22 May 2018 Reading time: 9 minutes

BILLmanager tools for GDPR compliance

ISPSystem

The European Union General Data Protection Regulation (GDPR) comes into effect on May 25, 2018. Its rules will apply to all companies that provide services to customers from the EU. The penalty for non-compliance starts from 10 million euros. BILLmanager 5.153.0 helps customers comply with the GDPR requirements.

Consent

Your customers should know what information the company collects and how their provider uses it. The corresponding information must be specified in the Privacy policy and User agreement. All the clients must agree with the Terms of use by ticking the corresponding box. The company cannot send SMS or emails unless its clients agree to receive them.

You can find the links to the “Privacy policy” and “User agreement” in BILLmanager section “Personal information management”. You can add new documents, activate them, and modify the way how conditions for consent are displayed and collected. Read more on personal data management in our documentation.

Section “Personal information management” in BILLmanager

Currently, BILLmanager allows customers to agree to:

  1. the Privacy policy,
  2. the User agreement,
  3. newsletters,
  4. SMS-notifications.

Links to the documents and the check box will be displayed on the registration form and the form that a client will see after login. If the consent is a mandatory step, customers cannot register an account in the billing panel and use their services. Mandatory parameters are marked with *.

User consent during registration

The consent information is kept in “Personal information management” -> “Log”. It records all the operations related to personal information, including consent or denial, date and time, the username, and the IP address from which the operation was performed.

Personal information log

Payer notifications

The “Payer” section in BILLmanager allows clients to provide different information for generating invoices. One user can have several payers - other users or companies. According to Chapter 14 GDPR the service provider must inform all the persons whose data he handles.

We added the “Send notification about payer creation” check box in the “Global settings” section -> “Payer management”. Selecting this check box will mark the “Email” field on the payer creation form as obligatory. If the payer differs from the user who has created his profile, he will receive the personal information notification.

Payer notifications

You can edit the notification text in the email templates section. If you provide services to clients from the EU, according to Chapter 14 GDPR, you may not send the notification if the provision of such information proves impossible or would involve a disproportionate effort.

Deleting non-active users

Chapter 5 GDPR states that personal data must be handled within a period required for data collection.

In BILLmanager -> “Global settings” -> “Main” you can find the option allowing you to delete non-active users. With this check box selected, the billing panel will automatically delete non-active users who didn’t not perform any operations within a specified period. If the user has payments, expenses, and active services, the system won’t delete his account.

Deleting non-active users

When enabling the user deletion option, please note that you have a right to keep their data during the whole period required for your business processes and legal requirements. E.g. even if the user account is not active, its data (to an extent) may be used for protection from claims.

Newsletters consent

Previously, BILLmanagar subscribed new users to company’s newsletters automatically. User consent was not required. According to the GDPR, the personal data operator must be able to confirm that a user has consented to receive notifications (Chapter 7(1) GDPR).

Moreover, the consent should not be regarded as freely given if the use didn’t have genuine or free choice. That’s why we recommend that you unsubscribe your customers from newsletters and start adding them into your database again.

You can send marketing emails based on lawful basis which is not based on consent. In this case it must be reasonably justified (e.g. based on point F Chapter 6(1) GDPR).

How to unsubscribe users

You need to send the following requests to the billing system databases. Update the panel to version 5.153 and run the database in the console. Send the requests in the order specified below:

1. Add the subscription record for those users who don’t have it:


SET @subscription_id = (SELECT MAX(id) + 1 FROM subscription);

INSERT INTO subscription (id, user, notice, modulename, enabled) SELECT @subscription_id := @subscription_id + 1, u.id, 'news_notice', 'ntemail', 'off' FROM user u LEFT JOIN subscription s ON s.user = u.id AND s.modulename = 'ntemail' AND s.notice = 'news_notice' WHERE u.level = 16 AND s.id IS NULL; 

INSERT INTO subscription (id, user, notice, modulename, enabled) SELECT @subscription_id := @subscription_id + 1, u.id, 'news_notice', 'ntsms', 'off' FROM user u LEFT JOIN subscription s ON s.user = u.id AND s.modulename = 'ntsms' AND s.notice = 'news_notice' WHERE u.level = 16 AND s.id IS NULL;

2. Edit the subscription status into “Disabled” for those users who didn’t learn your newsletter policy:


UPDATE subscription s JOIN user u ON u.id = s.user LEFT JOIN core_gdpr_processed_doc u2d ON u2d.username = CAST(u.id AS char) AND u2d.doc IN (SELECT d.id FROM core_gdpr_doc d JOIN core_gdpr_doc_type dt ON dt.id = d.type WHERE dt.name IN ('sms_notify')) SET s.enabled = 'off' WHERE u.level = 16 AND s.notice = 'news_notice' AND s.modulename IN ('ntsms') AND u2d.id IS NULL;

UPDATE subscription s JOIN user u ON u.id = s.user LEFT JOIN core_gdpr_processed_doc u2d ON u2d.username = CAST(u.id AS char) AND u2d.doc IN (SELECT d.id FROM core_gdpr_doc d JOIN core_gdpr_doc_type dt ON dt.id = d.type WHERE dt.name IN ('news_notify')) SET s.enabled = 'off' WHERE u.level = 16 AND s.notice = 'news_notice' AND s.modulename IN ('ntemail') AND u2d.id IS NULL;

BILLmanager feature for customers

In the Client area customers can view the documents about personal data collection and processing, and the consent log. They can submit a support ticket to request the information about personal data being used (export their personal data to a CSV file).

Privacy settings in BILLmanager

Besides, users can request a restriction or deletion of their personal data from the billing system.

In the notifications settings form the user can subscribe or unsubscribe from SMS or email notifications.

Notifications settings in BILLmanager

New features that we are going to add

 
  1. Automatic upload of user personal data into a CSV file.
  2. Show localized privacy policy depending on a user country.
  3. Identical documents for documents on different languages.
  4. Add the “Ignore/Do not agree” statuses into the log of mandatory conditions.
  5. Log the information about requests to the Support center for export, deletion, or termination of personal data processing.
  6. Monitor document versions.
  7. Show a list of all the versions in the Client area.
  8. Generate a list of recipients (third parties) who can get user data from the service provider.

Recommendations from ISPsystem lawyer

"Updating BILLmanager to the latest version will help you handle your user data in compliance with the GDPR principles. Configuration parameters must reflect how you handle personal data taking into account your business processes and measures that you take to protect the information", — says Denis Petrov, ISPsystem lawyer.

When collecting user data, you need to inform customers about your Privacy policy. We recommend that you refer to Charter 12 GDPR when preparing your company policy. The Charter describes the main information you must provide to users. Besides, you can use Charter 5 that defines the data protection principles, which you should be able to demonstrate.

When getting information from your client, you must inform him about the following:

  1. Data operator information;
  2. Purposes of data processing including lawful basis for processing;
  3. Legitimate interests if data processing is based on point (f) of Chapter 6;
  4. Recipients of personal data if you disclosure it and transfer data to other countries. We recommend that you specify such recipients in your Policy;
  5. The period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  6. User rights, including the right to access, modify, and delete their personal data;
  7. The right to withdraw their consent (where processing is based on consent).

The information must be written in a clear and easily understandable language.