As Data Controller, Cloud4Wi clients are owners and responsible for the personal data collected through the product. To honor GDPR and most of the data protection regulations, Data Controllers must inform individuals regarding how long their data is processed in the Privacy Policy exposed on the Splash Page during the initial sign-up process.
The time data is kept in the system is usually referred to as "Data Retention". The Data Retention period may change depending on circumstances and purpose of processing, therefore Cloud4Wi allows clients to configure rules that apply the data retention policy in their Cloud4Wi account.
In the Manage > Compliance Center, under the tab Data Retention, clients can create one or multiple rules to programmatically delete certain categories of personal data in order to reflect and honor what has been committed to the end-users in the Privacy Policy.
Retention Rules
The rules can be created for two main groups of personal data:
- WiFi Logs: this category of data refers to the technical WiFi logs (aka. "Connections logs").
- All Personal Data: includes all traces of personal data referred to an individual (including demographic, behavioral, and profiling data, technical logs). Note that All Personal Data includes WiFi Logs.
The rule will apply to all Contacts who subscribed to specific Locations. You can select All Locations or specify a subset of Locations filtered by:
- Country: all Locations in specific countries
- Location Tag: all Locations with specific Tags
Finally, you can see the retention period in months. The available options depend on the category of personal data the rule refers to.
For All Personal Data, you can choose between:
- Contact collection Date: this is the date the individual subscribed to the service in one of the Locations subject to the retention rule, acknowledging the Privacy Policy exposed in such Location
- Contact Last Activity Date: this corresponds to the last time the individual has used the guest WiFi service or visited any of the Locations on the account
For the WiFi Logs, the only option is:
- Log Record Date: this is the date of each connection log
How data deletion works
You can create as many rules as you wish and all the rules are executed. For example, you can create the following rules:
- Delete All Personal Data in All Location 18 months after Contact Last Activity Date
- Delete WiFi Logs in Location in France, 12 months after the Log Record Date
The retention rules are usually executed a few days after the submission.