Changes

||

|-

This feature will allow you to tailor highly specific security and data retention policies to different classes of data. You are able to apply any number of policies to a category.

* [https://gdpr-info.eu/art-30-gdpr/ (30)(1)(e) Categories of Personal Data]

* [https://gdpr-info.eu/art-25-gdpr/ (25)(2) Technical and Organisational Measures; demonstration of purpose]

||'''Data Retention Policies'''

||A data retention policy defines how ''long'' your organization will need to retain the data of this category in the system before it is erased. A data retention policy can be placed on any field in the system, and the erasure will be completely automated. Retention is based on the number of months or days after a specific date.

* (5)(1)(e) Storage Limitation

|-

||

A data security policy defines who can see and/or modify the data of this category in the system.

* (5)(1)(b) Purpose Limitation

* (5)(1)(f) Integrity and Confidentiality

||'''Pseudonymization'''

||

Pseudonymization allows for a nuanced approach to data management. Deleting a entire [[Profile|profile]] and all the data associated with a person is often unnecessary and will create gaps in [[Reports|reports]]. Utilizing pseudonymization enables you to render specific [[Standard Fields|fields]] unidentifiable, retaining the effectiveness of long-term reporting while meeting data retention requirements.

* (5)(1)(e) Storage Limitation

* (5)(1)(f) Integrity and Confidentiality

* (5)(1)(b) Purpose Limitation

|}