Filter results by

Data privacy and user consent

Developers can provide information and controls on data privacy in accordance with regulations such as the European Union's GDPR.

On ARTIK cloud services, privacy changes can affect the authentication flow and apply to device types and applications.

Authentication

During the normal authentication flow, a user is prompted to grant permissions to your application if necessary.

Once a user has connected an application, changes to the scope of the application's permissions will require the user to reauthorize the application the next time they log in. It does not invalidate their current session.

How your application validates and maintains authorization is up to you. See Authentication for information on the OAuth2 flow and managing tokens, and Accounts for details on customizing the login experience.

Device types

When you define the Manifest for a device type, you can designate each device field as Sensitive.

Sensitive Personal Data

When a field is marked as Sensitive, this is reflected in a Boolean property isSensitive contained as metadata in the corresponding field in the Manifest payload.

isSensitive also exists at the root level of each Manifest. If at least one field in a Manifest is marked as Sensitive, isSensitive will also be "true" at the root level. Call the API to retrieve the latest Manifest or a specific Manifest version to see the value. In the below example, the Manifest field personalData is marked as Sensitive.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
{
  "data": {
    "version": 2,
    "isSensitive": true,
    "properties": {
	  "fields": {
        "personalData": {
          "type": "String",
          "unit": "",
          "isCollection": false,
          "description": "This field contains personal data",
          "metadata": {
            "isSensitive": {
              "type": "Boolean",
              "unit": "",
              "isCollection": false,
              "description": "Indicates if the field contains sensitive information",
              "metadata": {},
              "value": true
            }
          },
          "tags": [
            {
              "name": "personal",
              "isCategory": false
            }
          ]
        }
	  },
	...
    }
  }
}

If the latest Manifest version of a device type contains at least one Sensitive field, a device type parameter containsSensitiveData will be marked as "true". This value is returned when calling the API to get a device type or device types.

1
2
3
4
5
6
{
  "data": {
  	...
    "containsSensitiveData": true
  }
}

The GDPR defines considers data to be sensitive if it reveals:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Genetic data
  • Biometric data for the purpose of uniquely identifying a natural person
  • Data concerning health or a natural person’s sex life and/or sexual orientation

If a user has connected an application that accesses a device type marked as Sensitive, the user will see this on their Connected Apps page.

Applications

Setting permissions

When creating an application, click the Permissions tab to set permissions for a user profile and device types.

You can set READ or READ and WRITE access on a user profile.

Set application permissions

An application with READ on a user profile can retrieve:

  • User ID
  • User's full name
  • Email
  • Date the account was created
  • Date the account was last modified

An application with WRITE on a user profile can update:

  • User's full name

On the Permissions screen, you list any device types the application must access, and the levels of permission: READ, WRITE, or READ and WRITE.

The requested permissions are displayed on a consent screen before the user connects the application.

Any updates to permissions will require the user to reauthorize the application when logging in.

Applications with users residing in regions with mandatory data privacy laws such as GDPR must provide users with additional details about the personal data they collect and how it will be used.

When creating an application, click the User Consent tab to provide the following information:

  • How the application uses personal data
  • How users can view, manage, download or delete their data
  • Any service providers with whom the user's data is being shared, and how they will use the data
  • How long the data is retained and accessible by your application
  • Which legal entity is responsible for the application and the data it collects (this is filled with the name of your organization)

On the User Consent page, the data retention period for a new application defaults to 365 days. You are responsible for storing application data for the period you specify here. This number is separate from the data retention provided by ARTIK cloud services. Modify your data retention period on ARTIK cloud services by changing your organization's pricing plan.

User consent settings

The details you provide are displayed on the application consent screen to inform users before they grant permissions.

Any updates made to the User Consent settings will require the user to reauthorize the application, unless you activate the following checkbox that appears on this page.

Forced consent checkbox

User experience

Privacy dashboard

A user can review and modify their data privacy settings using the privacy dashboard at My ARTIK Cloud.

User data management

The dashboard provides access to the following options:

  • View/edit account profile
  • View device data
  • Chart device data
  • Download device data
  • Delete account and all data
  • Custom data request

A custom data request can be sent for any need that is not fulfilled by our self-service tools.

A user can also opt out of marketing on this page.

Connected Apps

The Connected Apps page is accessed via Account Settings and lists all applications connected to a user profile. This includes information about the application's data usage that has been provided by the developer.

  • Access that is granted to the user profile
  • Connected device types
  • Access that is granted to a device type
  • What data fields are collected by a device type (corresponding to its Manifest)
  • Whether device types collect data that is Sensitive
  • Data retention
  • Additional service providers accessing the data
  • How the user can access, edit, or delete their data

User data management

This information is also presented on the application consent screen.

Users can revoke access to an application by clicking the "Revoke Access" button.