The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It became enforceable from May 25, 2018.
It is to the best of Boyum IT Solutions A/S ability that Cloud Apps adhere to privacy by design.
Cloud Apps applications are extensions for ERP systems and can be used as a cloud service. Cloud Apps synchronizes relevant data between the ERP system and Microsoft Azure to take advantage of advanced features. Only the data necessary to use the extended functionality will be synchronized. The synchronization is done via the standard API of the ERP system.
All synchronized data is encrypted end-to-end and sent via HTTPS.
Depending on the customer, the data is stored in the US region or in the European Union. When the subscription is terminated, the account is deactivated and the customer is informed about the imminent deletion of the data.
For details on Microsoft Azure global infrastructure, service level agreements (SLAs) and Azure protection data protection measures/rules, including its management of GDPR, see Microsoft Azure infrastructure and Data protection in Cloud Apps.
The following summary shows which personal data is stored in an Azure database via synchronization or by manually entering Cloud Apps.
| Data | What | Why | Process |
|---|---|---|---|
| Personnel master data |
|
Adding operators for the shop floor terminal | The employees of the shop floor are represented on Cloud Apps as “Operators”; this information is collected at the Operator data object. The mandatory personal data collected here are: Fist name Middle name and Last name. Only this data is synchronized with the ERP system employee master data. |
| User and Operator |
|
Assignment of license to user and operators | We have no connection between the customer system and Cloud Apps directly. The licenses and users are managed in our Boyum Portal from the customers themselves. In Cloud Apps we assign licenses to user and operators. For the assignment to users we use and store only the email address. For the assignment to operators we link this to our Operator-ID. |
| Company information |
|
Identify general settings | We use company information to find out relevant general settings like decimal places or local currency. For that we store the company name and the country as personal data. |
| External documents |
|
Manage external documents | Cloud Apps allows you to upload any file as an attachment to a product request via an upload and store it in Cloud Apps. |
| Production order |
|
Manage customer specific production orders | We plan and monitor production orders created in the ERP system in Cloud Apps. Production orders can contain the customer name and customer number. |
| Time receipts | Time recording for production operations | As part of the production data collection functionality, we record the time effort of the production operations. This information could be reported directly by personnel when they connect to the shop floor terminal and report a time receipt. In this case a personnel ID is linked to a time receipt. | |
| Inventory postings |
|
Material recording for production operations and receipts from production | As part of the production data collection, we record used material and create a warehouse transaction in the ERP system. These transactions are linked to the Personal ID and are stored in Cloud Apps for traceability. |
| Quality data |
|
Collection of quality data for inspection orders | For quality control, Inspect creates inspection orders with test steps. The inspection order can contain the business partner name. The employees can record the actual quality data for an inspection order. In this case the operator ID is linked to the quality collection data entry. |
Hotjar Analytics
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. We store no data in Cloud Apps.
Related to
Comments
0 comments
Please sign in to leave a comment.