About a month ago we described how Populi was preparing for the European Union’s General Data Protection Regulation (GDPR). Today we’d like to tell you about the updates we’ve made to accommodate the GDPR and help you comply with the burdens it puts on you.
We’ve added a few new tools to Populi that let you track “lawful basis for processing” and comply with the data portability requirements of the GDPR.
To help you keep track of lawful basis for data processing, we’ve given you two new tools:
- The new GDPR report in Admin helps identify people who may be EU citizens but for whom a lawful basis for data processing has not been recorded. It lists people who have EU citizenship, whose primary address is in an EU country, or whose home country is in the EU. You can then decide whether to start tracking lawful basis on a person-by-person basis.
- On Profile > Info, you can track lawful basis for a person under Other Info. If you set a person’s Citizenship field to an EU member nation, you’ll then have the option to add a data processing basis to her; Populi can also automatically track lawful basis by looking at certain events—for example, the person is given a user account.
We’ve also built a data export tool. The GDPR requires that you provide a way for a “data subject” (EU bureaucratese for human being) to retrieve a copy of all of the data you are storing about her. Your school’s Populi Account Administrator can send a data archive for any person in the system. Active users can also download their own personal data archives.
You can read all about these tools and how to use them in this article.
Data deletion policy
We’ve fine-tuned our data deletion policy to harmonize our legitimate need to retain certain kinds of data with the GDPR’s stipulations. Our “legitimate need” includes things like customer requests to restore deleted data and our use of anonymized statistics in developing Populi. Here’s how we now handle deleted data:
- When a customer deletes a person or other entity containing personally-identifiable information (an admissions inquiry, for example), it will be immediately inaccessible to the customer. We will retain the data for a period of time to make sure we can restore it if the customer so requests. After that time, the data will be permanently purged from our backups.
- When a customer deletes a person with an academic or financial record, it will be immediately inaccessible to the customer. However, we will retain the data in our backups in order to preserve the integrity of our database.
- Some data, rather than being deleted or purged, will be anonymized. For example, we need to retain records of logins. So, if you delete a person who has ever logged in, we will delete anything that can be used to identify that person—but we will retain the anonymous login stats that person generated.
- If a customer leaves Populi, we will delete and permanently purge their data after a period of time, except for certain kinds of anonymized data as described above.
Even without the European Union breathing down our necks, we’ve always put a premium on privacy, security, and your ownership of your data. Those things are foundational to Populi—in everything from our legal agreements to our internal policies to the services we provide. We’ve always viewed Populi as a lockbox you put your stuff in; if you ever want to leave, you give us back the box and you take your stuff wherever you want.
The GDPR is a far-reaching bit of regulation. It’s a dragnet meant to rein in the questionable practices of companies like Google and Facebook (to say nothing of numerous other shady operators) that also snags clean-nosed companies like Populi and organizations like our customers. The reaction to the GDPR in the web services industry has been uneven and confused; as evidence, have a look at your inbox and the torrent of GDPR-related emails you’ve received in the past two weeks. And if the industry is confused, we’re not surprised if you are, too.
If you have questions about GDPR and Populi, get in touch. We’ll be happy to help.