|Previous Next | Direct link to this topic|
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
It becomes enforceable from 25 May 2018.
It is to the best of Boyum IT Solutions A/S ability that B1 iPayment adhere to privacy by design as the add-on does not store any personal data beyond the SAP Business One database itself but below are references to how B1 iPayment handles data
All configured data are stored in the SAP Business One database itself and will not leave the customers system. It is the people responsible for the SAP Business One environment that ensure these data are kept secure.
Our online license check will at start-up of the add-on communicate with https://portal.boyum-it.com/LicenseKey. During this call, we send the following information in order to verify you have a valid license
•Installation + System Number
•Number of SAP Users and assigned iPayment users
•Database server name
It is possible to block this call (via normal firewall) and work with an offline license key, without interruption
The add-on has an optional Feedback system that on add-on shutdown and in case of errors send anonymous data to Boyum's internal Feedback servers. It sends the following data to us:
•Stats for each module (number of configurations etc. - nothing customer specific)
You choose on initial install if you want to participate or not and can at any time turn it off.
All of the collected data can be deleted upon request.
More information about the Feedback System can be seen here: http://www.boyum-it.com/sbo/uip
Credit card data
iPayment does not store any sensitive credit card payment information (please refer to the other sections for further details), but it does store the masked credit card number along with name and address information associated with the card when we receive it from the gateway.
This information is used exclusively for display purposes, to make it easier for the users to identify unique cards/cardholders.
The data is not used when performing transactions and is not sent to 3rd parties at any point.
Update: From version 2018.10 version you can in main configuration choose the option to not store name and address info using feature: "Save Credit Card to Business Partner record when importing transactions"
The add-on uses a Cloud Connector located in the Microsoft Azure hosting environment to facilitate easy of use for some of the features we offer.
The Cloud Connector does not store any sensitive or user-specific data at any point.