|Previous Next | Direct link to this topic|
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
It becomes enforceable from 25 May 2018.
It is to the best of Boyum IT Solutions A/S ability that B1 Usability Package and it's productivity package modules adhere to privacy by design as the add-on do not store any personal data beyond the SAP Business One database itself but below are references to how B1 Usability handles its data
All configured data are stored in the SAP Business One database itself and will not leave the customers system. It is the people responsible for the SAP Business One environment that is responsible for this data.
As B1 Usability Package is a configuration tool almost all data stored are not customer specific. The Add-on do however often store primary keys (like BP Codes) in its tables and in the case of the module "Recurring Invoices" it also store names of customers.
We have a few features/modules that communicate with online services and these are listed below but none of these contain personal information.
Our online license check will at start-up of the add-on communicate with https://portal.boyum-it.com/LicenseKey. During this call, we send the following information in order to verify you have a valid license
•Installation + System Number
•Number of SAP Users and assigned B1UP users
•Database server name
•If System is MSSQL or HANA
It is possible to block this call (via normal firewall) and work with an offline license key, without interruption
The add-on has an optional Feedback system that on add-on shutdown and in case of errors send anonymous data to Boyum's internal Feedback servers. It sends the following data to us:
•SAP Database name
•Stats for each module (number of configurations etc. - nothing customer specific)
You choose on initial install if you want to participate or not and can at any time turn it off. If you wish to be deleted from already collected data please send request to firstname.lastname@example.org
More information about the Feedback System can be seen here: https://download.boyum-it.com/b1up/uip/
This module communicates with https://mailchimp.com via MailChimp's API. The customer decides what information is sent but first name/last name is the default. Beyond this please see MailChimp's stand on GDPR: https://kb.mailchimp.com/accounts/management/about-the-general-data-protection-regulation
Quick create providers
This module has the optional option (off by default) to communicate with various online providers of data. The module only send search-requests to these providers (often a company's or person's name) and receive a result back that customer can choose to store in the SAP Business One database. If you use these providers you can contact them in order to see their stance on the GDPR Regulation.
Toolbox Federal Tax Id Check
This feature will, if turned on (off by default), check entered Federal Tax Ids on BP Add. It contacts the web service: http://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl with country-code and a Federal Tax Id and receive a response back if Federal Tax id is valid or not for that country.
B1 Time Task - B1Time.com
This website, hosted in Azure.com's North Europe regions communicate with B1 Usability Package's Server component if enabled (off by default). The site will communicate and store B1 Time Task data into the SAP Business One database but will at no point store this data in Azure. Only the following configuration data are store:
•Number localization (decimal separator, thousands separator)
•First day of week
This optional service (off by default), hosted in Azure.com's North Europe regions communicate via SAP HANA Server Layer with your SAP System in order to set online Exchanges rates on a schedule defined by you. In order to do this work the service stores the following information for you:
•You Service Layer Connection information (URL, SAP Username, SAP password and Database). NB: Password is encrypted but not hashed as Service Layer require us to provide the password in clear-text form.
•Email address (so we can inform you on success/failure of the service)
•The Currencies you have set up in you SAP database.
•The information configured on the Exchange Rate configuration (provider, days set in future, schedule, etc.)
•SAP install No
•SAP System No
B1 Web Dashboards
This is an optional feature in where the Dashboards are presented in a Web-Browser. The B1 Web Dashboards are a local install (Own Internet Information Server) so it will not send any public information but it is up to the company to ensure that the IIS are only accessible to the wanted users.
On the online help-page we use Google Analytics to track its usage stats. Please see https://privacy.google.com for more information