GDPR: Right of access

ced · February 23, 2018, 3:10pm

Continuing the discussion from General Data Protection Regulation:

Rational

The GDPR enforce the right of access. To help companies to be GDPR compliant, we could provide a generic tool for this.

Proposal

The tools from from GDPR: Right to erasure could be reused as the definition of what are the personal data to be exported. But we should allow to extend it for the export only.

Implementation

We reuse the erase definition from GDPR: Right to erasure as the field names to call ModelStorage.export_data on the selected party.

ced · February 26, 2018, 2:46pm

As the design has changed, I’m wondering if we should not simply create via XML, a ir.export record and each module will be free to complete the fields.

ced · March 16, 2018, 9:18am

I’m also wondering if it is really possible to define a standard export. I think this is really linked to company’s choices.