Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Deleting a user only removes their access to Orthogramic.

  • All data contributed by the user, such as documents, domain data, and business architecture analysis, remains within the system.

  • The organization's data continues to be available to other users within the organization who have access permissions.

Compliance with GDPR – Right to Be Forgotten

Orthogramic enables organizations to effectively respond to Right to Be Forgotten requests from former employees, contractors, or stakeholders, in compliance with the General Data Protection Regulation (GDPR). This functionality ensures that organizations can remove personal data of ex-staff or stakeholders while maintaining the integrity of the organization's business architecture.

How Orthogramic Supports GDPR-Compliant Deletion of Personal Data:

  1. Deletion process
    If an ex-staff member or stakeholder requests to exercise their right to be forgotten, Admins and User Admins, can delete the user by navigating to Settings > General Team and deleting the user.

  2. Validation
    Orthogramic ensures that each request is carefully validated. We confirm the identity of the individual making the request, and validate their eligibility under GDPR to avoid unauthorized or accidental deletions.

  3. Data Removal
    Once the user deletion is completed:

    • User-specific data associated with the ex-staff or stakeholder, such as login information and identifiable profile data, is erased.

    • Any documents or files containing personally identifiable information (PII) related to the individual will be flagged for removal.

    • Logs, audits, and backups will also be reviewed, and all personal data related to the individual will be deleted in line with GDPR guidelines.

  4. Organizational Data Integrity:
    Orthogramic ensures that only personal data directly related to the individual is deleted, while organization-related business architecture data remains intact. This preserves the organizational knowledge and documents not related to personal identifiers while fulfilling the individual's request.

  5. Confirmation of Deletion:
    Once all required personal data has been deleted, Orthogramic will send a confirmation to the organization, ensuring they have the documentation to confirm GDPR compliance.

  6. Important Note:
    This process is irreversible, and once the personal data has been removed, it cannot be restored.