GDPR and personal data

Minyu provides technical tools that help organizations export, anonymize, or delete personal data when required under the General Data Protection Regulation (GDPR).

The system provides infrastructure for handling personal data, but legal responsibility for GDPR compliance always remains with the organization using the system.

Responsibility model

Under GDPR, Minyu operates as a data processor.

The organization using the system acts as the data controller and determines:

• what personal data is stored
• why the data is processed
• how long the data is retained
• when personal data must be exported or removed

Minyu executes these decisions through configuration and administrator actions.

How Minyu supports GDPR

Minyu includes several capabilities that help organizations manage personal data:

• structured data models that make personal data identifiable
• permission rules that limit access to sensitive data
• configurable export of personal data
• configurable anonymization or deletion of data

These mechanisms allow administrators to locate, export, or remove personal data when required.

Defining personal data scope

Before GDPR actions can be executed, the system must know which data belongs to a person.

This is defined through a GDPR configuration.

Each configuration defines:

• the root table representing the data subject (for example Person or Customer)
• which fields from that table are considered personal data
• which related tables may contain additional personal data
• which fields or rows should be removed during deletion
• which role is allowed to execute GDPR actions

When a GDPR action runs, the system starts from the selected root row and follows the configured relations to locate related personal data.

Only explicitly configured data is included.

Exporting personal data

The export action collects all configured personal data related to the selected row.

The result is generated as a file archive containing:

• the configured fields from the root table
• configured data from related tables

Only fields and relations defined in the configuration are included.

Removing personal data

Personal data can be removed in two ways.

Field anonymization

Specific columns are cleared or replaced with anonymized values.

The row itself remains in the system so that operational or historical records can remain intact.

Row deletion

Entire rows are permanently removed from the system.

Relations referencing the deleted rows are removed as part of the operation.

A configuration may combine anonymization and deletion depending on the structure of the data.

Execution model

GDPR actions are executed manually by authorized users.

During execution:

• read rules are bypassed
• write rules are bypassed

This ensures the configured data scope is processed completely.

Because of this behavior, GDPR actions should only be available to trusted administrator roles.

Related resources

How-to

• Configure GDPR settings
• Export personal data
• Delete or anonymize personal data

Related concepts

• Permissions
• Data export