User-Triggered GDPR Report

Introduction

Starting with version 3 of Infinite Scale, users can create a General Data Protection Regulation (GDPR) report about the use of their own data in Infinite Scale at any time. When using Keycloak, some environment variables must be configured to gather user-relevant data stored in Keycloak, completing the report.

Configuration

If Keycloak is used for authentication, GDPR regulations require to add all personal identifiable information that Keycloak has about the user to the personal data export. To configure these settings, see the Keycloak Configuration for the Personal Data Export for more details. Beside that, no additional configuration is necessary as everything works out of the box.

User Workflow

The following images show how easy it is for users to create their own GDPR report without any additional admin requests. Note that the example images are subject of change.

A user can create the report using the acount information screen which opens when clicking on the circle top right  the users name.

1. Account Information 2. Download GDPR Export
Account Information
Download GDPR Export

If show hidden files is enabled via the gear icon, the report will also become visible in the user’s home space.

3. Configure Hidden Files 4. Show Hidden Files
Configure Hidden Files
Show Hidden Files

Example GDPR File

A GDPR report is json-based and contains all GDPR-relevant information about a user in Infinite Scale. The example GDPR report below is created using the demo user Einstein. Note that the demo user Einstein is part of the embedded LDAP (IDM) service if the instance was setup creating demo users. See Demo Users and Groups for more details.

{
  "events": [
    {
      "event": {
        "Executant": {
          "idp": "https://<your-ocis-instance>",
          "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51",
          "type": 1
        },
        "Ref": {
          "path": "/.personal_data_export.json",
          "resource_id": {
            "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51",
            "space_id": "4c510ada-c86b-4815-8820-42cdf82c3d51"
          }
        },
        "SpaceOwner": {
          "idp": "https://<your-ocis-instance>",
          "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51",
          "type": 1
        }
      },
      "id": "50a38ebf-fc1c-478e-b03a-03bf8bf74cc5",
      "type": "events.FileTouched"
    }
  ],
  "user": {
    "id": {
      "idp": "https://<your-ocis-instance>",
      "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51",
      "type": 1
    },
    "username": "einstein",
    "mail": "einstein@example.org",
    "display_name": "Albert Einstein",
    "groups": [
      "509a9dcd-bb37-4f4f-a01a-19dca27d9cfa",
      "6040aa17-9c64-4fef-9bd0-77234d71bad0",
      "dd58e5ec-842e-498b-8800-61f2ec6f911f",
      "262982c1-2362-4afa-bfdf-8cbfef64a06e"
    ],
    "uid_number": 99,
    "gid_number": 99
  }
}