Registrant or Speaker Their Information

An alternative to using a report is to email their profile details to an individual.

A) Create an Email Template

1. In an event, go to Promote > Communication > Email Templates > Registration. 2. Click Add New to add a new email template. 3. Give the email a self-explanatory name of your choice. 4. Select the option to make the report “Visible to All events in account”. 5. Add all relevant Standard Profile Fields and Custom profile fields to the body of the email. 6. Do not include any event-level information. 7. Click Save the template.

B) Send the Email to the Profile

1. Open the registrant’s profile record. The opening method is described under “View” Request on page 3. 2. Click Email in the left navigation panel. 3. Select the email template and click Select. 4. At the bottom of the page, click Preview. 5. If satisfied with the result, click Send Email NOW. 6. The sending of the email is included in the profile’s History. 7. You reach the profile’s History via the left navigation panel.

“Edit” Requests

1. Open the registrant’s or speaker’s profile record. The opening method is described under “View” Request above. 2. Confirm the correct record is displayed. 3. Click the Contact Details header bar. Alternatively click Contact in the left navigation panel. 4. Edit relevant information. 5. Click Save. 6. Click Questions in the left navigation panel. 7. Edit relevant answers to profile custom questions. 8. Click Save. 9. The edits are included in the profile’s History log. The history log is described above for emails. (Page 9.)

“Delete” (forget me) Requests

Best Practice: Anonymize Profiles

You can “anonymize” Profiles in an account. This process removes personally identifiable information so the individual remains anonymous.

Note: An Administrator should follow this procedure.

This procedure is not available to Event Builders or other users.

In summary, you first identify the profile fields that hold Personally Identifiable Information (PII). You then configure replacement text. Defaults are pre-set for both.

After configuration, you can select profiles. You can then anonymize the selected profiles by clicking one button.

Detailed Steps

1. Go to User and Account Settings > Account Settings > Implementation > Privacy Compliance > Profile Anonymization. 2. Under Anonymize Profile Fields, select the Standard and Custom Profile fields for this Account. These fields are the fields that you want to anonymize when you select individual profiles in step 6. 3. Be sure to include all fields that could be deemed Personally Identifiable Information (PII). 4. Many standard profile fields, such as name fields and email, are preselected. 5. These preselected fields always remain anonymized. 6. The default anonymization string that replaces the values in selected profile fields of an anonymized profile is "**". 7. You can change the anonymization string to any text of your choice. 8. If you select Make Profile Inactive, anonymized profiles are also set to "inactive". 9. Inactive profiles are excluded from reports and searches. 10. Click Save your selections so you can use them when anonymizing profiles. 11. Under Profile Anonymization, select the Profile(s) to anonymize. 12. In the Search field, type at least 3 characters of their Email or Phone. 13. Alternatively, type the complete Encoded Profile ID beginning with "0x". 14. View the list of matching records. 15. Click a matching record to view profile details and confirm you have the right record. 16. Select the check box(es) for the profile(s) you want to anonymize. 17. Click Anonymize to update the selected profile(s). 18. The values of the fields selected in step 5 are set to the Anonymization String. 19. If Make Profile Inactive was selected in step 4, anonymized records are no longer returned in searches or reports. 20. Under Anonymized Profiles Audit Report, view a list of anonymized profiles in the account. 21. You can search for one by PkprofileId or Username.

Users’ Information

A “user” is anyone who is set up in CertainAPP with a user record.

To view another user’s details, edit a user record, or delete a user record, you must be logged in to Certain as an Administrator. Your own user account must have a User Type of “Administrator”.

“View” Requests

For a User to View Their Own Information

Any Certain user can view and edit their own information.

1. Go to User Information and Account Settings > User Information. 2. The “My User Information” page opens. 3. View or edit the information as required.

For an Administrator to View Another User’s Information

1. As an Administrator, go to Account Settings > Administration > Users. 2. In the ID field, enter the user’s email address. 3. Click Search. 4. Click the user’s row in the results. 5. This opens a page showing their details. 6. The only PII data is likely to be their name, email address (twice: as both Id and Email), and phone number.

“Edit” Requests

For a User to Edit Their Own Information

1. Open the user record as described under “For a User to View Their Own Information” above. 2. Edit fields as required. 3. Click Save.

For an Administrator to Edit Another User’s Information

1. Open the user’s record as described above under “For an Administrator to View Another User’s Information”. 2. Edit fields as required. 3. Click Save.

“Delete” (forget me) Requests

1. As an Administrator, open the user’s record as described above under “For an Administrator to View Another User’s Information”. 2. Clear the Active check box. 3. Clear out the Phone number. 4. Alternatively, replace the Phone number with anonymization text such as **” or “anon”. 5. The other PII fields Name and Email are required fields. 6. Instead of clearing Name and Email, enter appropriate anonymization text. 7. Note: The Email field must be in a valid email address format such as “anon@certain.com”. 8. Click Save the changes. 9. The user can no longer log in to Certain.