This article describes how an administrator can export and/or delete data from their UCRM deployment. Please read the important notice below.
Table of Contents
Effective as of May 25, 2018, the General Data Protection Regulation (GDPR) is a privacy regulation that aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection laws. Besides strengthening and standardizing data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data.
We are committed to help our customers prepare for the changes brought by the GDPR. Compliance-related tools that are currently or soon to be available include the following:
Users can use some in-app export tools to export each section separately. For example, the list of clients may be exported by visiting Client tab, then click export, and activity log related to a client may be exported from the bottom of the client profile page.
Released with 2.12 beta, detailed data about a client can be retrieved by clicking the “export” button in the Client section.
Each client can be permanently deleted from UCRM.
- First, choose the client to be deleted from the Client tab and go to the client profile.
- Click the trash button to deactivate and move the client into archive.
- Go to the client profile page again and click the trash button, confirm the "permanent delete" action.
Once removed, all related information will also be automatically deleted. Note that some client data will remain in the UCRM backup files and/or system log entries. The backup files and log entries are deleted periodically based on the retention policy settings, which could be found in the dashboard under System tab > Settings > Logs, and System tab > Tools > How many backup files to keep at maximum.
ATTENTION: We advise WISPs to communicate to their data subject about their data retention policy.
Our team is reviewing our products and practices to ensure we support our customers with their GDPR compliance. We may provide updates and add features and functionalities to further support our customers along the way. We’ll also continue to monitor the guidance around GDPR compliance from privacy-related regulatory bodies, and will adjust our plans accordingly if it changes. If you have any questions about how Ubiquiti can help you with GDPR compliance, we hope you’ll reach out to us at firstname.lastname@example.org.
Who should pay attention to this?
EU administrators who use Stripe or Authorize.Net on UCRM version 2.11.0 or prior should be noted that client data would not be deleted automatically from Stripe and Authorize.Net when removed from UCRM. This is the case even if version 2.11.0 is upgraded to subsequent version.
Client data created after UCRM 2.11.1 and subsequent versions can be deleted automatically from Stripe and Authorize.Net when removed from UCRM. Also, client profiles are no longer created in Stripe when a client pays using one-time payment after UCRM 2.11.1.
How to remove the remaining data from version 2.11.0 or prior?
Administrators will need to go through their client data in the Stripe or Authorize.Net dashboards created in UCRM version 2.11.0 or prior and delete the data if it is no longer needed.
If requested by clients, administrators can log in to the Stripe dashboard or Authorize.Net dashboard and go to the Customers section, and delete those who are no longer the administrator’s clients or whose subscription has been cancelled.
If you are using Stripe, you can find all clients with inactive subscriptions easily using Stripe's export feature. You will get a CSV file with all your clients and those without subscriptions will have empty "Plan" column.