GDPR - Retrieving or anonymizing personal data

Contents

GDPR - Retrieving or anonymizing personal data

Overview

The General Data Protection Regulation (GDPR) introduces a single legal data protection framework for both businesses and individuals within the European Union (EU). The GDPR was approved in April 2016 and became directly applicable on 25 May 2018. As of that date, all companies (including those outside the EU) that control or process personal data relative to EU residents are obliged by the regulation to satisfy certain user rights.

When using Nexthink, companies store data that describes the digital behavior of end-users and allows their personal identification. This kind of personal data usually lies in the context of employment; that is, end users are generally employees of the company that controls and processes their data, although this may not always be the case. Even if the GDPR allows for specific rules to the processing of personal data in the context of employment (see article 88), the protection of this data is still under the GDPR, as long as your employees are EU residents. Consult your legal department in case of doubt.

GDPR in the Portal

Access management

You can access the GDPR administration dashboard using the gear icon located in the main navigation bar.

NXPortal-1605255130.png

That section only appears for specific users and access to that functionality is managed at the profile level.

NXPortal-1605255896.png

Functions

To help you comply with the regulation, the Portal includes a GDPR-specific section to let you extract data.

Retrieve user data

Article 15 of the GDPR grants data subjects the right to access their personal data. Run the script in this mode to retrieve all the data relative to a particular user.


NXPortal-1605256854.png

Other mechanisms to comply with GDPR

In addition to the GDPR menu of the Web Console, remember that Nexthink provides you with other mechanisms that can help you comply with the GDPR:

Removal of devices
Helps you comply with the right to erasure by completely removing all the stored information about a particular device from the Engine.


Related tasks
Related references