Linux Mail Service Module GDPR Compliance

To help Odin Automation service providers comply with the General Data Protection Regulation (GDPR) of the European Union, the following changes were made in the Linux Mail service module:

  • You and your staff can now export customer personal data stored by the service module by means of a script shipped with the service module.
  • You and your staff can now erase the personal data of a user from the service module by revoking the Linux Mail service from the user.
  • You and your staff can now erase the personal data of a customer account from the service module by destroying all Linux Mail subscriptions of the customer account.
  • Now, the service module does not write personal data to platform log files on the management node when the logging level is set to INFO (the default configuration). However, if the logging level was previously set to DEBUG, some personal data may be found in the platform log files. In this case, personal data must be manually removed from those.

The Linux Mail service module consists of several underlying services such as qmail, Courier IMAP, Dovecot, SpamAssassin, DrWeb, WHOSON, Majordomo, and OpenLDAP. These services do write personal data to their own log files, and Odin Automation is not responsible for the configuration of logging to the log files. In the case of the services, to comply with the GDPR, follow instructions and recommendations provided at https://kb.cloudblue.com/en/132889.

The Linux Mail service module can be integrated with third-party webmail services such as Open-Xchange, Atmail, and Horde IMP. These webmail services store data in their own databases and write data to their own log files. Neither the webmail service databases nor webmail service logging is managed by Odin Automation. As a result, personal data may be found in the respective databases and log files. In the case of the Open-Xchange and Atmail services, to comply with the GDPR, follow instructions and recommendations provided by their vendors. In the case of the Horde IMP service, to comply with the GDPR, follow instructions and recommendations provided at https://kb.cloudblue.com/en/132890.

Refer to the following documentation sections to obtain instructions and recommendations for your data protection officers:

Hosted Exchange Server GDPR Compliance

To help Odin Automation service providers comply with the General Data Protection Regulation (GDPR), the following changes were made in the Hosted Exchange service module:

  • You and your staff can now export customer personal data stored by the service module by means of the platform GDPR application. Refer to the Odin Automation GDPR Compliance Guide to learn more about the application.
  • You and your staff can now erase the personal data of a user from the service module by revoking the Hosted Exchange service from the user.
  • You and your staff can now erase the personal data of a customer account from the service module by destroying all Hosted Exchange subscriptions of the customer account.
  • Now, the service module does not write personal data to platform log files on the management node when the logging level is set to INFO (the default configuration). However, if the logging level was previously set to DEBUG, some personal data may be found in the platform log files. In this case, personal data must be manually removed from those.

The Hosted Exchange service module consists of various Microsoft Exchange and Windows services. These services have their own log files, and Odin Automation is not responsible for the configuration of logging to the log files. As a result, the log files of the services may contain personal data. To comply with the GDPR, follow instructions and recommendations provided by Microsoft.

Refer to the following sections of the documentation to obtain instructions and recommendations for your data protection officers:

  • Odin Automation GDPR Compliance Guide >> Instructions for Data Protection Officer > Erasing Personal Data > Erasing Personal Data in Other Modules and Services > Hosted Exchange Service Module
  • Odin Automation GDPR Compliance Guide >> Instructions for Data Protection Officer > Exporting Personal Data

Installation

Install the following hotfixes to use this feature:

Internal content