GDPR requirements
Under GDPR you must have:
- A disclaimer for visitor information capture.
- A disclaimer for photo capture specifically.
- The ability for a visitor to disable the system from remembering their details on sign in.
- A way for visitors to see all the information you have about them.
- The ability to erase a visitor’s information on their request.
Some of these require activation and some are features that you can use on request when required. Read the OnLocation GDPR statement on our website.
Personal data in OnLocation
The GDPR applies to personal data meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to that personal data.
The following personal data from visitors, employees, and contractors are processed by OnLocation:
- Full name
- Email address
- Cell phone (mobile)
- Phone
- Title/position
- Department
- Organization
- Host (who are they visiting)
- Purpose of visit
- Car parking information (vehicle registration, car park space)
- Records of qualifications and certificates
- ID verification (ID card type, reference etc.)
- Date and time a visitor, employee, or contractor entered and departed at the site
- Location data
- Photo capture
- Need assistance
Custom questionnaires can be used to capture any additional information. Additional personal information may be collected depending on the customer's requirements.
OnLocation features
Disclaimer for visitor information capture
You can create a disclaimer for capturing your visitor’s information to inform them how their data will be used and stored using kiosk custom questions.
The visitor can agree to and sign the disclaimer before signing in. You can combine this with a trigger to deny entry and/or send a notification if the visitor does not agree. If you already have a waiver, e.g. NDA or health & safety induction, you can add this disclaimer to the existing document.
Disclaimer for photo capture
You can create a disclaimer for capturing your visitor’s photo specifically in the Sign In/Out Questions for your location.
The disclaimer details your policy for photo capture including why you are taking the photo, where it is stored, and how long it is stored. Adding a disclaimer in your Sign In/Out Questions will automatically display the disclaimer for all kiosks with photo capture enabled. When the photo is captured in Sign In/Out Manager, the disclaimer will be displayed for the receptionist to read to the visitor.
Remembering visitor details during sign in
A visitor can choose not to have their information remembered for returning visits. OnLocation will not remember if they have visited previously and they will need to enter all their details again the next time they sign in.
This does not prevent the visitor’s information from being recorded in your reporting. It only means that their information will not be used when they are signing in the next time.
To enable this visitor privacy setting:
- Go to Locations, then select the location from the drop-down list.
- Select Sign In/Out Questions.
- In the Visitors tab, select the Other Options sub-tab.
- Select the Enabled checkbox next to Visitor Privacy.
- Click Save.
The last question the visitor will be asked will be “Would you like to be remembered by the system for quick sign-in next time?”. No will be selected by default and the visitor can opt-in to being remembered by selecting Yes.
Features available to use at visitor request
Provide the visitor with their information
Visitors have a right to view all the personal information that you hold about them, this is possible in OnLocation through the People Presence report.
You can use the filter options in your People Presence report to generate a report of just one visitor’s sign in/out history and their personal information. You can export all captured information by choosing to export it as a CSV file and sending the resulting file to your visitor.
Generate the report
- Go to Reporting > People Presence.
- Set the location to All Locations.
- Set the Data Source to Visitors.
- Set the Report Period to Custom Date Range.
- Set the Date From field to the first day they signed in or the day you started using OnLocation.
- Set the Date To field to today’s date.
- Click Update.
- Enter the visitor’s name in Filter by Search Query and click the search icon.
The returning results will show all visitor records matching the name entered. If you have multiple visitors with the same name, you can add custom filters to narrow down the list further to just the correct visitor, e.g. Filter by Organization. Ensure that all visitor records generated are for the person requesting their personal information before sending to avoid any privacy breaches.
To export the report, click View Report, then click Export Report, and select a CSV or PDF file:
- A PDF file will only include eight pieces of information per person.
- A CSV file can include all fields, including any custom questions the visitor answered. We recommend using a CSV export and selecting this option before exporting the report.
Erasing a visitor’s information
Being able to remove a visitor’s personal information from your account upon request is one of the data subject rights under GDPR. Therefore, we have introduced a feature that will allow you to erase a visitor’s record without removing the sign in event, this will ensure your statistics are accurate.
Rather than completely remove the record, it will be anonymized, erasing all personal information but keeping a record that someone signed in at that time.
You can do this one by one or in bulk, to erase numerous records at once, manually. Or you can erase all visitor records automatically after a set length of time. Allowing you to easily comply with a visitor request to remove their data from your records.
Manually erasing
To remove a visitor’s personal data manually, go to the People Presence report and generate a report of the visitor’s sign in history. Then use the run action to erase the data.
- Go to Reporting > People Presence.
- Set the location to All Locations.
- Set the Data Source to Visitors.
- Set the Report Period to Custom Date Range.
- Set the Date From field to the first day they signed in or the day you started using OnLocation.
- Set the Date To field to today’s date.
- Click Update.
- Enter the visitor’s name in Filter by Search Query and click the search icon.
- Click View Report.
- Use the #Records button to display all available records (up to 1000 at a time).
- Click Enable Record Erase/Purge, then click Continue.
- Click Select All at the bottom of the page.
- Click the Run an Action dropdown menu, then select Erase Records.
- Click Run Action.
- Click Erase Selected Records to confirm.
All records will have the visitor data erased from them. Erasing visitor records is permanent and cannot be reversed.
If you want to erase only one or some records, you can manually select the records using the checkboxes next to each record.
Automatic erasing
You can set a location to automatically erase visitor records after a set length of time after they sign out. This helps you comply with the data minimization principle in GDPR by holding onto visitor information only for as long as is necessary for your organization.
Erasing visitor records is permanent and cannot be reversed.
To set up records of automatically erase:
- Go to Locations, then select the location from the drop-down list.
- Select Automation & Occupancy.
- In the Automation Rules tab, under Automatic Record Erasure Options, click the dropdown next to Automatically Erase Visitors.
- Select a time period. You can choose between 7, 30, 60, 90, and 365 days.
- Click Confirm.
- Click Save.
All personal visitor data in the People Presence report will be automatically erased if it is older than your set time frame. This includes any historical records.
Reporting on erased data
Add a custom filter to show only records that have been erased. There are three columns in the report that you can select in the View Columns menu:
- Erased – Whether or not the record has been erased.
- Erased By – Who erased the record or if it was erased automatically.
- Erased Date – When the record was erased.