Comply with GDPR (administrator's view)

Kun slutbruger-hjælpen er for tiden oversat til dansk. Hjælp til installation og administration af Zylinc-løsninger er for tiden på engelsk.

Dette emne er fortrinsvis for administratorer og/eller folk som bestyrer en Zylinc-løsning

The European Union's General Data Protection Regulative (GDPR) aims to protect users of data-driven systems and services from misuse of their personal data.

GDPR also applies to organizations situated outside the EU, if they process data for or about EU citizens.

Because a Zylinc solution stores and processes phone numbers, e-mail addresses, and other data that can be used to uniquely identify a person, people who use the Zylinc solution are affected by GDPR. That's why, from Zylinc version 6.5, you get a number of features with which you can safely use your Zylinc solution under the GDPR requirements.

A Zylinc solution only stores data that's needed for daily operations and statistical purposes.

When data is transported across the internet, the Zylinc solution can be set up to protect the data between the customer and the hosting partner, as well as between the hosting partner and the telecommunications provider, by using VPN and MPLS.

  • VPN (Virtual Private Network) uses encryption and secure tunnels across the internet.
  • MPLS (Multi-Protocol Label Switching) is a routing technique that doesn't itself provide encryption. However, it supports traffic separation, so it can work like a VPN, because it can be partitioned off from the public internet. That's why MPLS is considered a secure transport mode that's not vulnerable to attacks on data, as would be the case with pure IP-based networks.

Traffic to third parties (for example Office 365) relies on the third party's security support.

When data is transported between the modules in your secure zone (that's where your Zylinc solution's backend modules and databases reside), it isn't encrypted, because there's no need to encrypt it in a secure environment. It's your responsibility to create, configure, and maintain your secure zone.

When data rests in the Zylinc solution's databases on your SQL Server, you must protect it with Transparent Data Encryption.

To summarize:

  • The Zylinc solution can be set up to protect data when it's transported across the internet
  • You must protect it by setting up your secure zone, and you must protect it by setting up TDE on your databases

To protect your stored data, your Zylinc databases must be encrypted by Transparent Data Encryption (rather than the client-side Always Encrypted option, which has some limitations and restrictions). Also, it mustn't be possible to access the databases by modules that don't reside in your secure zone.

Transparent Data Encryption (TDE) has been available since SQL Server 2008, but from SQL Server 2012 TDE is only available in the Enterprise edition. To use TDE on your SQL Server, you must:

  • Create a master key

  • Create, or get, a certificate that's protected by the master key

  • Create a database encryption key, and protect it by the certificate

  • Set up the database to use encryption

It is not the responsibility of Zylinc to encrypt your databases, but we strongly recommend that you do it. If you search for Transparent Data Encryption or similar on Microsoft Docs, you can find good descriptions of how to encrypt your databases with TDE.

You manage GDPR in the Zylinc Administration Portal. To do that, you must either be an administrator, or your administrator must give you rights to manage GDPR.

  1. Log in to the Administration Portal as an administrator

  2. In the Administration Portal menu, select USERS > Admin Roles and Privileges

  3. Click Add Dynamic Role at the bottom of the page

  4. Give the role a name and a description

  5. In the Available Privileges column, scroll down to the System section, select the privilege Access GDPR page, and use the arrow button to move it to the Selected Privileges column

  6. Click Save

  7. In the Dynamic Roles list, click next to the role that you just created

  8. In the Available column, select required users, and move them to the Included column

  9. When ready, click Save

    If the users include people who currently work in their ZyDesk clients, ask them to restart their ZyDesk client for the new privileges to take effect.

When you have the rights to manage GDPR, you must enable the GDPR pages in the Administration Portal:

  1. In the Administration Portal menu, select INSTALL > Portal Configuration.

  2. In the Pages section, select GDPR.

  3. Click Save.

  4. You can now select SYSTEM > GDPR to view the GDPR pages.

    Learn more about how to use the GDPR pages for particular purposes in the following descriptions of typical scenarios.

With GDPR, people have the right to know what data has been collected about them, and how that data is used. In GDPR terms, that's often called the right of access.

Be sure to verify the identity of the person who requests information before you give any data to them.

In the Zylinc Administration Portal you can quickly find data that the Zylinc solution has collected about a specific person. You can get the complete event log for calls, chats, and e-mails that the person who requested the data has been part of, export it as a CSV (Comma-Separated Values) file, and give it to the person who requested it.

Because there's usually more than one party involved in a call, chat, or e-mail correspondence, all private data, such as phone numbers, e-mail addresses, etc., that isn't about the person who requested the data will be anonymized in the CSV file. That way you don't compromise data about other people.

The data that you can export does not include actual e-mail conversations that the person who requested the data has been involved in. Neither does it include any recordings of calls that the person who requested the data has been part of. In the exported data you can, however, view a list of e-mails and recording file names along with associated metadata. This way, you can manually retrieve the actual e-mails and recordings if the person requests them.

Such e-mails and recordings may contain data that can be used to identify other people than the person who requested them. If you manually retrieve such e-mails and recordings, you must make sure that any data that can be used to identify other people in the e-mails and recordings is anonymized before you give the e-mails and recordings to the person who requested them.

This is how you find data about a person, and how you can send it to that person:

  1. In the Administration Portal menu, select SYSTEM > GDPR.

  2. In the top left corner of the page, search for the person whose data you want to find. You have some search options:

    • matches
    • begins with
    • ends with
    • contains

  3. In the list of search results, click View next to the required person.

  4. Based on the summary in the top of the dialog that opens, verify that you've selected the correct person.

  5. Make sure that Send all data is selected, and enter the e-mail address that the Zylinc solution should send the person's data to.

  6. Verify that the e-mail address is absolutely correct. Then click Send, and confirm your choice.

    The e-mail will contain an attachment with the CSV file that contains the requested data. The receiver can then view the data in programs like Microsoft Excel or Notepad.

If it's the first time that you try this, try to search for data about yourself (provided that you've used the Zylinc solution), and then send that data to your own e-mail address, so that you can familiarize yourself with how the data in the CSV file looks.

See also GDPR and Zylinc application log files in the following.

With GDPR, people have the right to have data that's been collected about them anonymized or deleted. In GDPR terms, that's often called the right to be forgotten.

Be sure to verify the identity of the person who requests the anonymization or deletion before you anonymize or delete any data.

Some organizations, for example in the finance sector, may be required by law to keep recordings of calls, e-mails, and chat conversations. When that's the case, GDPR requirements rank lower. That means that you must not delete recordings, e-mails, or chat conversations in order to comply with GDPR, if another law or regulation tells you to keep them. Consult your organization's legal adviser if in doubt.

In the Zylinc Administration Portal you can quickly anonymize or delete data that the Zylinc solution has collected about a specific person:

  • You can replace all instances of the person's phone numbers and e-mail addresses in the Zylinc statistics database with the letters GDPR. That way, you can anonymize the data and still use it in your statistics.

  • You can delete all A-number lookup results in the Zylinc statistics database for the person in question.

    What's A-number lookup?Lukket It's when the Zylinc solution uses the caller's phone number to look up information about the caller in a CRM system, database, or similar, so that the agent has that information handy when they answer the call. You can also use A-number lookup to prioritize calls from specific people, or to move their calls to specific queues.

  • You can delete all of the person's chat conversations.

  • From the Zylinc Administration Portal, you can delete any recordings of calls that the person who requested the deletion has been part of, provided that the recordings are stored at a location that you can access from the Administration Portal.

    If you can't access the location from the Zylinc Administration Portal, you must manually delete the recordings at their location. If you export data about the person (see When people want to know what data you have about them in the previous), you can view a list of recording file names along with associated metadata. That'll help you find and delete the recordings.

  • As with call recordings, you can also get a list of e-mails that the person who requested the deletion has been involved in, but you can't use the Administration Portal to delete such e-mails. That's because the e-mails might contain data that isn't related to the person who requested the deletion, and if you delete that data, you could possibly violate the rights of other people.

    If you don't mind taking responsibility for deleting such e-mails, you can yourself delete them from your organization's mail system, in which case the deletion will be reflected in the Zylinc solution after the next configured SMTP synchronization.

This is how you work with data that must be anonymized or deleted:

When you anonymize and delete data, you can not reverse the process. That means that you can not bring the data back to its original state if you make a mistake.

Is your organization required by law to keep recordings of calls, e-mails, or chat conversations? If yes, do not delete anything before you've consulted your organization's legal adviser.

  1. In the Administration Portal menu, select SYSTEM > GDPR.

  2. In the top left corner of the page, search for the person whose data should be anonymized/deleted. You have some search options:

    • matches
    • begins with
    • ends with
    • contains

  3. In the list of search results, click View next to the required person.

  4. Based on the summary in the top of the dialog that opens, verify that you've selected the correct person.

  5. Select Delete all data. When you proceed, the following will happen:

    • All instances of the person's phone numbers and e-mail addresses in the Zylinc statistics database will be replaced with the letters GDPR.

    • All A-number lookup results in the Zylinc statistics database for the person in question will be deleted.

    • All of the person's chat conversations will be deleted.

    • Any recordings of calls that the person has been part of will be deleted, provided that the recordings are stored at a location that you can access from the Administration Portal. If recordings are stored at other locations, you must delete them manually.

    • E-mails that the person has been involved in will not be deleted. If you want to delete such e-mails, you must delete them manually on your organization’s mail system.

  6. Click Delete. You'll be asked to confirm your choice. Only confirm it if you're absolutely sure that you're anonymizing/deleting the correct data.

See also GDPR and Zylinc application log files in the following.

If required, you can anonymize/delete data about all of your users in one go.

To do that, click the Delete / Anonymize data for all users button in the top right corner of the GDPR page about Customers. You'll be asked to confirm your choice. Only confirm it if you're absolutely sure that you want to delete/ anonymize data about everyone.

Use this feature with extreme caution. When you anonymize and delete data, you can not reverse the process. That means that you can not bring the data back to its original state if you make a mistake.

See also GDPR and Zylinc application log files in the following.

Some organizations have policies that require them to anonymize or delete all data that is older than, for example, three months.

If that's the case in your organization, you can use the Delete / Anonymize data for all users button (see Anonymize/delete data about all users in the previous) when required, for example every three months.

See also GDPR and Zylinc application log files in the following.

If an agent or other employee has left your organization, you may be asked to supply, anonymize, or delete data about that person.

You may be asked to do the same for data about custom users. Custom users are people whom agents, receptionists, etc. have added in their Zylinc clients in order to be able to easily view contact data about them.

Examples of custom users: A physiotherapist that your organization often uses, or a town car driver that your organization likes to use for taking people to or from the airport.

This is how you anonymize or delete data about such people:

  1. In the Administration Portal menu, select SYSTEM > GDPR.

  2. In the top right corner of the page, click FORMER EMPLOYEES or CUSTOM USERS as required.
  3. Follow the procedure as described in the previous, under When people want to know what data you have about them or When people want their data to be anonymized or deleted. See also GDPR and Zylinc application log files in the following.

The Zylinc Administration Portal is where you set up how you want your Zylinc solution to work. It's also where you can perform nearly all GDPR-related tasks.

But who did what in the Administration Portal, and when? You may sometimes need that information, for example to confirm who exported some data. The Administration Portal has an audit log that gives you the answers.

You view the Administration Portal audit log in the Zylinc Statistics Portal, under Logs.

If you use the audit log to verify that somebody exported, anonymized, or deleted data as part of a GDPR-related request, note that the log will show who did the export, etc., and when, but not whose data was exported, anonymized, or deleted. If the audit logged showed the latter, it would be a breach of the GDPR requirements.

You find Zylinc Windows services application logs under the root path: \ProgramData\Zylinc\

You find Zylinc Apache services application log files under the root path: \ProgramFiles\Zylinc\ApacheInstances\

Apache services application log files are separated by each deployed Tomcat instance, which gives the following Apache Tomcat application log path pattern: \ProgramFiles\Zylinc\ApacheInstances\<instance_name>\logs\

You must use these paths as base directory paths when you process application log files.

You can delete information in Zylinc application log files if you search for the relevant extension in all application log files. We recommend that you use an advanced text editor, like Notepad++.

  1. In Notepad++ open the Find in files dialog, and go to the Find in files tab.

  2. In the Find what field, enter the following regular expression pattern:

    ^.*(?:<extension>).*\r\n

    where you substitute <extension> with the extension of the user in question.

    Example: To locate and remove references for extension 12345678, use ^.*(?:12345678).*\r\n

  3. Leave the Replace with field empty, and keep *.* in the Filters field.

  4. In Directory, enter or select the root Zylinc application log path.

  5. Make sure that Follow current doc. and In all sub-folders are selected.

  6. In the Search Mode section, select Regular expression.

  7. Now the search settings are ready. You can check the results if you click the Find all button.

  8. To remove all lines in all log files that contain the extension in question, click the Replace in Files button.

    Do this for the Zylinc Windows services application logs and for each of the Zylinc Apache services application instance log paths.

    The replace operation will take some time to complete.

    Remember to empty the recycle bin after you've deleted the log files.

You can delete Zylinc application log files from before a certain date if you remove all log files in the Zylinc log file location that have a Date modified timestamp older than the required date, plus the log file that has the nearest last modified timestamp after the required date.

  1. In Windows Explorer, navigate to the Zylinc application root path.

  2. In Windows Explorer’s search field, type *.txt* and then press ENTER to start the search.

  3. When the search is finished, click the search results’ Date modified column to sort all files by their timestamps.

  4. Select all files that have a Date modified timestamp before the required date.

    Make sure that you have selected the required files only, and then delete those files.

  5. When those files have been deleted, select the log file from each application that now has the oldest Date modified timestamp.

    Make sure that you have selected the required files only, and then delete those files.

    Do this for the Zylinc Windows services application logs and for each of the Zylinc Apache services application instances log paths

    Remember to empty the recycle bin after you've deleted the log files.

Related: Lev op til GDPR (agent-/receptionist-perspektiv)