Snap4City vs GDPR

GDPR compliant for all use cases

The Snap4City platform is compliant according to GDPR addressing the data types according to a signed consent.

At the registration the user have to sign the consent to accept the terms of use, privacy policy, etc.

When the registration is performed on the APP, the user has to perform a signed consent.

On the App as well as on the web portal, the users may decide to register or remain anonymous. In latter case the user is going to have access to a limited number of functionalities.

The user may decide to revoke the consent for data collected by means of the mobile App directly on the App. In addition, the user can see and/or cancel the collected data, download them from the web portal.

It is also possible of requesting to apply for “Forget me totally” or partially. These features are available from the user profile web page.

End-users can give their consent to use their data non-anonymously

When the user decides to give the consent to access his data in a not-anonymously way, his identity (the User Profile, like his email address, but can be also his name, surname or social media identity) is linked to the activities performed. All the connections are performed over a HTTPS channel. The user can decide to remove the consent anytime from the user profile web page or from the mobile App.

End-users can decide to not give their consent to use their data

If the user decides to not give consent to access his data, his identity will be never recorded by the platform.

End-users can delete their data (completely or partially)

The user can decide to delete all his data types or just some of them. The specified data types when deleted by the users are put in a limbo-mode for a configurable slot of time (i.e., 1 month) to support future Audit (i.e., police investigation). Whenever this time elapses, the data are completely removed and when cannot be removed they are fully anonymized. It will never be possible to revert this action and will be never possible to re-identify the row data. For User Profile data, all the sensitive data will be completely erased from the platform. For the other data types any terminal identification and linkage to the User Profile will be purged and they will be eventually aggregated each other for specific statistical purpose. The user can delete his data from the mobile App or from the user profile webapp.

End-users can download their data

The user can (anytime) download all his data types or just some of them. The format of the exported data is conformant to open format likes xml or Json so that it can be easy to be re-imported in a different platform.

End-users can change the type of consent given for all data types at any given moment in time

The user can decide (anytime) to change the type of consent to access his own data types. Any linkage between the User Profile and the data types are managed accordingly, as specified by the user. The user can change the consent of his data from the mobile App from the user profile webapp. The User Profile keeps track of the level of consent the user gave for any data types. The user may decide to revoke the consent to provide the data from a given time instant (on/off). On the other hand, he/she may also decide to remove all the data of a certain type forever in the past and future.

End-users have the ability to "forget me" for specific data types at any given moment in time

The user can decide (anytime) to forget some specific data types. These data will be completely anonymized and will be aggregated each other just for statistical purpose. From this moment, it will be never possible to identify any information from the specified data types. If the User Profiler data set is specified, his personal sensitive data will be completely erased from the platform. The user can request to forget his data from the mobile App via Smart City API (“Settings” box) or from the user profile webapp (if the user is not anonymous).

End-user have the ability to be "forgotten"

The user can decide (anytime) to be forgotten. Any of his data will be completely anonymized and will be aggregated each other just for statistical purpose. It will be never possible to re-identify all this information. Moreover, from this moment will be never possible to identify with his user or terminal identity. This will apply to any data type. The User Profiler and his personal sensitive data will be completely removed from the system. The user can request to forget his data from the mobile.

The Contractor will provide an interface in which the end-user is able to view all data types and the level of consent given

The user can view (anytime) the type of consent he gave for data types from the mobile or from the user profile web. The User Profile keeps track of the level of consent the user gave for any data types.

To view the “My Personal Data Type”

https://www.snap4city.org/drupal/myprofiledata

From that link a web page is open with the following links:

My profile data and Blogs
- A page to the profile management is provided: view, edit, delete
My Personal Statistics and Bounds: daily or Montly
- A page to a page for managing statistics about the data access and volume of transactions performed: view (the delete are performed by other pages)
My personal data by IOT App
- A page to manage MyPersonal Data, if any: view, edit, delete, delegation in access, revoke delegation
My Personal Data, My KPI and My POI
- A page to manage personal MyKPI, MyPOI and trajectories, if any: view, edit, delete, delegation in access, revoke delegation, make public, change ownership
My Personal Engagement
- A page to manage personal engagements, auditing, if any: view, delete
My IOT sensor data service URI
- A page to manage the Delegation to access at the ServiceURI of the knowledge base: delegation in access, revoke delegation, make public
My IOT sensor data service GraphID
- A page to manage the Delegation to access at the a Graph (data set) of the knowledge base: delegation in access, revoke delegation, make public
My Annotation data
- A page to manage the Delegation to access at the Annotations: delegation in access, revoke delegation, make public
My IOT Devices
- A page to manage the IOT Devices in which it is possible to: edit, delete, make public, delegate in access, revoke delegation, change ownership
My IOT Applications
- A page to manage the IOT Application in which it is possible to: delete, restart, change ownership.
My Dashboards
- A page to manage the Dashboard in which it is possible to: edit, delete, change ownership, delegate in access, revoke delegation, see list of delegations, make public.
Auditing Access to My Data
- A log for auditing the access to the My Data

Firenze2 roottooladmin1
Snap4City Newsletter of April 2024 roottooladmin1
News from Snap4City & slides, Where to Meet Snap4City experts roottooladmin1
HOW TO: Deploy/Install your Snap4City Solution on private or public Clouds, VM with Docker Containers roottooladmin1
Snap4City: Digital Twin Solutions to Setup Sustainable Decision Support Systems and Business Intelligence drupaladmin
Snap4Building: monitoring, managing, controlling infrastructures roottooladmin1
Snap4City & Snap4Industry Registered Instances Installations roottooladmin1
Applicative Scenarious drupaladmin
Smart City Digital Twin by Snap4City fanfa
Service Level Agreement roottooladmin1

Warning message