Categorizing fields for data privacy

For each field in the ref model, identify the Personal Data fields and set the rest as "Not Applicable"; Data privacy; GDPR

Ksawery Lisinski avatar
Written by Ksawery Lisinski
Updated over a week ago

Data privacy and coherence is a paramount of what we do at Elements, and we take it very seriously, you can learn how importantly we treat this subject from this article.

Article outline

  • Prerequisites

  • Overview

  • Smart validation

  • Manual categorization of Special Personal Data & Personal Data

  • Copying and pasting data privacy compliance data

  • "Bulk validation" changes of all "Unassessed" to "Not Applicable"

  • You might be also interested in

Prerequisites

  • You have to have at least Editors rights on Space level

Overview

Firstly, you need to create a Ref Model, either by sync with your Salesforce Org or by creating a Ref Model via a CSV import. Then "Enable Data privacy" categorization on this Ref Model from the DETAILS tab in the right panel.

Now that you have a Ref Model with all the fields from all the Objects/Lists/Databases, you need to categorize them:

  • Special Personal Data

  • Personal Data

  • Unassessed - Potential

  • Unassessed

  • Not Applicable

Smart validation

The first time you run the Salesforce sync, it will automatically categorize SOME fields for you for standard objects (Account, Contact, etc.).

TIP You are still responsible for reviewing and confirming every field.

If you have already connected your Org to Elements and you later decide to Enable Data Privacy, the automatic categorization will take place during the next scheduled sync. If you prefer not to wait, you can start an ad-hoc sync and the data will be available once the sync completes.

Manual categorization of Special Personal Data & Personal Data

You can then go through every field and - ONLY for those that are "Special Personal Data" or "Personal Data" - select the field Status from the dropdown and fill out the supporting information fields. Leave all those that are "Not Applicable" as "Unassessed" because you can change them all in a single click.

Once you categorize data as either "Personal" or "Special Personal" you will see extra fields to capture additional compliance information:

  • Retention period: specify the number of months or years for which you plan to hold this data 

  • Legal basis: choose from the dropdown explaining why you hold this data

  • Reason for legal basis: your reasons for keeping the data 

  • Needs to be encrypted: check this box if data needs to be protected 

  • Sources of data: choose resources from the library to specify where you get the data from

  • Recipients of data: choose resources from the library to specify where you send the collected data 

  • Additional notes: capture any additional, custom information you require

Copying and pasting data privacy compliance data 

You can quickly set compliance information for any data privacy-enabled node using the copy/paste functionality. Select a data privacy-enabled node, right-mouse click and select "Copy data privacy data". The data privacy settings for status and all additional fields will be copied from that node. 

Select a different data privacy-enabled node, right-mouse click and select "Paste data privacy data". All the compliance settings from the previous node are now applied to the selected one. 

"Bulk validation" changes of all "Unassessed" to "Not Applicable"

Once you have categorized every field that is "Special Personal Data" or "Personal Data", the rest of the fields can be marked "Not Applicable".

You can do this with one click. At the parent node level, right click and select "Data privacy- set Not Applicable". This will set every child node that is currently "Unassessed" to "Not Applicable". You will get a warning before you commit.

You might be also interested in

Did this answer your question?