J3.x

Information Request Workflow in Privacy Component

From Joomla! Documentation

Revision as of 20:18, 28 August 2018 by Mbabker (talk | contribs) (→‎Authenticated User Request)

Information requests are the central element to the privacy component and processing user requests for their data to be exported or removed from a site.

Creating a Request[edit]

A request can be created either by a super user for the website or an authenticated user through the request form.

IMPORTANT To create and process information requests, your website MUST be able to send emails due to the requirement for the information owner to confirm the request.

Super User Creation[edit]

Through the Privacy: Information Requests screen, any super user may create a new information request. This is the only way to create information requests for users who do NOT have accounts on the website. To create a request, the super user must specify:

  • The email address of the user for whom to process data
  • The request type (export or remove)

Note: In this context, a user means any individual or organization who has made a request, regardless of whether there is a registered user account on the site for a user (as an example, this would allow the tool suite to process requests for sites which have a commenting system which allows guests to comment by providing a name and/or email address without requiring to be registered on the site).

Authenticated User Request[edit]

Registered users may submit information requests for their accounts on the website. It is suggested to create a Privacy > Create Request menu item to link to the information request form. When submitting an information request, the user must provide:

  • Their email address
  • The request type (export or remove)

Confirming a Request[edit]

Once a request has been created, regardless of how it is created, the user must confirm that this is a valid request for their information. They will receive an email from the website alerting them to the request's creation and be provided a link to a confirmation form where they will need to enter the token provided in the email and their email address to confirm the request's validity. Once the user confirms the request, it will be marked as Confirmed in the component's requests list and the site's super user(s) will be able to process it.

The token in this email is valid for 24 hours. If a request is not confirmed in that timeframe, the request will be marked as Invalid in the component's requests list and a new request must be submitted.

Processing a Request[edit]

Export Request[edit]

Coming soon

Removal Request[edit]

Coming soon

Completing a Request[edit]

After the request has been processed, the request should be marked as completed. This will indicate that the request has been fulfilled and there is no further action to be taken.

Additional Resources[edit]

Retrieved from "https://docs.joomla.org/index.php?title=J3.x:Information_Request_Workflow_in_Privacy_Component&oldid=506900"