Data Protect

The Data Protect App is designed to protect customer data and is mandatory for the connection to various marketplaces (currently only Amazon Marketplace). The app ensures that
  • personal data of customers is used according to the specifications of the marketplace
  • personal data of customers is only stored as long as it is needed
  • at the request of the marketplace operator defined actions (such as deletion or retention) of personal data can be easily achieved,
  • data protection standards in the transmission according to the specifications of the marketplace are met.

Features

The Data Protect App is activated by the system as soon as a connection to a relevant marketplace is established, which can retrieve customer data (so-called PII, definition see below) - regardless of whether such data is actually received by the marketplace. Data is always transmitted using the SSL encryption method.

Storage and deletion of PII

Personal information (so-called PII, in particular customer data) is stored for 10 years for processing the order or inquiry on the basis of the German DSGVO and basis for proper invoicing (AO, UStG, HGB). However, PII from sources of some marketplaces is treated separately by xentral. These are marked according to their origin in order to be deleted at an earlier point in time. Personal information (so-called PII, especially customer data) from Amazon, for example, is automatically anonymised 30 days after the order is sent (see "Definitions" below). The technical basis for this deletion is a process starter (aka cron job), which is managed by the Data Protect App.

Request for data deletion by the marketplace operator

In case of data loss, the operator of the marketplace can request the operator of the xentral instance (e.g. the amazon Seller) to delete the data. In this case, all active PII data in the instance can be made anonymous in a one-time process. However, the ability to further process the orders or to dispatch or properly invoice the seller can then no longer be guaranteed by xentral.If requested (e.g. by a customer or the marketplace operator), personal data can also be deleted in individual cases. The DSGVO app included in xentral is used for this purpose.

Request for data retention by the marketplace operator

Should the marketplace operator request the operator of the xentral instance (e.g. the amazon Seller) to return data, all still active PII in the instance can first be extracted in a one-time process and then anonymized. However, txentral can then no longer guarantee the ability to further process the orders or to dispatch or properly invoice the seller.

Data recovery

Lost data can be restored within 24 hours on the basis of the data backups (snapshots) made in the aws cloud. Data can also be restored manually in individual cases on the basis of archived billing documents. An automated recovery from this cold storage into the hot storage (the database) is not possible.

Definition

Personal information (so-called PII, especially customer data) from Amazon is automatically anonymised 30 days after the order is sent. For this purpose, the following data is removed from the address or replaced:
  • Name
  • Address (street, post office box, etc.)
  • <del>ZIP code, city</del> (required for statistical purposes) * Phone
  • Email address
  • Gift message / Personal message (if applicable)

Setup

First the corresponding process starter must be activated. This can be done simply by clicking on the button.:wawision:dataprotect_01_cron.png The result shows that the setup has been completed:wawision:dataprotect_02_cronaktiv.png

Configuration options

In the Settings tab the project to be protected and some further options can be set.:wawision:dataprotect_03_settings.png Option description:
  • The project for processing the data of the respective marketplace can be set (e.g. AMAZON) (1)
  • A placeholder text for name replacement can be selected. (2)
  • Any free field from the article can be defined as free field of the gift message. Typically, this configuration is made when the item is set up. This must be the free field of the article, which is then copied into the order items. (3)
Once the setting has been made, the configuration can be saved (4). Please note:
Archived document data (in particular order and invoice) are excluded from deletion. These are located in the userdata directory within the instance on encrypted hard disk (using AWS standard encryption). The reason for this is that the documents must be stored in accordance with German legislation (including AO, UStG, HGB) for proper invoicing.

Data fields

Publication of data upon request

The publication of data refers to the following document types
  • Order (Auftrag)
  • Delivery note (Lieferschein)
  • Invoice (Rechnung)
  • Address (Adresse)

Deletion of data

In the following, all document types are listed with the anonymized fields. Any fields not listed here are not anonymized. Additional notes:
  • Postal code and location are generally not deleted from the database.
  • different delivery addresses are all deleted
  • Additional contact persons are all deleted
  • Additional contacts: Here, only the values are deleted, the structure of the created files is retained.
The following list contains al field names in German since the data structure is kept in German within the database. English translation is for informational purposes only.
Auftrag
  • typ
  • titel
  • name (replaced with confgured text string)
  • ansprechpartner
  • abteilung
  • unterabteilung
  • adresszusatz
  • strasse
  • telefon
  • telefax
  • anschreiben
  • email
  • ustid
  • liefertitel
  • liefername (replaced with confgured text string)
  • lieferansprechpartner
  • lieferabteilung
  • lieferunterabteilung
  • lieferadresszusatz
  • lieferstrasse
Rechnung
  • typ
  • titel
  • name (replaced with confgured text string)
  • ansprechpartner
  • abteilung
  • unterabteilung
  • adresszusatz
  • strasse
  • telefon
  • telefax
  • anschreiben
  • email
  • ustid
Lieferschein
  • typ
  • liefertitel
  • liefername (replaced with confgured text string)
  • lieferansprechpartner
  • lieferabteilung
  • lieferunterabteilung
  • lieferadresszusatz
  • lieferstrasse
  • telefon
  • telefax
  • anschreiben
  • email
  • ustid
Adresse
  • typ
  • titel
  • name (replaced with confgured text string)
  • ansprechpartner
  • abteilung
  • unterabteilung
  • adresszusatz
  • strasse
  • telefon
  • telefax
  • anschreiben
  • email
  • ustid
  • liefertitel
  • liefername (replaced with confgured text string)
  • lieferansprechpartner
  • lieferabteilung
  • lieferunterabteilung
  • lieferadresszusatz
  • lieferstrasse
  • internet
The following fields are deleted from a different billing address:
  • rechnung_vorname (billing address first name)
  • rechnung_name (billing address last name)
  • rechnung_titel (billing address title)
  • rechnung_typ (billing address salutation / type)
  • rechnung_strasse (billing address street)
  • rechnung_ansprechpartner (billing address contact person name)
  • rechnung_abteilung (billing address department)
  • rechnung_unterabteilung (billing address subdivision)
  • rechnung_adresszusatz (billing address additional address information)
  • rechnung_telefon (billing address phone number)
  • rechnung_telefax (billing address fax number)
  • rechnung_anschreiben (billing address salutation text)
  • rechnung_email (billing address email address)
War der Artikel hilfreich?
Vielen Dank für Ihr Feedback!