[XTRF 8] [GDPR] How to erase (delete) personal data from Client/Vendor or their Contact Person profile?

Why erase personal data?


As much as everyone values and needs to build a rich and useful database of business partners, in order to run a successful company, they are sometimes required to erase some of it.


Among other reasons and regulations, GDPR, which takes effect on May 25th, requires companies to delete personal information upon request.


To comply with these requirements XTRF introduces a new method to erase the collected data of your clients, vendors, their contact persons and the users of your translation management platform.

Why is it an issue in the first place?


Having used XTRF, you probably know that it doesn't allow deleting entries, which have been involved in other parts of the system. For example, when a project is created for a client, their account cannot be deleted.


Similarly, if a vendor is engaged in a job, their details have been 'locked' in a different part of the database. There has been some work done in the project, files passed, Payables, notes and so on. You can’t just pull one piece out of the puzzle.


Above all, users who manage projects, create documents and are assigned to other roles in the system, cannot simply disappear from it.

How to comply with data erasing requirement?


Because some elements of the database cannot be deleted, XTRF will remove personal data by overwriting it. Having done this, the original data will not be available in your XTRF, which is the ultimate goal. You will not know who was the original company or person behind the anonymized profile.


XTRF will delete any details it can, leaving the fields empty. Mandatory fields will be populated with random strings of digits and keyword ‘erased’, so that you can easily identify and filter them out when browsing / reporting.


It is as if you manually changed all those fields with different values and got rid of those unwanted details.


Additionally, the anonymized Client, Vendor and Contact profiles will be deactivated.


Moreover, the changes will reach out to CRM items to remove the information about email recipients, and the History tab.


If you choose to delete related Personal Files, they will be removed.  


Finally, individual directories created on the XTRF server will be renamed according to new names given to your partners.


Erasing User personal data is done in a similar way. All values will be deleted from fields. For mandatory fields, the values will be anonymized, as they cannot be empty.


Notice that erasing personal data will not affect related Quotes, Projects, Invoices and other items in terms of their basic parameters (languages, specializations, jobs, dates, etc.). When you inspect those, you will find new Client, Vendor and Contact Person values wherever applicable. You will still be able to find the items and report on them, they are simply going to be done for and by anonymous partners. For example, just because you no longer store a client's name, it doesn't change the fact that you ran a project of a certain value at a given time. 


When it comes to invoicing, notice that client data will not affect an already produced document, which can be found in your database, until you run Refresh Client Data on it. It means you will be able to download the original invoice, until you manually bring the new, anonymized details onto it and it becomes an invoice for the anonymous client. 


Although erasing personal data is a one-time action on a given profile, you can edit it and bring back actual details manually. You can re-do the erasing multiple times.

How to perform data erasing?


If you need to, please make sure to experiment on selected items only. After the data is erased, there is no way to undo the action!


You can erase data from different levels, depending on the data type and how many accounts you wish to anonymize at the same time. You can find new action buttons within each Client, Vendor and Contact Person profile when using Edit mode – at the bottom of the screen.



There is also an option within the Delete action button within the Clients, Vendors and Contacts browse. It is available when you select at least one item on the respective browses.

 


Note that the right to use this action is bound with Delete action in user rights. 


No matter where you perform this action, XTRF will warn you about the consequences and provide an option to delete related files and subsequent Contact Persons (in case of Clients and Vendors). 



Once you confirm the choice, the action will be confirmed by an appropriate flash message. 



See also:

GDPR XTRF 8

Is this article helpful for you?