BILLmanager 6
Documentation
/
BILLmanager 6
/
Quick start
/
Quick Start. Legally compliant settings
en En
es Es
Add to Favorites
Focus mode
Documentation
/
BILLmanager 6
/
Quick start
/
Quick Start. Legally compliant settings

Quick Start. Legally compliant settings


This section provides information on configuring modules to comply with EU regulatory requirements. This involves configuring the following:

  • client registration and authorization methods;
  • compliance to GDPR.

Registration and authorization methods

Configure registration and authorization methods to meet legal requirements for user identification and data protection.

Available methods

  • web interface authentication — standard login via https://<domain_or_ip>/billmgr with administrator credentials;
  • temporary key authorization  — a one-time access key for secure passwordless login, requires root privileges;
  • phone number verification — SMS-based two-factor authentication to confirm user identity;
  • Google OAuth — registration and login via Google accounts, with data processing governed by Google's privacy policy;
  • Keycloak (SSO) — centralized authentication with role mapping for employee access control;
  • API authentication — token-based or authinfo access for automated integrations.

Compliance considerations

When enabling these methods, verify that:

  • user consent for data processing is obtained and documented;
  • authentication logs are retained according to applicable data retention policies;
  • two-factor authentication is enforced for administrative access where required by regulation;
  • third-party providers (Google, SMS gateways) comply with your jurisdiction's data transfer rules.

Configure methods in Provider Providers → provider name → Edit Methods of registration and authorization.

For more information on configuration, see the articles:

GDPR

In accordance with Article 5 of the GDPR, a provider must not retain client data for longer than is necessary for the purposes for which it was collected. The “GDPR client data cleaning” module allows you to:

  • deactivate user accounts in accordance with GDPR;
  • anonymize personal data of the client and its users in accordance with GDPR.

To delete client information:

  1. Go to IntegrationModules → install the GRPR client data cleaning module.
  2. Go to ClientsClients → select a client → click Clear data.

Read more in: