This documentation is not using the current rendering mechanism and is probably outdated. The extension maintainer should switch to the new system. Details on how to use the rendering mechanism can be found here.
This chapter lists all features of the GDPR extension.
Working with personal data¶
The extension makes it possible to exclude any record by activating a checkbox. After that, the record won’t be accessible and available anymore, no matter if backend or frontend, editor or admin.
A new administration module gives editors the possibility to handle those flagged records and react with one of the following options:
- Completely remove the record from the database
- Reactivate the record
- Randomize content of the record [see Randomization](Randomization.md)
Every action regarding those flags is logged in a central place.
Randomization is a good way to remove the private data from a record and still be able to use the rest o the record.
A user wants his orders to be removed. After randomization the private data is removed but it is still possible to generate statistics from the order, e.g. orders from a country.
By providing a mapping per table, is possible to exchange the data with dummy information which looks still ok and can be used in exports. An example would be:
[usernname] => martens.conny [email] => firstname.lastname@example.org [password] => 94n3ifyp($+%u# [zip] => 33781 [address] => Hans-Jürgen-Sauer-Weg 21 86788 Oberursel (Taunus) [city] => Pfungstadt [first_name] => Miriam [last_name] => Sander [telephone] => +8747861395322 [fax] => +5484337015644
Using a CLI command¶
By using a CLI command, all data with a specific age can be randomized: ./web/typo3/sysext/core/bin/typo3 gdpr:randomize
Result can look like this:
Randomize data ============== Starting with table "be_users" ------------------------------ // Randomization skipped as not enabled! Starting with table "fe_users" ------------------------------ // find all fields where value of field "tstamp" is older than 360 days [OK] 3 records randomized
Improved privacy for embedded videos¶
Before videos from the platforms YouTube and Vimeo are actually loaded, the user is asked for consent. This improves the privacy and as an additional benefit also the loading time.
Overview over all forms
If supported, also the count of mail log and preview is shown
Each form must be checked if it complies with the GDPR. This can’t be done by the extension but it can help to ease the workflow.
- Listing of all forms, generated by the most popular form extensions form, powermail & formhandler:
- Provide a state to know which forms have already been checked and which need to be done.
A search, similar to the one in the DB Check module allows to search within sensitive records.
A report shows a short information about potential actions.