PC SOFT

WINDEVWEBDEV AND WINDEV MOBILE
ONLINE HELP

Home | Sign in | English UK
  • Overview
  • Implementation
  • Defining the personal items
  • Starting the GDPR audit
  • Implementing the records of processing activities and printing the folder
WINDEV
WindowsLinuxUniversal Windows 10 AppJavaReports and QueriesUser code (UMC)
WEBDEV
WindowsLinuxPHPWEBDEV - Browser code
WINDEV Mobile
AndroidAndroid Widget iPhone/iPadApple WatchUniversal Windows 10 AppWindows Mobile
Others
Stored procedures
Overview
To simplify the identification and the tracking of personal data in a WINDEV, WEBDEV or WINDEV Mobile application, a new GDPR audit is available in version 23.
See GDPR: Concrete solutions for more details.
Implementation

Defining the personal items

The definition of personal items, affected by GDPR, is performed in the data model editor. To define the personal data:
  1. Open the analysis associated with the project in version 23 (Update 1 or later).
  2. If the entire data file includes personal data:
    • Display the description window of data file ("Description of data file" from the popup menu of file).
    • In the "Details" tab, check "Personal data (GDPR)".
    • Validate.
    All file items now include the "Personal data (GDRP)" option ("Advanced" tab of item description). This option is grayed and it cannot be modified.
    Note: If the "Personal data (GDPR)" option is unchecked at file level, it is unchecked for all file items.
  3. If an item corresponds to personal data:
    • Display the description window of items ("Description of items" from the popup menu of file).
    • Select the requested item.
    • In the "Advanced" tab, check "Personal data (GDPR)".
    • Validate.
  4. Generate the analysis.
Caution: Implementing the "GDPR" option in the analysis makes the analysis incompatible with the earlier versions. If the analysis is shared between several projects, once the "GDPE" option is implemented, this analysis can only be opened by a product in version 23 or later.
To define the personal data:
  1. Open the analysis associated with the project in version 23 (Update 2 or later). Open the analysis associated with the project.
  2. If a file item corresponds to personal data:
    • Select the file in the analysis graph (or in the "Analysis" pane).
    • Display the description window of items ("Description of items" from the popup menu of file).
    • In the table presenting the list of items, the "GDPR" checkmark is used to indicate whether an item contains personal data:
    • Check "GDPR" for the relevant items.
    • Validate.
  3. Generate the analysis.
Note: In the data file description window ("Details" tab), the option Enable the "personal data" option when creating items is used to specify that the "GDPR" option will be checked by default for any new item created in the data file.
The "GDPR" option can be unchecked at any time at item level if it is not required.
Caution: Implementing the "GDPR" option in the analysis makes the analysis incompatible with the earlier versions. This feature is available from version 23 Update 2. If the analysis is shared between several projects, once the "GDPE" option is implemented, this analysis can only be opened by a product in version 23 or later.

Starting the GDPR audit

To start the GDPR audit on the current project configuration:
  1. On the "Project" pane, in the "Audit and performances" group, expand "Edition audit" and select "Audit of personal data (GDPR)".
    Note: The GDPR audit can also be started from the data model editor: on the "Analysis" pane, in the "Analysis" group, click "GDPR audit".
  2. The window that is displayed includes several tabs:
    • Audit by data source: This view is used to find the entire data affected by GDPR as well as tips (encryption requirements, visibility, ...).
    • Audit by project element: This view is used to check the personal data accessed by an element (a window for example). This allows you to check (if necessary) the access requirement and to perform the modifications (deleting or checking the access for example. The elements based on a query containing data affected by GDPR are also listed.
Caution: The GDPR audit lists the uses of personal data for the current project (and project configuration), linked to the analysis for which the GDPR data was defined. If the analysis is shared between several projects, the audit must be performed in each project.
Reminder: The GDPR audit is used to find out the use of "personal" data defined in the analysis. To comply with the regulation, the personal data must also be secured. You can for example:
  • Encrypt data (for the HFSQL databases, all you have to do is specify it in the data model editor).
  • Protect the databases via identifiers: all you have to do is define users/passwords from the HFSQL Control Center.
  • Protect the opening of data files by password (HPass on HFSQL databases).
  • Encrypt the communications (HFSQL allows you to restrict the opening of connections to encrypted connections) and use SSL (https).
  • etc.

Implementing the records of processing activities and printing the folder

In the GDPR audit, the "Additional information" tab is used to:
  • Create or include a record of processing activities.
    To do so, expand and select the requested option:
    It is possible to:
    • select an existing record of processing activities ("Browse" option). All file formats can be used. The files in docx and xlsx format will be automatically opened and included in the printed GDPR folder.
    • create a record of processing activities (from a template or from an empty document).
  • Print the GDPR folder.
    All you have to do is click the "Print the folder" button.
    Note: If a record of processing activities was specified, it is included in the printed folder. This folder presents the description and use of items containing personal data in the project.
Minimum version required
  • Version 23
This page is also available for…
Comments
Click [Add] to post a comment