Data Privacy and GDPR Compliance — v1.0.70
Data Privacy and GDPR Compliance
Available from: v1.0.70
Version 1.0.70 introduces a comprehensive data privacy framework built into the platform. This gives administrators and data protection officers (DPOs) the tools to manage regulatory obligations for GDPR, CCPA, and other applicable privacy laws — without relying on external tooling.
Why This Matters
Organizations processing personal data of employees, contractors, and customers face growing regulatory obligations. Manual processes for handling data subject requests, tracking consent, and enforcing retention schedules are error-prone and slow. This release embeds privacy compliance directly into the platform's data layer, making it auditable, automated, and scalable.
Key Capabilities
1. Data Subject Requests (DSRs)
Data subjects have the right to access, correct, delete, or export their personal data. The platform now provides a structured workflow to manage these requests end-to-end.
Supported request types:
| Request Type | Regulation | Description |
|---|---|---|
| Access / Export | GDPR Art. 15, CCPA | Provide a copy of all personal data held |
| Erasure (Right to be Forgotten) | GDPR Art. 17 | Permanently delete or anonymize personal data |
| Portability | GDPR Art. 20 | Export data in a machine-readable format |
| Restriction / Objection | GDPR Art. 18, 21 | Pause or limit processing of personal data |
How it works:
- A data subject submits a request via the self-service portal, or an administrator creates one on their behalf.
- The request is automatically categorized and assigned an SLA deadline based on your configured policy.
- Relevant platform modules are queried to compile the data scope.
- An administrator reviews and approves the fulfillment action.
- The outcome is logged in the audit trail with a timestamp and approver record.
2. Consent Management
A centralized consent registry tracks every consent interaction across the platform.
Features:
- Granular consent categories — define separate consent purposes (e.g., payroll processing, performance analytics, marketing communications).
- Version control — each time your consent terms change, a new version is created. Historical records are preserved.
- Re-consent workflows — when consent terms are updated, affected users are automatically prompted to re-confirm their preferences.
- Consent audit log — every grant, withdrawal, and update is recorded with the timestamp, user identity, and consent version.
Consent lifecycle:
Consent Requested → User Grants / Denies → Stored in Registry
↓ ↓
Terms Updated → Re-consent Triggered → Record Updated
↓
Withdrawal → Processing Halted → Audit Entry Created
3. Automated Data Retention Policies
Data retention policies define how long specific categories of personal data are kept before they are purged or anonymized.
Configuration options:
- Set retention periods per entity type (employee records, payroll runs, contracts, audit logs, etc.).
- Choose the action on expiry: hard delete or anonymization (replaces identifying fields with pseudonymous values while preserving aggregate integrity).
- Policies are scoped at the tenant level, allowing multi-jurisdictional organizations to apply different schedules per region or legal entity.
Automated execution:
- A scheduled job evaluates all records against active retention policies.
- Eligible records are purged or anonymized automatically.
- Each execution produces a retention report in the audit log, confirming which records were processed and which action was taken.
Note: Retention policies are inactive by default. An administrator must configure and explicitly activate policies for them to take effect. Existing data is not modified until a policy is activated.
Compliance Coverage
| Regulation | Region | Coverage |
|---|---|---|
| GDPR | European Union | Data subject rights, consent, retention, DPA obligations |
| CCPA / CPRA | California, USA | Consumer rights, opt-out, deletion, data sale controls |
| Other regional regulations | Configurable | Policy templates available for additional jurisdictions |
Audit and Accountability
All privacy-related events are written to the platform's immutable audit log, including:
- Consent granted, updated, or withdrawn (with user identity and consent version)
- Data subject request submissions, status changes, and fulfillments
- Retention policy activations, modifications, and scheduled execution results
- Manual data deletion or anonymization actions by administrators
Audit records cannot be modified or deleted, ensuring a defensible compliance trail.
Getting Started
- Configure consent categories — navigate to Settings → Privacy → Consent Management and define the consent purposes relevant to your organization.
- Set up retention policies — go to Settings → Privacy → Data Retention and create schedules for each entity type.
- Enable the DSR portal — activate the self-service request portal under Settings → Privacy → Data Subject Requests and configure SLA deadlines.
- Assign a DPO role — designate one or more administrators as Data Protection Officers; they will receive notifications for DSR assignments and policy alerts.
- Review the audit log — confirm all privacy events are being captured under Compliance → Audit Log → Privacy Events.
Frequently Asked Questions
Does activating a retention policy immediately delete existing data? No. When a policy is first activated, only records that already exceed the configured retention period become eligible. A confirmation prompt is shown before the first automated run processes any legacy records.
Can retention policies be paused? Yes. Policies can be deactivated at any time. In-progress scheduled jobs will complete before the deactivation takes effect.
What happens to data referenced in active payroll or contract workflows? Records with active dependencies are flagged and excluded from automated purge runs. A review task is created for an administrator to resolve the dependency before the record can be purged.
Are consent records themselves subject to retention policies? Consent and audit records are exempt from standard retention policies by default, as they serve as the compliance evidence base. Separate archival rules apply per applicable regulations.