Wrestling with GDPR and Data Protection Throughout Kentico 11 Editions – GDPR Rights
This is a last part of the three-part miniseries (here are the first and second article) focused on wrestling GDPR and data protection through Kentico 11 editions. We covered consents and their management, continued to the challenges stemming from dealing with the consent agreements, and have finally arrived at exploring the topic of GDPR rights.
We will focus mainly on the following GDPR rights: right to access, right for data portability, and the right to be forgotten.
Regardless of the GDPR rights we are planning to deal with, we need a place where we can access all the necessary information at once. In Kentico 11 EMS edition, there is the Data protection app that allows us to do just that. However, in lower editions like Ultimate or Base, there is no need to deal with those complex scenarios that include contacts and their activities.
In these versions, we only need to gather information about the visitors’ data that made it into the system. This could happen through submitting an online form, becoming a subscriber, registering as a user, or becoming a customer. There could also be some additional integrations with third-party systems synchronizing additional data as well.
So, it is time to create a module that is going to allow us to search for the data in the system, and process it accordingly.
The module could be named Data Protection Rights, and be very simple. It would only have one textbox and three buttons. The textbox would be used to enter the unique identifier (e.g., an email address), and by clicking one of the buttons, you would gather information about all related data in a human-readable format (the right to access), get data in a machine-readable format (the right to data portability), or erase the data if needed (the right to be forgotten). The data output would be displayed in a text area below the buttons and the textbox.
For a quick guide on how to create custom module in Kentico 11, please refer to our documentation here https://docs.kentico.com/k11/custom-development/creating-custom-modules/manually-creating-the-interface-for-custom-modules
The module interface could look like this:
It is a simple module interface created in the Modules app by linking a custom ASPX page that contains all three buttons, labels, textbox, and text area (in read-only mode). Then, the OnClick event handlers are generated for each of the buttons in the code-behind file to display a relevant data output in the text area element.
The Right to Access
If you have been eyeing GDPR for some time, you know that you have to be able to fulfill any data subject’s right to access. In other words, any of your users (or visitors) can ask you to provide them with a summary of all the data you have gathered about them.
This brings us to data searching. It is up to you what is going to be used as your unique identifier for searching relevant data, but in most cases, it is going to be the email address.
As soon as you are provided with an email address, you can use it to search your stored data. Depending on your website’s implementation, you may need to search for data records in such places as:
- Online forms
- Custom tables
- Newsletter subscriptions
- Consent agreements
- Other relevant places…
You would use the provided email address, combine the returned results into one output, and then display the final result in the “text area” element. Just remember that the above list is not definite. You might have other implementations in place, or use additional Kentico features such as forums, for example. Therefore, make sure that you are aware of your data flow (you can check Kentico 11’s default data-flow mapping in our documentation https://docs.kentico.com/k11/configuring-kentico/gdpr-compliance/personal-data-in-kentico).
Focusing back on the first item on the potential list above, you would use Kentico 11’s API to search through the form records in the system https://docs.kentico.com/k11/custom-development/miscellaneous-custom-development-tasks/working-with-form-data-using-the-api
As for the custom tables data, you could utilize the following API https://docs.kentico.com/api11/content-management/custom-table-data#Customtabledata-Loadingdatarecordsfromacustomtable
Furthermore, you might need to continue searching for data in newsletter recipients, users, customers, consent agreements, and even other places (depending on your website project’s implementation).
Once all data has been collected, you would display it in a human-readable format. The result could look like this:
The final output format should be consulted with your legal advisor, so that you can be sure it contains all the information and is compliant with GDPR requirements.
The Right for Data Portability
This GDPR right could be handled by the second button that would do exactly the same data search as the Access data button used in the right to access scenario, but additionally, it would display the result in XML format.
This format is commonly used for the import and export of data, and should be suitable in most scenarios.
Therefore, the only difference is the XML output format, which can be achieved in many ways, but one of the most convenient ways is to use the ASP.NET native XmlWriter class https://msdn.microsoft.com/en-us/library/system.xml.xmlwriter(v=vs.110).aspx
The result could look like this:
Once again, the difference is only in the format—the data is presented in the same scope as in the case of the right to access.
Nevertheless, the output can vary from website to website, and it is always good to consult it with your legal advisor to be sure the resulting output is in a compliance with GDPR.
The Right to Be Forgotten
This is the final GDPR right that we are going to cover in this article. In contrast to the previous two GDPR rights, this right is about data deletion. Once exercised by a data subject (e.g., a user), you need to make sure that all data that can be deleted is deleted.
However, in some cases, there might be legal requirements to keep certain data still in the system. For example, if you have an e-commerce site, your customers might ask you to delete all the data you have gathered about them, but it would be unwise to delete all their invoices right away. What if there was an audit to check your bookkeeping? Or a refund for a customer?
Therefore, this GDPR right is a very sensitive one, and you need to definitely discuss it with your legal advisor to be sure your deletion implementation is correct and aligned with legal and GDPR requirements.
Once assessed and well thought through, you can use Kentico 11’s API to delete the relevant data https://docs.kentico.com/api11
Wrestling with GDPR and data protection requirements is quite a challenge. However, regardless of how hard it seems to be, it definitely can be done!
Disclaimer: Every business has unique requirements, and even though we did our best to make GDPR compliance as easy as possible for you in Kentico 11, always discuss this topic with your legal advisor to ensure you are fully compliant.