Records of processing activities (ROPA, GDPR Article 30)

 

Ref: https://www.gdprregister.eu/gdpr/records-of-processing-activities/

Article 30 of the EU General Data Protection Regulation (GDPR) requires organisations to maintain internal records, which contain the information of all personal data processing activities carried out by the organisation. These records help organisations understand what personal data they collect, where it comes from and how that data is being processed.

Context: who needs to document the records of processing activities?

Article 30 GDPR stipulates that all records of processing activities have to be maintained by organisations employing more than 250 employees. Smaller organisations only need to document processing activities that:

  • are not occasional (e.g., are more than just a one-off occurrence or something you do rarely); or

  • are likely to result in a risk to the rights and freedoms of individuals (e.g., something that might be intrusive or adversely affect individuals); or

  • involve special category data or criminal conviction and offence data (as defined by Articles 9 and 10 of the GDPR).

Processing Activities

JEMHC uses secure transport (SSL/TLS) for secure point to point transfers for connections to customer mailservers, Jira instances and 3rd party integrations the customer configures. The Plugin People development/support environments are encrypted at rest.

The following are the key activities The Plugin People perform where we can come into contact with data relating to your instance:

Providing the JEMHC service (processing inbound mail or sending outbound mail)

We provide the JEMHC tools as a Processor service, customers configure it for two core cases: (a) retrieve email from mailboxes they control to create issues in a Jira system they control (b) send data from the Jira system the control through mailboxes they control. JEMHC supports mailservers with secure transport.

The Plugin People Ltd do not use, scan, share or disseminate customer email content other than for the provision of the features available to the customer through JEMHC (eg Auditing retains a copy of inbound and outbound mail - customer can opt out of this functionality at the risk of data-loss in no-processing scenarios).

In failure scenarios, the customer are notified about the problem with a link to the audit mail. In problem scenarios where auditing is opted-out, the problem mail (in full) is attached to avoid data loss. This mail is sent through the customer controlled mailbox to “Forward” recipients the customer configures in JEMHC Profiles.

Providing per-customer telemetry/notifications via Instant Messages and SMS

Customers may configure a variety of telemetry integrations, e.g. Slack/Telegram to communicate current processing, where PII data (email addresses may be shown), SMS to customer entered phone# can also be used for alerting purposes.

Providing Support : Help with inbound mail problems

During the provision of support of JEMHC customer through our support portal we may ask for supporting information that could contain Personally Identifiable Information (PII):

a) Customer may send a mail to one of our support staffs actual email (eg to/cc)

b) Customer may ‘flag’ an inbound message within JEMHC that causes data related it that messages processing to become available to support staff:

  • the email in raw full TEXT form

  • the JEMHC processing report for that email

  • the JEMHC configuration Profile, that may contain email addresses

When providing such mail, it will expose low level data like IP addresses, PII relating to recipients and potential PII from content and/or attachments.

e) Customer may provide Screenshots of live Jira issues or error messages, or on screen log output that may expose a variety of data/PII.

Providing Support : Help with outbound mail problems

During the provision of support of JEMHC customer through our support portal, customer may attach:

a) copies of outbound mail that JEMHC retains as part of auditing, such mail would contain data from the Jira instance as well as PII of the recipient.

b) the JEMHC Auditing Event (Webhook) that is the topic of the support query. Webhooks contain a lot of issue-specific data, comments etc.

System Support: Monitoring System Operation

The Plugin People have named support staff have access to our JEMHC monitoring app from which we can see customer billing contact info, high level Capacity Plan usage, DataPack purchases etc. There is no access to customer configurations, data, or instance issues.

System logging exposes per instance processing traffic, we see customers hitting nominated mail servers with outcomes. These logs are transitory and typically removed every month or two due to finite storage space. JEMHC logs do not output email content deliberately in clear, the subject may be hashed for visual tracking only. Various error conditions and responses from customer mail servers are repeated verbatim in our logs, that will allow us to assist with related support queries.

System Admin: BCC copies of system notifications

The Plugin People have named system admins that receive BCC copies of JEMHC system generated email notifications (an opt-out for this usage is planned ashttps://thepluginpeople.atlassian.net/browse/JEMHC-3790 )

Monthly usage notifications

This to enables to validate those recipients actually get notifications. When noticed, we can inject a message into JEMHC to alert JEMHC admins when recipients they have configured cause non-delivery email responses from receiving mail servers.

Capacity Plan consumption

Sometimes a customers JEMHC Plan Allocations can be used up that results in stoppage of further processing. JEMHC will notify recipients set in JEMHC > Licensing > System Notifications, with an explanation. Billing staff here receive a CC: of such notifications, such that we can reach out pro-actively to offer advice and assistance in getting more capacity, to minimise time that the customer is impacted.

ROPA Grid

Category

Description

Category

Description

Email Address

A simple email address, may contain personal name “Personal Name” <user@domain.com

Personal Name

The name of a sender or recipient of an email

Full Email Data

The raw message/rfc822 email in full. This includes all mail headers (containing IP addresses), all recipients (may contain personal names), content and attachments.

Jira Issue Content

Data from the related Jira issue, summary, description, comments, recipients, custom fields, attachments.

JEMHC Configuration

The JEMHC Profile contains all inbound mail processing config that can include email addresses, may contain Personal Name configuration that you have set.

Logs

Error logs returned from your mailhosts may contain personal names and email addresses that cannot be filtered.

The following is a grid of processing activities relating to JEMHC:

Data Controller : The Plugin People Ltd Pure Offices (Suite 34-45), Hatherley Lane, Cheltenham, Gloucestershire, UK, GL516SH data-protection-officer@thepluginpeople.com eu contact: eurep@itgovernance.eu
  • https://gdpr-info.eu/art-6-gdpr/

  • Article 6(1)b - processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

  • Article 6(1)c - processing is necessary for compliance with a legal obligation to which the controller is subject;

Ref

Business Function

Purpose of Processing

Categories of Data Subjects

Personal Data

Data Accessed By

3rd Country / International Organisation Transfer

Safeguards

Retention

Technical and Organisational Security Measures

Lawful Basis

Ref

Business Function

Purpose of Processing

Categories of Data Subjects

Personal Data

Data Accessed By

3rd Country / International Organisation Transfer

Safeguards

Retention

Technical and Organisational Security Measures

Lawful Basis

1.0

App

Reading Email Content and converting to Issues in your Jira

Your customers

Full Email Data

Jira Admins, Participants

NA

2FA

30 days

Transport Encryption (first hop), Encryption at rest

Article 6(1)(b) Contract

1.1

App

Sending Email Content from your Jira to your Customers

Your customers

Jira Issue Content

Jira Admins, Participants

NA

2FA

30days

Transport Encryption (first hop), Encryption at rest

Article 6(1)(b) Contract

1.2

App

Sending IM system status Messages to your IM Rooms

JEMHC System

n/a

IM Users

NA

NA

NA

Transport Encryption (first hop)

Article 6(1)(b) Contract

1.3

App

Sending IM telemetry to your IM Rooms

Your customers

Email Addresses

IM Users

NA

NA

NA

Transport Encryption (first hop)

Article 6(1)(b) Contract

1.4

App

Sending IM system status Messages to our Rooms

JEMHC System

Email Addresses

The Plugin People

NA

NA

90days

Transport Encryption (first hop), 2FA to access

Our Slack Message retention is 90days.

Article 6(1)(b) Contract

1.5

App

Auditing of Inbound/Outbound Mail Processing

Your customer Email data

Full Email Data

Jira Admins, Jira Project Admins

NA

NA

30days

Transport encryption

Email content has encryption at rest

You can opt out of this retention

Article 6(1)(b) Contract

1.6

App

Processing Webhooks from Jira to generate emails

Issue data, Your customers Email data

Jira Issue Content,

Email Addresses

Jira Admins, Jira Project Admins

NA

NA

1 hour

Transport encryption

Email content has encryption at rest

Article 6(1)(b) Contract

1.7

App

Storing/reusing historic Webhooks for use in custom Template Preview

Issue data, Your customers Email data

Jira Issue Content,

Email Addresses

Jira Admins, Jira Project Admins

NA

NA

indefinite

Transport encryption

Email content has encryption at rest

Article 6(1)(b) Contract

1.8

App

Storing/reusing historic Emails as Test Cases

Your customer Email data

Full Email Data

Jira Admins, Jira Project Admins

NA

NA

indefinite

Transport encryption

Email content has encryption at rest

Article 6(1)(b) Contract

1.9

App

Exporting Auditing Email / Report

Issue data, Your customers Email data

Jira Issue Content,

Email Addresses

Jira Admins, Jira Project Admins

NA

NA

NA

Transport encryption

Report content has encryption at rest

Article 6(1)(b) Contract

2.0

Support

Retrieving data supplied by you to help with your request

Your customers

Full Email Data, JEMHC Configuration

The Plugin People, Participants

hostingRegion (eg USA) to the UK (where we are based)

NA

Support Issue Close Out for ‘flagged’ emails

Transport Encryption, Encryption at rest, 2FA to access.

Email content stays within JEMHC system/db after being flagged, separate 2FA system access required to be able to download.

Article 6(1)(b) Contract

2.1

Support

Using data supplied by you to help with your request

Your customers

Full Email Data, JEMHC Configuration

The Plugin People

The UK (where we are based) to our dev site (USA).

NA

Support Issue Close Out for ‘flagged’ emails

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(b) Contract

2.2

Support

Sending email derived from your email content to a dead end mailbox (Mailtrap) to help with your request

Your customers

Full Email Data

The Plugin People

NA

NA

Support Issue Close Out for ‘flagged’ emails

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(b) Contract

2.3

Support

Excerpts of data supplied may be re-added to the support case for context

Your customers

Full Email Data, Logs, Screenshots

The Plugin People, Participants

The UK (where we are based) to our Jira site (USA).

NA

3 years

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(b) Contract

3.0

Sales

Providing Quotes & Invoices for DataPack/Plan Upgrades through Email (sales@)

Your Company Details, Your Name/Email

Personal Name, Full Email

The ordering party

We send email from the UK to wherever you are.

NA

7 years

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(c)

3.1

Sales

Providing Quotes & Invoices for DataPack/Plan Upgrades through our Jira

Your Company Details, Your Name/Email

Personal Name, Full Email

The ordering party

The UK (where we are based) to our Jira site (USA).

NA

3 years (Jira)

 

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(c)

3.2

Sales

Quotes and Invoices tracked and docs archived

Your Company Details, Your Name/Email

Company Address, Personal Name, Full Email

The Plugin People

The UK (where we are based) to our Cloud storage site (USA).

NA

7 Years

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(c)

3.3

Sales

Customer online payments

Your Name/Email

Personal Name, Full Email

The Plugin People

We are notified by email in the UK (where we are based) of your purchase where you are based.

NA

7 Years

Transport Encryption, Encryption at rest, 2FA to access.

Article 6(1)(c)