Server

Nuxeo Platform and Data Privacy

Updated: March 18, 2024

The Nuxeo Platform offers all the necessary capabilities to build an application that ensures the maximum level of compliance with user privacy and security regulations.

The European General Data Protection Regulation was the first one to go into action in 2019, redefining the entire landscape of how online user data is to be handled. New sets of regulations, like the California Consumer Privacy Act (CCPA), are going live: even if they apply to different regions, the main principles remains the same.

To get information about how Nuxeo, as a company, is ensuring its compliance with data protection requirements, please refer to the corporate website.

Concept

The Nuxeo Platform, by itself, cannot ensure GDPR or CCPA compliance as the they are not about certifying any technical solution; it is about ensuring that the management of personally identifiable information (PII) are satisfying individual rights requirements, such as the right to access, the right to erasure, portability, etc.

Indeed, the main concerns are focused on the way personal data is used and stored, the ability to quickly respond to Subject Access Requests, the security controls in place to protect personal data integrity and confidentiality, etc.

Managing Data Privacy Requirements with Nuxeo

Right to Data Portability

Individuals are free to either store the data for personal use or to transmit it to another data controller.
The data must be received “in a structured, commonly used and machine-readable format.”

The Nuxeo Platform offers several features that allow you to export documents natively. The export component should be chosen depending on your requirements.

Export Components Implementation Needs Configuration Adapted for Folder Structure Export Document Type and Property Value Export
ZIP XML Export Native No Yes No
Template Rendering Addon Yes Yes Yes
PDF Concatenation Studio feature Yes No No
Nuxeo Drive Addon No Yes No
Nuxeo FS Exporter Addon No Yes No

Right of Access

Individuals should obtain from the confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data.

Thanks to the Nuxeo Audit Service and the Nuxeo Query Language (or NXQL), it is possible to identify:

  • All the actions (download, search, edit, etc.) that were executed on a document
  • The exact date of an action
  • The version of the document in which an action was executed

The audit entries can be read from a document-context or from the Nuxeo Web UI Administration menu. New events can be created from Nuxeo Studio and therefore be tracked in the platform.

The Nuxeo Platform doesn’t identify or extract personal information located inside a document natively. To complete this use case, it is necessary to integrate external services like Google Cloud Data Loss Prevention or Amazon Macie, for example.

Right to Rectification

The individuals should have the right to obtain without undue delay the rectification of inaccurate personal data concerning him or her.

Nuxeo allows you to bulk edit any document property by either building a custom form and operation with Nuxeo Studio or by creating your custom component based on Nuxeo Stream for huge volumes.

Right to Erasure / Right to be Forgotten

The individuals should have the right to obtain the erasure of personal data concerning him or her without undue delay and the controller should have the obligation to erase personal data without undue delay.

With the proper permissions, it is possible to delete a document unitary or several documents (from a folder view or a query). The deletion can be triggered by any other Nuxeo interface such as the REST API, CMIS or any Nuxeo SDK Client.

As described in Trash Service page, documents are first moved to the trash before being permanently deleted. The Nuxeo Platform removes the personal information references from the binary storage as well as from within the database.

When personally identifying information needs to be removed without deleting the whole document, content redaction using Nuxeo Enhanced Viewer can also be considered as an option.

Some personal information may be stored within the indexes. Cleaning the indexes requires specific ElasticSearch operations.

Right to Object

The individuals should have the right to object at any time to processing of personal data concerning him or her, including profiling based on those provisions.

You can create specific document properties to identify whether a document being used for a particular processing activity is following the best practice for this type of workflow. In addition to triggering automatic processes with listeners and scheduling jobs, you can alternatively use custom security policies to instantly restrict a specific user or group from accessing a document to.

Privacy by Design

The term "Privacy by Design" refers to the data protection through technology design, in other words: apply privacy by design principles to applications, services and products when designing, developing, and testing.

Privacy by design concepts, applied to a Nuxeo-based application, require an understanding of the capabilities offered by the Nuxeo Platform. The following sections are particularly interesting to read:

Nuxeo JSF UI uses a set of cookies which are used exclusively to manage authentication and redirections:

  • JSESSIONID: Session ID for the web application to mantain the authentication alive
  • org.jboss.seam.core.TimeZone
  • org.jboss.seam.core.Locale
  • nuxeo.start.url.fragment

Nuxeo Web UI uses a subset of the JSF set of of cookies.