In my previous blog, I wrote about GDPR compliance at large. Let’s look more closely how should be done and how in Sitecore.
There are a lot of customization to do whatever which Sitecore version you are using. Starting starting with Sitecore 8.2 Update 7 Sitecore provides few useful tools. Since this version has been release few weeks before May 25th deadline you may implement all by you own.
Options:
- Upgrade to Sitecore 9
- Upgrade to Sitecore 8.2 Update 2 released April 26th
- Customize current implementation
The right to be informed
… or being or being transparent about what you collect and how you use it (Article 12,12,4)
Sitecore 8
As a developer you can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore XP 8.x website, but you have no way of auditing a history of interactions
Sitecore 9
Yes, you or your developer can inform end-users about data you collect through a privacy policy, cookie banner, and/ or preferences page on a Sitecore XP 9.0 website, and can audit a history of interactions via the Sitecore xConnect™ API.
You have to store somewhere all information about client consent. to prove who, when and to what they consent to. Staring with Sitecore 8.2 update 7 you can use xDB to store this information, but it can be any safe place.
As a developer you can configure your Sitecore implementation to track your efforts to inform end-users about data you collect through your privacy policy. xDB can be configured to include a collection facet called Privacy Policy Acknowledgement. This collection has an audit trail of if and when a contact has acknowledged your privacy policy. The collection contains this:
Agreement Date – specifies the date that the contact they agreed to the latest privacy policy.
Policy Identifier – specifies the unique identifier for the policy. This can include version number.
Sitecore.Analytics.Model.Entities.IContact contact = // Get Contact
Sitecore.Analytics.Model.Entities.IGdprStatus gdprStatus = contact.GetFacet< Sitecore.Analytics.Model.Entities.IGdprStatus>("GdprStatus");
gdprStatus.ExecutedRightToBeForgotten = true;
Sitecore.Analytics.Model.Entities.IPrivacyPolicyAcknowledgementElement privacyPolicyAcknowledgementElement = gdprStatus.PrivacyPolicyAcknowledgement.Values.Create();
privacyPolicyAcknowledgementElement.AgreementDate = System.DateTime.UtcNow;
privacyPolicyAcknowledgementElement.PolicyIdentifier = "1.0.0";
The right of access
… or allowing individuals to see what personal data you’re processing and storing (Article 15)
Sitecore 8
No product feature support out of the box. Sitecore xDB stores a user’s interaction history within the database. As a developer, you can customize your Sitecore xDB to find and remove an individual’s data from the database.
Sitecore 9
Sitecore XP 9 has dedicated features for the right of erasure (or right to be forgotten). A contact’s personal data can be deleted through a Sitecore API call, “Execute Right To Be Forgotten.” This feature irreversibly removes the contact’s
The right to rectification
… or allowing individuals to have their personal data corrected (Article 16)
Sitecore 8
You’ll need to make changes to Sitecore (and any other systems) to edit / change / delete personal data on request. Personal information can be managed in User Security, List Management, and customized directly in MongoDB.
Sitecore 9
You need to make changes to Sitecore (and any other systems) to edit / change / delete personal data on request.Personal information can be managed in User Security, List Management, and customized directly through the Sitecore xConnect API (e.g., through a web form).
The right to erasure
… also known as the right to be forgotten (Article 17)
Sitecore 8
No product feature support out of the box. Sitecore xDB stores a user’s interaction history within the database. As a developer, you can customize your Sitecore xDB to find and remove an individual’s data from the database.
Sitecore 9
Sitecore XP 9 has dedicated features for the right of erasure (or right to be forgotten). A contact’s personal data can be deleted through a Sitecore API call, “Execute Right To Be Forgotten.” This feature irreversibly removes the contact’s
Anonymize Contact
Before Sitecore 8.2 Update 7 :By setting contact identifier to null and it identification level to none. Merge Contact after
ContactRepositoryBase contactRepository = Factory.CreateObject("contactRepository", true) as ContactRepositoryBase;
LeaseOwner leaseOwner = new LeaseOwner("YOUR_WORKER_NAME", LeaseOwnerType.OutOfRequestWorker);
LockAttemptResult lockResult = contactRepository.TryLoadContact(email, leaseOwner, TimeSpan.FromMinutes(1));
Contact contact = lockResult.Object;
if (lockResult.Status == LockAttemptStatus.Success)
{
// Make the contact anonymous.
contact.Identifiers.Identifier = null;
contact.Identifiers.IdentificationLevel = ContactIdentificationLevel.None;
// Save and release the contact.
var options = new ContactSaveOptions(release: true, owner: leaseOwner);
contactRepository.SaveContact(contact, options);
}
public Contact MergeContacts(Contact survivingContact, Contact dyingContact )
{
ContactRepository contactRepository =
Factory.CreateObject("tracking/contactRepository", true) as ContactRepository;
ContactManager contactManager = Factory.CreateObject("tracking/contactManager", true) as ContactManager;
IContactPersonalInfo personal = survivingContact.GetFacet("Personal");
personal.FirstName = string.Empty;
personal.Surname = string.Empty;
contactRepository.MergeContacts(survivingContact, dyingContact);
Assert.IsNotNull(contactRepository, "contactRepository");
Assert.IsNotNull(contactManager, "contactManager");
return survivingContact;
}
Starting with Sitecore 8.2 Update 7 you can use the removeContactPiiSensitiveData pipeline to enable this right. It is up to you, as a developer, to decide where, when, and how to call this pipeline. You can use the pipeline as a background worker process, or in many other ways. Because it is not possible to remove all personal data from the system if a contact has an active session, once configured by you the pipeline locks the contact before it removes data to make sure that there are no active sessions for the contact.
The right to restrict processing
… or allowing individuals to stop you from performing operations (collecting, processing, storing, etc.) on personal data (Article 18)
Sitecore 8
Sitecore XP 8 allows you to customize how much personal data you wish to process. Opt-in and opt-out is a customization.
Sitecore 9
Sitecore XP 9 allows you to customize how much personal data you wish to process. Opt-in and opt-out is a customization.
The right to data portability
… or giving individuals the personal data you have about them (Article 20)
Sitecore 8
No product feature support out of the box. Sitecore xDB stores a user’s interaction history is within the database. As a developer, you can customize your Sitecore xDB to find an individual’s data and extract it from the database.
Sitecore 9
Sitecore XP 9 ensures full interaction history is available and can be exported from the Sitecore xConnect API and provided to your end user in your chosen format.
Contact Repository
As a developer, you can choose to use the contact repository API to retrieve the full interaction history for the given contact
var cursor = _repository.GetInteractionCursor(contactId, visitsToLoadPerBatch, maximumSaveDate);
var interactions = new System.Collections.Generic .List();
while (cursor.HasNextBatch)
{
interactions.AddRange(cursor.GetNextBatch());
}
The right to object
… or prevent you from processing their personal data (Article 21)
Sitecore 8
No product feature support out of the box. Customization is required, dependent on your implementation.
Sitecore 8
No product feature support out of the box. Customization is required, dependent on your implementation.
Pingback: Sitecore compliance with GDPR- Part I | Urban Sitecore Blog