SecureNative Docs
  • Docs
  • Site
  • Help

›Privacy

Welcome

  • Introduction
  • Quick Start
  • How SecureNative works

Guides

  • Tracking Events
  • Authentication & API Key

Security Modules

  • Users Monitoring
  • Zero Trust Authentication
  • Fraud Detection
  • Account Takeover

Security Automation

  • Introduction
  • Security Flows
  • Security Flows API
  • Events
  • Rules

Using SecureNative

  • Dashboards
  • Security Events
  • Vulnerabilities
  • Security Headers
  • Users Monitoring
  • Inviting Team Members

Privacy

  • GDPR Compliance

Sources

  • JavaScript Agent

SDKS

  • SDK's
  • SDK Guide
  • SDK Tutorial
  • SDK Integration

Micro-Agents

  • Node.js
  • Java
  • Ruby
  • python
  • PHP
  • Go

Integrations

  • Webhooks
  • Slack
Edit

GDPR Compliance

What is the GDPR?

The General Data Protection Regulation (GDPR) is a new directive from the EU that affects how companies collect and process their customers personal data. GDPR will come into effect on May 25, 2018, by which point all businesses in the EU have to become compliant.

Who does the GDPR apply to?

Every business that operates with clients in the EU or outside it (that process or store personal data of EU citizens)

SecureNative and GDPR compilance?

Setting your privacy email address

In the SecureNative console, log into your SecureNative account and go to: project -> project details -> privacy email and enter your company's privacy email address.

This email address must then be verified, once you have saved and verified an email address,any data request that was submitted to SecureNative results to that email address.

User Data Access

In compliance to Art. 15 GDPR Right of access by the data subject that states that users have the right to request access to their personal data. If you receive this request from your user, you may also need to forward the request to your vendors, such as SecureNative, so that the vendor can provide data related to this user as well.

User Data Access Request API

To submit a User Data Access Request, you need send a POST request without a body to the endpoint described below. You will need to authenticate the request with your SecureNative project API Key.

Upon receiving a request, we will match all records that are associated with a requested user and will send an email to your privacy email address with the link. The email will contain a download link to file with all the information that will expire after 12 hours.

curl -X POST \
  'https://api.securenative.com/console/api/v1/privacy/users/USER_ID ' \
  -H 'Authorization: API_KEY' \
  -H 'Host: api.securenative.com'

Parameters
ParameterInTypeRequiredDescription
USER_IDparamstringThe user identifier

Responses

Overview
StatusMeaningDescriptionSchema
202AcceptedA successful response.servicesClassifyOutput
400Bad RequestReturned when there is a bad request.httputilHTTPError
401UnauthorizedReturned when the resource unauthorized.httputilHTTPError
404Not FoundReturned when the resource does not exist.httputilHTTPError
500Internal Server ErrorReturned when there is a internal server error.httputilHTTPError
Successful response
202

User Data Removal

In compliance to Art. 17 GDPR Right to erasure (‘right to be forgotten’) that states that users have the right to request that all their data be permanently purged. If you receive this request from your user, you may also need to forward the request to your vendors, such as SecureNative, so that the vendor can purge that user's data too.

User Data Removal Requet API

To submit a User Data Removal Request, you need send a DELETE request without a body to the endpoint described below. You will need to authenticate the request with your SecureNative project API Key.

Upon receiving a request, we will match all records that are associated with the requested user and will permanently remove all data from our system. The email with confirmation will be sent upon completion of this operation.

curl -X DELETE \
  'https://api.securenative.com/console/api/v1/privacy/users/USER_ID ' \
  -H 'Authorization: API_KEY' \
  -H 'Host: api.securenative.com'

Parameters
ParameterInTypeRequiredDescription
USER_IDparamstringThe user identifier

Responses

Overview
StatusMeaningDescriptionSchema
202AcceptedA successful response.servicesClassifyOutput
400Bad RequestReturned when there is a bad request.httputilHTTPError
401UnauthorizedReturned when the resource unauthorized.httputilHTTPError
404Not FoundReturned when the resource does not exist.httputilHTTPError
500Internal Server ErrorReturned when there is a internal server error.httputilHTTPError
Successful response
202

Personal data breaches

In compliance to Art. 34 GDPRCommunication of a personal data breach to the data subject that states that vendors shall notify your users without undue delay and at the latest within 72 hours about any breach of security that occurs which might lead to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed (personal data breaches), you may also need to forward the request to your vendors, such as SecureNative, so that the vendor can insure that user information of your users stays protected.

Last updated on 7/12/2020
← Inviting Team MembersJavaScript Agent →
  • Who does the GDPR apply to?
  • SecureNative and GDPR compilance?
    • Setting your privacy email address
    • User Data Access
    • User Data Access Request API
    • User Data Removal
    • User Data Removal Requet API
    • Personal data breaches
SecureNative
© Copyright 2018 - 2020 SecureNative, Inc. | All Rights Reserved