Technical documentation - Storage of Personal Data
- Mattias Löfstrand
Signifikant platform may be configured to store selected personal data on users. This article describes what information is stored and how this information may be retrieved, eg for usage in GDPR compliance.
The Signifikant platform may handle users and customers and may be configured according to:
User database turned off - no personal data is stored.
User database turned on, organisations function turned off - user data is stored according to below.
User database turned on, organisations function turned on - customers are stored and the users belonging to those customer are stored.
On top of the above basic configuration it is possible to decide to not use selected fields.
Legal notice
It is the sole responsibility of the company using the Signifikant platform to ensure stored data complies with national and international laws and regulations related to Data Protection of Personal Data. This article describes what may be stored in the Signifikant platform and shall be used as a base to ensure company complies with regulations and laws.
Note on Google Analytics
Turning on Analytics functionality will reveal usage data to Google Analytics. Ensure to review recent rulings with respect to GDPR to ensure you comply with GDPR laws, if applicable.
Data stored
User data
Personal data is only stored if user database functionality is turned on. If user user database functionality is turned off, no personal data is stored. The below table describes what may be stored if database functionality is turned on.
Field | Comment |
|---|---|
User name |
|
User's first and last name | Two text fields |
User's title | Configurable field |
Email address |
|
Phone number |
|
Delivery address(es) | Address may be stored on user. If organisations function turned on, addresses of customer will replace addresses of user. |
Billing address(es) | Address may be stored on user. If organisations function turned on, addresses of customer will replace addresses of user. |
Customer organisation | If organisations function turned on, may point to a customer. |
Reseller | May point to a reseller for the user. If organisations function turned on, customer's reseller will replace reseller of user. |
Last login | Date time. |
User disabled | Not allowed to sign in. |
Last password change | Date time. |
First login | Date time. |
Terms and conditions | User has accepted terms and conditions. |
Permissions | User’s access to functions and data. |
Customer data
If organisations function is turned on, the below information may be stored on organisations.
Field | Comment |
|---|---|
Customer name | Name of a company |
Organisation number | Company's registered number, e.g. organisation number or tax number. |
Customer number | Clients customer number. |
Country |
|
Delivery address(es) |
|
Billing address(es) |
|
Phone number |
|
| |
Fax |
|
Web address |
|
Order history
If Signifikant platform is configured to save orders and order history, placed orders and saved orders are stored. Each order will have a reference to the user placing or saving the order.
API logs
Calls to back end APIs are logged with user name and customer name, request and response, see Log archive (API logs). API call log entries are automatically purged within a set time frame (default 30 days).
Functions
The following functions exist to support managing personal data.
Function | Description |
|---|---|
Admin/Deactivate user | Administrator of Signifikant platform may deactivate users. A deactivated user will remain in the database and no information is deleted. |
Admin/Delete user | Administrator of Signifikant platform may delete users. A selection of data may still remain, see below. |
MyProfile/Delete | User may delete himself. A selection of data may still remain, see below. Requires configuraiton to be turned on. |
MyProfile | User may see all data stored under MyProfile, except order history which is shown in a separate function. Requires configuraiton to be turned on. |
MyOrders | User may see all orders stored under MyProfile, both placed orders and saved orders. Requires configuraiton to be turned on. |
Deleting user
If user or admin deletes user the following will happen:
Option 1: If user has accepted terms and conditions
User will be deactivated.
The following user data will be deleted: user's title, email address, phone number, delivery and billing addresses, last login, password, last password change.
User's saved orders will be deleted if organisations function is turned off.
User's placed orders will not be deleted.
User's user name, name, company and reseller will not be deleted.
User’s API calls will not be deleted. API calls are automatically purged within a set time frame (default 30 days).
Option 2: If user has not accepted terms and conditions
User will be deleted.
User's saved orders will be deleted.
User's placed orders will not be deleted.
User’s API calls will not be deleted. API calls are automatically purged within a set time frame (default 30 days).
Version 4.3
This function is available in version 4.3 and later.
Analytics tools
Signifikant platform may provide tags which may be used by analytics tools as Google Analytics to generate tracking information. Signifikant Platform does not store any such information, but ensure to review settings in analytics tool to comply with GDPR.
Google Tag Manager: How to add Google Tag Manager to Web-viewer
Google Analytics: Technical documentation - Search Engine and Analytics configuration