In order for the system to know in what fields personal data is stored, as Administrator, you have to mark these on every used Entity. This is done in Agent portal > Configurations > GDPR Management > Personal data fields. Navigate to the wanted Entity where you want to set personal data field. On Tickets and account (Base person) it is enough to do it on “structural level”, however for Service catalog objects you have to do it on every separate item.
Mark the Entity/Object in the panel to the left, in the middle panel you mark the field of interest. The settings is done to the far right:
•Set as personal data field – This field is handle accordingly to GDPR
•Mark as PID field – Personal identifier field; a field, possibly in combination with other fields, define a person specifically. For example, an address does not have to be specific if you live in an apartment block, but in combination with a flat number it can be considered specific enough.
•Data sensitivity level – Mandatory. Is used to give the GDPR-handler guidance when dealing with GDPR-requests.
Example: Social security number would be a personal field with very high sensitivity level. First name is not.
There are no predefined level as standard in the system. These has to be defined before any personal data field can be set.
Note! If you mark any personal data fields on the Base person entity (account fields) you should also make sure that this are added to the form that is used on your Self Service portal (Edit profile). This to ensure that you can fulfill GDPR paragraphs concerning data correction.
Go to Agent portal > Configurations > Entity Management > Entity Editor > System Entity group > Person > Edit Entity form > User Type: End User. Choose to edit the form that is set as Default. If no form is shown here, choose to filter on User specific.