A live demo of the GDPR module and how it can be used by site builders, developers and Data Protection Officers to achieve GDPR compatibility. We will be focusing on the GDPR consent tools and the GDPR field settings that enable a site owner to easily response to subject access requests and requests for erasure.
We (FreelyGive) have been working on a suite of GDPR tools in collaboration with BRAINSUM as a result of our experience working with native Drupal CRM. In this talk I will demonstrate the tools we have built, some of the rationale behind why we built them like that and how to use them.
- A dashboard for end users to request "Right to access" and "Right to be forgotten"
- Tools for site builders and data protection offers to see an overview of all Drupal fields and their GDPR settings (Included, Maybe, Not included or anonymise)
- Various different sanitisers for anonymising certain fields
- Tasks for staff to process these requests including any last minute additions
- Ability to create multiple revisionable consent policies which you can then attach to specific forms or entities
- An audit trail of those consent fields every time someone implicitly or explicitly consents to something (and which revision they saw)
- Tools for safely documenting exporting user data through integration with views data export
- A specific take on handling the backup and restore process where some individuals have asked to be forgotten.