The adoption of the new EU-GDPR also results in certain points
regarding the use of vistrax which must be observed in the future.
The new EU-GDPR aims to protect personal data in an ideal way. This
results in obligations that both, a software manufacturer and the end
user must fulfill. This includes first of all the knowledge about the
collected data and which of them are classified as "person-related"
according to the legislator. See Art. 4 para. 1 of the EU-GDPR.
Apart from a few exceptions, all master data entered for users,
visitors, employees and, if applicable, companies are personal data and
must be handled accordingly to the new regulations. Additionally, the
stored data on a visitor's movement data, such as vehicle registration
number, reason for visit, or the times at which the visitor was present
also represent personal data by referencing the associated visitor
according to the new regulations.
When managing companies and their associated data, care must be taken
to ensure that they can also be personal data. For example, if the name
of a company is already personal, the data stored there also represents
personal data and must be treated as such.
According to the EU-GDPR Art. 5 para. 1c, collected data must
„… be proportionate, relevant and limited to what is necessary for the purposes of the processing “
Not all of the master data mentioned above are mandatory. vistrax is
limited to a minimum. This enables the end consumer to comply with the
requirements of the EU-GDPR. For example, a visitor's name is specified
as a required field when creating a visitor. All other information is
voluntary.
Furthermore, according to the E-GDPR,
the safe handling of personal data must always be ensured. vistrax
offers the possibility to establish an encrypted connection between
client and database. You will find explanatory notes on this in our
application help under the following link: http://www.vistrax.com/help/vistraxAdmin/Help/ENU/index.html
Please note that data by default is not encrypted after saved into the hard disk by a MS SQL Server.
In order to guarantee the integrity of some data, different data are
provided with a checksum that is always queried. If the checksum does
not match the integrity checksum of the data under consideration, the
corresponding data is displayed as invalid in the software and thus, is
protected against modifications. This is the case with photos, for
example.
The options for handling stored data are described below. To do so, a
user needs a user role that contains the corresponding rights for this
user. This means deleting, restoring, or pseudonymizing (which is
explained in more detail below). A user or the user role assigned to
him/her must contain the rights for these functions.
According to Art 17 of the EU-GDPR, everyone has the right to have
their data deleted and therefore vistrax must also take appropriate
precautions to ensure that this is the case.
The stored data is not automatically deleted in vistrax. Stored data
must always be manually deleted or pseudonymized by a user. When
deleting data records, vistrax follows the principle of a "soft delete".
Data records are therefore not completely deleted, but marked as
deleted. This removes the data from the vistrax views, but it can be
restored at a later point in time via the data management and with the
corresponding user rights. This is not a EU-GDPR-compliant solution and
therefore the pseudonymization option was introduced with the release of
vistrax version 2.0.20.
Master data records (companies, visitors, employees, etc.) can be
pseudonymized during the deletion process if required. This ensures that
references to other data are retained, but personal data are modified
in such a way that no conclusions can be drawn about the person
concerned. Thus, for example, a statistical survey of the data is still
possible from a quantitative point of view, but not from a qualitative
point of view. Real data is no longer available after a pseudonymization
and cannot be restored.
Please note that pseudonymization is only available for the
administration of master data. This prevents the pseudonymization of
individual movement data (present, prepared and past visits). If you
pseudonymize a visitor, a company, or an employee, this applies to all
transaction data linked to this master data, since movement data does
not explicitly store the master data, but references it.
If you delete movement data in the software via the respective views,
this is done according to the "soft-delete" principle described above.
The deleted entries are no longer displayed in the respective overviews,
but are still available in the database and marked as deleted. However,
unlike the master data, they can no longer be restored by the software.
In addition to the views of the individual master data records, the
report overview is available for the EU-GDPR-compliant handling of
movement data. This allows you to view and delete visits that have
already expired. The data records can also be filtered according to
different filter criteria such as visitors, company, assigned employees,
etc. This allows you, for example, to delete the transaction data of a
particular visitor or of an entire company.
Note that active and prepared movement data must be handled in the corresponding overviews (Present / Prepared).
According to EU-GDPR Art. 5 para. 1, collected data must be subject
to a clear purpose. This purpose must be recognizable and strictly
respected. When creating a visit, the use of the "Occasion" field is
recommended, so that the data collected during the use of vistrax can be
assigned to a clear context. In this way, the purpose of the personal
data can be recorded. Please note that the data collected must be
deleted or pseudonymized after the expiry of the intended use, unless
otherwise agreed before the data concerned are collected.
According to EU-GDPR Art. 15, it must be ensured that a person can
view the data collected and receive a copy of it (once free of charge)
if necessary.
vistrax offers the possibility to view master data as well as
movement data of a visitor and to create an electronic copy. Since
version 2.6 the function "Print visitor receipt..." under the visitor
master data is used for this purpose. This offers the possibility to
print all personal data of a visitor at once.
Earlier versions can use the export functions of the movement or master data.
Explanatory notes on visitor receipts and data evaluation or data export can be found under the following link: http://www.vistrax.com/help/vistrax/Help/ENU/index.html
Information on the evaluation procedures for transaction data and
master data can be found under "Data Mining" or "System menu - Data
Export".
Data records always contain a link to the creator and, if the data
records were changed during use, a link to the user who made the last
change.
For complete logging of modifications, please refer to the Microsoft documentation on transaction log: