Unsupported content

 

This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.

Addressing data privacy requests

The  product provides capabilities that help administrators address the personal data protection and privacy requirements associated with the General Data Protection Regulation (GDPR). The GDPR is a set of rules and principles governing the handling of personal data of individuals located in the European Union (EU).

Personal information for  users

Personal information for  users is manually entered, or retrieved from single sign-on services, or directory services for the user session. 

Note

This BMC document provides general information about the General Data Protection Regulation (GDPR) and GDPR key requirements. It is not intended to provide any legal advice. The GDPR can be found at https://ec.europa.eu/info/law/law-topic/data-protection_en. Under this new Regulation, any organization handling personal data of European Union residents, regardless of its location, needs to understand which GDPR requirements apply to its organization and accordingly devise a plan for adjusting its systems and processes and for educating its people. Although BMC is not in the business of data privacy compliance software, some of the features of the product can help customers meet some requirements of the GDPR. For more information about how BMC solutions can help achieve the requirements of the GDPR, see https://www.bmc.com/it-solutions/gdpr-compliance.html

You can find personal information on  administrators in  UI:

Home > Global Settings > Administrators
 administrators might have various contact details included in their record. To delete a  administrator, right click the administrator you want to delete, and select Delete from the menu. You can transfer access rights to another administrator.

Home > User Groups
 users might have various contact details included in their record. To delete a  user, right click the user you want to delete, and select Delete from the menu. 

Personal information retrieved by 

Personal information can be discovered and retrieved by  if it exists in target systems in your IT estate. The type of personal information that can be discovered depends on the targets you manage, and whether or not you have an agent installed. 

Data privacy concerns should ideally be addressed in those target systems.  can help identify instances of personal information in those target systems.

If you delete personal data that is retrieved from target systems, the same personal data will be retrieved from the target when it is next discovered. For complete permanent deletion of personal data that is retrieved from target systems, deletion must first occur on the target system, and then in .

List of personal information held in 

This section contains a comprehensive list of the personal information held in , and information on how it is viewed, where it is obtained or entered, and how it is removed.

Device information

Viewed

Viewed from the Java console, web service, and reports. Can also be visualized from ServiceCore, , and .

Obtained

This inventory is collecting regularly by the agent or by a Discovery scan. Can also be synchronized with an Active Directory server, or imported from the .

Removed

Removed using the Java console or web service.

  • If the device has a agent, you must uninstall the agent.
  • If the device has been discovered in a scan, you must remove the target from the scanned target list.
  • If the device has been synchronized with an Active Directory server, you must stop the synchronization.

Attribute list

  • Name
  • User
  • Location
  • IP Address
  • Domain Name
  • Network Name
  • Host ID 
  • NetBIOS Name
  • User Name
  • User Domain
  • User Login
  • Asset Owner
  • Department

Connectivity

Viewed

Viewed from the Java console, and reports.

Obtained

This inventory is collected using an Asset Discovery scan.

Removed

Removed using the Java console.

  • If the device has been discovered in a scan, you must remove the target from the scanned target list.

Attribute list

  • Domain Name
  • IP Address
  • MAC Address
  • Name
  • NetBIOS Name
  • User

Hardware

Viewed

Viewed from the Java console, web service, and reports.

Obtained

This hardware inventory is collecting regularly by the agent or by a Discovery scan.

Removed

Removed using the Java console.

  • If the device has a agent, you must uninstall the agent.
  • If the device has been discovered in a scan, you must remove the target from the scanned target list.

Attribute list

  • Computer System: User
  • Computer System: Domain
  • Computer System: Name
  • BIOS: Serial Number
  • Computer System Product:  Identifying Number

iOS mobile

Viewed

Viewed from the Java console, and reports.

Obtained

This inventory is collected using an Asset Discovery scan.

Removed

Removed using the Java console.
This hardware inventory is collecting regularly by the agent or by a Discovery scan.

Attribute list - iOS Telephony Information

  • ICCID
  • IMEI
  • MEID
  • Phone Number
  • Subscriber Carrier Network
  • Subscriber MCC
  • Subscriber MNC
  • EAS Device Identifier

Attribute list - iOS-Device Security Information

  • Instance Name
  • Is Activation Lock Enabled
  • Is Cloud Backup Enabled
  • Is Device Locator Service Enabled
  • Is Do Not Disturb In Effect
  • Is Supervised
  • iTune Store Account Hash

Attribute list - System

  • Description
  • Identifier
  • Instance name
  • Is Encrypted Profile
  • Name
  • Organization
  • UUID

Device Users

Viewed

Viewed from the Java console, web service, and reports.

Obtained

Users are created manually or obtained during synchronization with an Active Directory server.

Removed

Removed using the Java console.

Attribute list

All User attributes can be empty with the exception of User Login.

  • User Domain
  • User Login
  • First Name
  • Last Name
  • Office Phone
  • Home Phone
  • Mobile Phone
  • Email
  • Company
  • Department
  • Title
  • EmployeeID
  • Location

Administrators

Viewed

Viewed from the Java console, web service, and reports.

Obtained

Users are created manually or obtained during synchronization with an Active Directory server.

Removed

Removed using the Java console.

Attribute list

All Administrator attributes can be empty with the exception of Login and Last Login.

  • Login
  • Password
  • First Name
  • Last Name
  • Office Phone
  • Home Phone
  • Mobile Phone
  • Email
  • Company
  • Department
  • Title
  • EmployeeID
  • Location
  • Last Login
  • Photo/image

Reports

You can generates Reports that include Device, Administrator, or User information.
The reports can be generated manually, with a scheduler using the Java console, or with a web service.

Viewed

Reports can be viewed from the Java Console, or Report portal.

Note

Reports can be downloaded and distributed by email, or other means.

Generated reports are stored on the master server.

Removed

Removed using the Java console or web service.

Account credentials

Viewed

Viewed from the Java console, web service, and reports.

Removed

Removed using the Java console or web service.

  • Domain
  • Login
  • Password (encrypted)

Active Directory Server 

Viewed

Viewed from the Java console.

Removed

Removed using the Java console.

  • Server Name
  • User
  • Password (encrypted)

Mail Server

Viewed

Viewed from the Java console.

Removed

Removed using the Java console.

  • Server Name
  • User Name
  • Password (encrypted)
  • System Email address

Addressing data privacy requests

You can locate personal information in   using the UI search tools.

You cannot anonymize personal information. 

To search for and report on personal data in 

Personal information for  users is held in administrator records. 

Personal information retrieved by  is held in devices

Performing a search for personal data in 

Search queries are entered by using the Advanced Search page.

  1. Click the magnifying glass icon in the tree panel, and then click Advanced Search
    The Advanced Search page is displayed.
  2. To search for a  user:
  3. Under Object, select Administrator
  4. Under Criterion, select any of the items from list. For example, Login.
  5. Select the Operator. For example Contains.
  6. Enter the value to search for in the Value field. For example, wsmith.
  7. Click Search.

Performing a search for a device in 

You can search for a device in the Quick Device Search box. To do this, type the device name, or part of the device name and press Enter.

The search results show a list of devices that match the search.

To see the node view, right-click the device, and select View Node.

Performing a search for a device user in 

You can also search for a device user. To do this, type the user name, or part of the user name and press Enter.

The search results show a list of devices that have a user account that matches the search.

To see the node view, right-click the device, and select View Node.

To delete personal data from 

To delete a  administrator, user, or device, view the node you want to delete, right click, and select Delete from the menu. 

To export personal data from 

You can export personal data in XML format from .

  1. From any node view, for example an Administrator or a Device, select File > Export.
    The Export the Current Node dialog is displayed.
  2. Navigate to the required directory and enter a file name for the exported data.
  3. Click Save.

You can also save a view of the personal data in CSV, HTML, or XML format.

  1. From any node view, for example an Administrator or a Device, select File > Save View.
    The Save a View dialog is displayed.
  2. Select the required file format from the list.
  3. Navigate to the required directory and enter a file name for the exported data.
  4. Click OK.


This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Comments