SAP Commissions : GDPR Process
What is GDPR?
As you have probably heard, the EU commission signed the General Data Protection Regulation (GDPR) back in April 2016. The legislation is designed to help companies handle efficiently the data challenges of the 21st century and give strict guidelines as to how to work with massive flows of digital information. It is set to protect sales users (data subjects) from malicious use and loss of their personal info and, also, to give people greater control over how their records are processed.
GDPR is taken effect on May 25, 2018.
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and is intended to synchronize data privacy laws across Europe, to safeguard and allow all EU citizens data privacy and to reform the way organizations across the region move toward data privacy.
This piece of legislation is to be enforced upon every firm that works with the personal data of EU citizens, not just businesses that reside in the EU.
When a sales representative leaves a company, there are a number of GDPR-related considerations that need to be taken care of. These include:
- Obtaining the former employee’s consent to continue processing their personal data. If the company wishes to continue processing the former employee’s personal data, such as for marketing purposes, they must obtain the former employee’s consent. This consent must be freely given, specific, informed, and unambiguous.
- Deleting personal data that is no longer necessary. The company must delete any personal data that is no longer necessary for the purposes for which it was collected. This includes personal data that is no longer necessary for the purposes of the employment relationship, such as contact information and performance reviews.
- Restricting access to personal data. The company must restrict access to personal data to those employees who need access to it in order to perform their job duties. This includes former employees who have been granted access to personal data for the purposes of transitioning to a new role within the company.
- Reporting data breaches to the former employee. If the company experiences a data breach that affects the personal data of former employees, they must report the data breach to the former employees as soon as possible.
Step 1: Enable Email Notifications for GDPR Process Job from Process Configuration
There are 3 business processes templates which will send a notification after updating the Notify users email ids
Enable Personal Data Purge Remainder, Started and Retention Period Change
Step 2: Enable Data Protection Policy Settings from Global Settings
Data Protection Policy
|Retention Period for Purge Jobs||
Set number of days which will consider older than today’s date for Purge
|Purge Frequency in Days||0 – Disabled
1 – Active
Days in Advance to send Purge Reminder Email
|Set number of days which will send a notification for the user to be considered for Purge|
|Next Purge Scheduled||Which will determine when is the next Purge Job is scheduled|
|Purge Security logs older than (days)||Logs will remain a certain number of days in Purge logs|
Purge Job consider based on below criteria
Sales Reps (Payee) : Triggers all terminated Payees for Purge
Admins : Last Login date based on Retention Period set
Note: Once Job is triggered, all the users considered for Purge Job will be final and cannot be reverted back or canceled state. There are no possible ways of bringing users back to Active.
Last Option: Database restore only (Not recommended)
All purged Users are in the below table for which job considered
select * from csi_userpurgemapping order by userseq asc
All Pugred users are in the below workspace while during the job is running
After Job is completed, Actual userId will be decrypted as it shown below
All Purged users are stored in the below table.
select * from csi_purgelog order by PURGEDUSERSEQ asc
Let’s see in Commission UI for Participant and Users Workspace as reference
Purged Sales Rep (Payee) shown from Commission > Participant Workspace
Purged User from Commissions > Users Workspace
Once Users are disabled, they cannot log in to UI as shown
Exception process for users to be blocked from Data Protection Purge Job
( Home Page > User Administration > selective User > Enable) as shown in below screenshot