GDPR & Compliance
Data protection and regulatory compliance in Ever Gauzy.
GDPR Requirementsβ
| Requirement | Gauzy Implementation |
|---|---|
| Right to access | Employee data export |
| Right to erasure | Account deletion, data purge |
| Data minimization | Configurable data collection |
| Consent management | Screenshot consent, tracking |
| Data portability | JSON/CSV export |
| Breach notification | Audit logging, alerts |
Data Subject Rightsβ
Right to Access (Article 15)β
Employees can export their data:
- Go to Profile β Privacy β Export My Data
- Downloads JSON with all personal data
Right to Erasure (Article 17)β
Admin can delete employee data:
- Go to Employees β select employee
- Click Delete β Permanently Delete All Data
- Removes: user account, time logs, screenshots, activities
Data Collection Settingsβ
| Data Type | Default | Configurable |
|---|---|---|
| Screenshots | Enabled | β Per org |
| Activity levels | Enabled | β Per org |
| App/URL tracking | Enabled | β Per org |
| Mouse/keyboard | Enabled | β Per org |
| GPS location | Disabled | β Per org |
Data Retentionβ
Configure automatic data cleanup:
# Auto-delete screenshots older than N days
SCREENSHOT_RETENTION_DAYS=90
# Auto-delete activity logs older than N days
ACTIVITY_RETENTION_DAYS=365
Audit Trailβ
All data access and modifications are logged. See Audit Logging.
Related Pagesβ
- Data Encryption β encryption
- Audit Logging β audit trail
- Data Export β exporting data