Kentico EMS 11 and GDPR

Have you heard the news yet?

Kentico 11 is out with major improvements like effective email building, greatly expanded eCommerce capabilities and data protection (GDPR) enhancements being just some of the key new features.

GDPR - The new General Data Protection EU Regulation

Compliance enforcement is less than a month away (25th May 2018) so GDPR compliance must be one of top priorities for businesses and organisations who collect and/or process personal data in the European Union.

Kentico EMS 11 has introduced a new tool to help you achieve website compliance as easily as possible.

The new 'data protection' admin application gives you the key tools to quickly manage consents and process right to be forgotten, right to access and data portability requests.

Consents

Each consent allows you to configure specific short and long text versions for what the consent entails. The short version can be displayed on the website using the dedicated 'cookie law and tracking consent' web part. The long version is generally displayed on the 'privacy policy' page (using a macro) where a 'revoke' button is also displayed to allow the user to easily withdraw each individual consent.

Forms

Every time a user submits personal data through a form on your website (e.g. contact forms, newsletter subscriptions, account registrations, etc.) the user must also give explicit consent to allow you to store and/or process this data. Kentico 11 allows you to easily create consents that can then be assigned to each form on the website. 

Tracking and Cookies  

GDPR states you cannot refuse a user access to your service/website if the user does not consent with processing data collected that is not essential for the service itself. For example, if a user visits an e-commerce website to purchase a product and the website says that they cannot complete the sales process if they don’t consent for the website to track their web browsing behaviour - that's because the only information the website needs to collect is the information essential to complete that purchase, such as the user's name, surname or address and not the user's browsing behaviour. Kentico 11 allows you to present users with a tracking consent agreement that is genuinely an opt-in consent (rather than an opt-out) and makes sure no web analytics tracking is done without the user's consent first.

 

Right to access and right to be forgotten

Under Irish law (Data Protection Acts 1988 and 2003) and now under GDPR, users of your website are entitled to request access to their personal information or make a request to have it updated or deleted.

Kentico 11 provides an easy to use tool where you can enter the user's email address to discover if there's any data stored against the user's profile. The data can be exported in XML format and sent to the user. 

If the user requests to have their data removed, Kentico 11 provides a similar tool to just as easily delete all the data collected by the system (e.g. consents, contact profile, contact forms, newsletter subscriptions, activities, e-commerce orders, etc.) associated to the user's email address. 
 


Data portability

Similar to the right to access tool, the data portability tool allows you to export all the user data in XML format including even some other system related data like database ids.

 

See how we can help you with your next project

Get in Touch
Daniel Baratu - Backend Developer

Daniel Baratu - Backend Developer

Backend Developer