Russian Data Privacy

Access via: Account Settings  > Implementation > Privacy Compliance > Russian Data Privacy (Available only to Administrators)

Jump to:  || Configuration || Event Trigger || Field Mappings || Policy Compliance Audit ||

Introduction

Available only if the Data Privacy Module and its Russian Data Privacy sub-module are enabled for the account on the  Implementation Products" style="display: inline; font-family: Lato, Verdana, Arial, Verdana, Verdana, Verdana, Verdana, Verdana, Verdana, Verdana, sans-serif; font-size: 10pt; color: rgb(22, 7, 255); text-decoration: underline;"Implementation > Products page.

"Data protection laws apply to all acts of data processing, including collection, recording, systematization, accumulation, storage, alteration (update, modification), retrieval, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion or destruction of data

"Electronic (automated) and manual (non-automated) records of personal data will be subject to the data protection legislation."

This feature is currently provided only to enable the following scenario:

1. The registrant registers for an event, via a form or SSO.

2. One or more fields on their profile are checked for compliance.
   (For example, is the registrant from a specific country?)

3. If the fields comply, the data is first sent to a third-party via a web service.

4. The data is saved temporarily elsewhere, such as in a specific country, by that service.

5. The data is passed back to Certain for storage on Certain's servers.

Note: Each section on this page has its own Save button.

Privacy Configurations

• Policy – The technical type of privacy policy. Example: "RDP"

• Config Name – (Required) The name of the configuration, as set by Certain for your system.

• Start Date – (Required) The date the configuration comes into effect.

• End Date – (Required) The end of the "in effect" period.

• Service Auth Type – (Required) Select the authorization type: either "OAuth2" or "Basic Auth" .

• Service URL – (Required) The URL provided by the third-party supplier for access to its web service.

Fields displayed if Service Auth type = "OAuth2":

(Credentials for access to the third party supplier's app)

1. • Client ID – (Required)

   • Client Secret – (Required)

   • Token URL – (Required)

   • Resource – (Required)

Fields displayed if Service Auth type = "Basic Auth":

• • Username – (Required) Username for access to the third party supplier's app.

  • Password – (Required) The password matching that username.

• Wait Message – (Required) Enter the message to be displayed to attendees while the web service is making the request.
  Note: For future use. Not in use at present.

• Service Error Messaging – (Required) Enter the error message to be shown if the web service is down or unsuccessful.
  Technical note: "Unsuccessful" here means this message is returned if the external webservice returns anything other than an HTTP 200 (OK) response

• Capture External ID Key – (Required) Provided by the third-party supplier.

Event Trigger

The field and value(s) that this post will watch.

• Trigger Field – (Required) Select a Certain field for the policy to watch.
  Those available include Standard Profile Enumerated Fields, specifically Country.

• Trigger Values – (Required) These are the values that the policy will watch, and invoke the web service based on its evaluation.

Field Mappings

Note: You must map at least First Name, Last Name and Email in Certain to the equivalent Target Fields.

• Certain Field – (Required) Select a Certain field to map. Those available include:
  •Standard Profile fields
  •Static Profile fields
  •Custom Profile fields
  •Static fields

• Target Field – (Required) Enter the name of the matching field from the third-party app.
  For example, if C ertain Field = "First Name", then Target Field might be "firstname".

• Add field mapping - Adds a row in which you can map another pair of fields.

Policy Compliance Audit

Only non-compliant records are listed.

Records are compliant when:

1. The profile has gone through either of two entry points, SSO or Form, and

2. Trigger Field is one of those selected in Trigger Values defined under Trigger Fields above.

The table lists these fields for each record:

• Audit Date Time – When the compliance audit was run.

• Profile Date Created – When the Profile was created via a registration form.

• Correlation Id – Unique ID and associated records, generated by Certain.

• External Id – A unique ID generated by the third party app, and associated with the records in their database.

• Non Compliance Reason – Generated message for non-compliant records.