The problem with complying with GDPR with multiple systems.
business is using multiple systems. For some legacy or bespoke software it may by nigh on impossible to extract, let alone delete an individuals information.
One software package to bind them all together.
One software vendor to provide the tools comply with these requests is Mamut software which is one of the most affordable enterprise systems on the market.
The developers of this solution have put a lot of thought into not only the technical problems of how to achieve compliance, but also how the user would implement any subject access request. With all this in mind, they have developed a series of scripts to allow for amendments at the backend tables. This makes it difficult to change the database by mistake, as there are a series of validations and questions prior to executing the operation. In testing a number of the scripts myself I have found that they do what they say on the tin and very quick to execute. (within seconds). The scripts allow you to either anonymise or delete data from the database, depending on the type of record you wish to amend.
Control all your data for Subject Access Requests?
Listed below are the available scripts and how each script works for dealing with Subject Access Requests:
1. Anonymise contact information on invoice and attachment lines
This script deletes data in the Customer Name, Invoice Address, Delivery Address, Their Reference, and Reference fields, for Invoices and Credit Notes before the specified date. In the ledger, the description for all attachments with a type of Outbound Invoice, Outbound Credit Note, and Bank are deleted before the specified date.
2. Delete all contacts where the contact has not been active after the specified date
This script deletes all contacts where no activity has been logged against the contact by the specified date.
3. Delete all contacts where the contact has not been active after the specified date
This script deletes all contacts where no activity has been logged against the contact after the specified date.
4. Delete all activities
This script deletes all activities in the database, regardless of status.
5. Delete all contacts that are missing accounting data, purchases, orders / invoices or activities in the order module
This script deletes all contacts that have not been used in accounting data, purchases, offers and orders, and have not had an activity after the specified date. Contacts marked as headquarters are excluded from the script.
The script also deletes all activities and documents linked to the contact. The documents will disappear from the database, but the physical files will remain in the document area and may be deleted manually.
6. Anonymise specific contacts
This script shapes the following fields at the specified contact number:
All addresses, phone 1 and 2, fax 1 and 2, skype, email 1 and 2, webpage, vatnr, orgnr, notes, our ref fields, bank account, edocument information. The contact name is set to Anonymised customer.
Contacts, activities, and documents (not files) belonging to the contact are also deleted.
For order module / offer module form the contact name, postal and delivery address, their reference and reference before the specified date. In the ledger, the description is deleted on all attachments attached to the contact before the specified date.
7. Delete note fields on contacts that are not billed by the specified date
This script deletes the note field of all contacts that are not billed by the specified date.
8. Delete all documents
This script deletes all documents in the document module. This also applies to pdfs related to invoices. The script only deletes the documents from the document list in your database; the physical files must be manually deleted from the document area.
9. Delete time lists
This script deletes all time lists older than the specified date regardless of status.
10. Anonymise all contacts with orders, offers, purchases or accounting data that have not been active after the specified date
This script anonymises all contacts that have had orders, offers, purchases or accounting data related to them and have not had an activity after the specified date. Contact Name is set to Anonymised customer. In addition, all addresses, phone 1 and 2, fax 1 and 2, skype, email 1 and 2, webpage, vat nr, org nr, notes, our ref fields, bank account, edocument information are deleted. Contacts and activities associated with the contact are also deleted.
The script does not anonymise order or accounting data.
11. Anonymise all offers / orders with Status Lost Sales or Cancelled
This script deletes name, billing address, shipping address, their ref and reference for all offers with a status of cancelled or lost sales.
12. Delete all unfinished activities before the specified date
This script deletes all activities in status not started that have an older start date than the specified date.
13. Anonymise attachment text
This script anonymises the description field on attachments before the specified date. This applies to attachments with an attachment type of outgoing invoice, outgoing credit note, cash register, bank and miscellaneous from the date specified.