Configuration
After installing the GDPR Data Management app, you need to configure it according to your organization's requirements and data processing needs.
GDPR Setup Configuration
Accessing GDPR Setup
- Use Tell Me (Alt+Q) and search for "GDPR Setup"
- Open the GDPR Setup page
- If no records exist, a new setup record will be created automatically
Setup Fields
Personal Data Permission Set
- Field: Personal Data Permission Set (Code 20)
- Purpose: Defines which permission set contains personal data access rights
- Configuration:
- Automatically created during initialization if not specified
- Can be manually selected from existing permission sets
- Links to Business Central's permission set system
- Impact: Determines which tables and fields are considered personal data
Initialization Process
Automatic Initialization
The initialization process sets up the base configuration:
- Start Initialization
- Navigate to GDPR Register List
- Click Actions > Functions > Initialize
- Confirm the initialization process
- Progress Monitoring
- Monitor the progress dialog showing current table processing
- Process may take several minutes depending on data volume
- Progress indicator shows completion percentage
- Completion Verification
- Check that documentation elements are created
- Verify permission set is configured
- Confirm no error messages appeared
What Initialization Does
Documentation Element Creation
- Scans all tables with personal data permissions
- Creates documentation elements for each table/field combination
- Establishes hierarchical structure (General > Department > Functional Area)
- Sets default categorization to "General"
Permission Set Management
- Creates or validates personal data permission set
- Links permission set to GDPR configuration
- Establishes table-level access control
Data Category Configuration
Creating Data Categories
- Open GDPR Data Category List
- Click New to create a category
- Configure category properties:
- Code: Unique identifier for the category
- Description: Human-readable category name
- Data Controller: Person/department responsible for this data
- Retention Period: How long data should be kept
- Legal Basis: GDPR legal basis for processing
Category Examples
Code: CUS-BASIC
Description: Customer Basic Information
Data Controller: Sales Manager
Retention Period: 7 years after last contact
Legal Basis: Contract Performance
Code: EMP-HR
Description: Employee HR Records
Data Controller: HR Manager
Retention Period: 7 years after employment ends
Legal Basis: Legal ObligationDocumentation Element Configuration
Hierarchical Structure Setup
Department Configuration
- Open GDPR Register List
- Filter by Type = Department
- Edit existing or create new departments:
- Description: Department name (e.g., "Sales Department")
- Level: Should be 1 for departments
- Parent Entry No.: Leave blank for top-level departments
Functional Area Configuration
- Filter by Type = Functional Area
- Configure functional areas:
- Description: Specific business function
- Level: Should be 2 for functional areas
- Parent Entry No.: Link to appropriate department
Element Assignment
For each table/field combination:
- Review Current Assignment: Check which category it's assigned to
- Evaluate Business Purpose: Determine appropriate department/functional area
- Update Assignment: Move to correct hierarchical position
- Document Rationale: Add notes explaining the classification decision
Permission Configuration
User Permission Assignment
- Administrator Access: Assign
GDPR-ADMINpermission set to GDPR administrators - User Access: Assign
GDPR-USERpermission set to business users who need to clean data - Read-Only Access: Create custom permission set for audit/compliance users
Custom Permission Sets
Create organization-specific permission sets:
Permission Set: GDPR-SALES
Description: GDPR access for sales department
Tables: Customer-related tables only
Access: Read, Modify for sales-specific personal data
Permission Set: GDPR-HR
Description: GDPR access for HR department
Tables: Employee-related tables only
Access: Read, Modify, Delete for HR-specific personal dataIntegration Configuration
Business Central Integration
- Application Insights: Telemetry is automatically configured if BC telemetry is enabled
- Translation Files: Language-specific translations are loaded automatically
- User Authentication: Uses BC's built-in user management
Custom Field Configuration
If you have custom fields containing personal data:
- Extend Permission Sets: Add custom tables/fields to personal data permission set
- Update Documentation: Run re-initialization to include new fields
- Classify Elements: Assign new elements to appropriate categories
Advanced Configuration
Filter Configuration
Configure default filters for data cleaning operations:
- Open QteamFilterSelector functionality
- Set up organization-specific filter templates
- Define commonly used filter combinations for efficiency
Session Management
Configure session settings for data cleaning: - Session Timeout: Maximum duration for cleaning sessions - Batch Size: Number of records to process in each batch - Error Handling: How to handle failed cleaning operations
Validation and Testing
Configuration Validation
- Test Initialization: Run initialization on test environment first
- Permission Testing: Verify users can access appropriate functions
- Data Classification: Review classification accuracy with business users
- Cleaning Process: Test data cleaning with sample data
Documentation Review
- Hierarchical Structure: Ensure logical organization of elements
- Category Assignments: Verify all elements are appropriately categorized
- Permission Alignment: Confirm security permissions match data classification
- Compliance Mapping: Ensure configuration supports audit requirements
Best Practices
Initial Setup
- Start with standard configuration and customize gradually
- Involve business stakeholders in classification decisions
- Document configuration decisions for audit purposes
- Test thoroughly before production deployment
Ongoing Management
- Regular review of data categories and assignments
- Update configuration when business processes change
- Monitor initialization performance with large datasets
- Maintain backup of configuration settings
Next Steps
After configuration is complete:
- Permission Setup: Configure detailed user permissions
- Data Classification: Begin classifying your data
- Data Cleaning Process: Start using cleaning functionality