GDPR & Compliance
Data protection and regulatory compliance in Ever Gauzy.
GDPR Requirementsโ
| Requirement | Gauzy Implementation |
|---|---|
| Right to access | Employee data export |
| Right to erasure | Account deletion, data purge |
| Data minimization | Configurable data collection |
| Consent management | Screenshot consent, tracking |
| Data portability | JSON/CSV export |
| Breach notification | Audit logging, alerts |
Data Subject Rightsโ
Right to Access (Article 15)โ
Employees can export their data:
- Go to Profile โ Privacy โ Export My Data
- Downloads JSON with all personal data
Right to Erasure (Article 17)โ
Admin can delete employee data:
- Go to Employees โ select employee
- Click Delete โ Permanently Delete All Data
- Removes: user account, time logs, screenshots, activities
Data Collection Settingsโ
| Data Type | Default | Configurable |
|---|---|---|
| Screenshots | Enabled | โ Per org |
| Activity levels | Enabled | โ Per org |
| App/URL tracking | Enabled | โ Per org |
| Mouse/keyboard | Enabled | โ Per org |
| GPS location | Disabled | โ Per org |
Data Retentionโ
Configure automatic data cleanup:
# Auto-delete screenshots older than N days
SCREENSHOT_RETENTION_DAYS=90
# Auto-delete activity logs older than N days
ACTIVITY_RETENTION_DAYS=365
Audit Trailโ
All data access and modifications are logged. See Audit Logging.
Related Pagesโ
- Data Encryption โ encryption
- Audit Logging โ audit trail
- Data Export โ exporting data