Forgetting an entity

If an entity requests that their personal data be forgotten, you will perform the Forget action. This action redacts the personal data so that the data is not recoverable. The personal data is redacted by overwriting the content with one of two characters, depending upon field value. The ‘X’ character is used to fill the length of the field if the field is alphanumeric. The '9' character is used to fill the length of the field if the field if the field is numeric. Like the Disable function, any record where the personal data is 'forgotten' is not available for use in the application.

Note: Because the record is not usable after the personal data has been overwritten, the record should be deleted from the application as soon as possible. You should delete the affected instances by navigating to the appropriate function in the application, selecting the record, and deleting the record from the function..

If your company uses CenPOS for credit card payment or electronic AP payment remittance, specific procedures should be followed when forgetting and deleting personal data in Customer Credit Card Setup and Vendor Setup-eCommerce. Certain personal data cannot be edited or restored. You should coordinate these tasks with CenPOS.

Some personal data, such as for a credit manager, a vendor manager, or a bank contact, does not require that an entire record be deleted. In those cases, you would open a related customer record and delete the value in the Credit Manager field.

Select System Administrator > Administration > GDPR Compliance.
Perform a search for the subject entity.
In the grid, select the confirmed instances of personal data and click Forget.
Specify an expiration date. Typically, this date should reflect when the personal data should be deleted.
Click OK. The audit record is displayed in the History view.
Monitor the expiration date. On that date, you must re-enable the entity. This action allows you to access and delete the record.

See Re-enabling an entity.