Table of contents
Understanding the High Stakes: GDPR Compliance in Umbraco
The GDPR, enforced by EU law, establishes stringent penalties for non-compliance, emphasizing the critical nature of adhering to its regulations.
Violations can lead to fines as high as €20 million or 4% of the organization's annual global turnover, depending on which is greater.
These severe penalties underline the importance of integrating GDPR principles in managing personal data within Umbraco projects.
For detailed information, please refer to the article on What is GDPR, the EU’s new data protection law.
Does Umbraco CMS collect personal data?
Umbraco CMS gathers personal data from its users and site visitors, much like any online platform.
This data collection can occur in various ways, such as when a user fills out a contact form on your site, registers for an event, or uses your services.
You might also collect data through user behavior tracking to enhance site functionality or through forms for feedback submission.
Essentially, Umbraco CMS enables the collection of significant user information to optimize the functionality and user experience of the website.
How do Umbraco websites collect user information?
Umbraco websites gather user information through a variety of technical and interactive methods, including:
- Server and Database Logs: Maintaining logs to monitor user actions, errors, and system performance, ensuring a secure and optimized user experience.
- Database Storage: Storing data in database tables for comprehensive user management and personalized content delivery.
- Analytics Tools: Employing tools for detailed analytics and user tracking to understand site usage patterns.
- Cookies and Tracking: To analyze user behavior and preferences, implement cookies, IP address tracking, and geolocation.
- Website Forms: Utilizing contact forms, newsletter sign-ups, and other interactive elements for direct user data collection.
- Comments: Allowing users to leave comments, providing insights into user opinions and engagement.
- Payment Gateways: Integrating with payment systems to process transactions and collect financial data.
- Custom User Interactions: Capturing data from custom-built user interaction points, like quizzes, polls, or event registrations, to gain insights into user preferences and behaviors.
- Device Usage Patterns: Tracking the types of devices used to access the site (mobile, desktop, tablet) to optimize design and functionality for varied user experiences.
- Language Preferences: Identifying users' language settings to offer more personalized content and improve accessibility for a global audience.
- E-commerce Activity: Analyzing e-commerce interactions, including browsing history, purchase details, and product preferences, to tailor user experiences and enhance service offerings.
- Third-Party Integrations: Collecting user data through third-party plugins or services integrated into the Umbraco site, such as CRM systems or marketing automation tools, to enrich user profiles and personalize interactions.
- Feedback and Support Forms: Utilizing forms designed explicitly for user feedback, support queries, and service requests to understand user needs better and enhance service quality.
- Social Media: Tracking likes, shares, and social interactions to gauge content popularity and user engagement.
Finding personal data in the Umbraco database
Umbraco stores users' data, such as email or name, in database tables.
In what tables, you may ask? It's a million-dollar question.
To locate sensitive data, you can use a simple T-SQL query.
I recommend using the script from the article Searching for text across multiple tables in SQL Server.
Let's perform an example search in three different Umbraco databases to find out.
I will pick the SQL script and adjust the target string.
I will use my last name, 'bach', to give you an overview of the tables storing personal data.
DECLARE @TargetString VARCHAR(255) = 'bach' -- The text string to search for
DECLARE @CurrentSchemaName NVARCHAR(255) = 'dbo' -- The name of the current schema being processed
DECLARE @CurrentTableName NVARCHAR(255) -- The name of the current table being processed
DECLARE @CurrentColumnName NVARCHAR(255) -- The name of the current column being processed
DECLARE @DynamicSQL NVARCHAR(MAX) -- Dynamic SQL command to be constructed and executedLooking for personal data in the Umbraco 8 database
Here is the query output:
(28 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoPropertyData], column [textValue].
(2 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userName].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userLogin].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userEmail].
(18 rows affected)
Executed search for "bach" in schema [dbo], table [cmsContentNu], column [data].
(25 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [performingDetails].
(804 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [affectedDetails].
(203 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [eventDetails].Looking for personal data in the Umbraco 11 database
And here is a look up for different data set in Umbraco 11:
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userName].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userLogin].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userEmail].
(510 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [performingDetails].
(902 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [affectedDetails].Looking for personal data in the Umbraco 13 database
Here is a look-up for the Umbraco 13 database with custom tables storing e-commerce data:
(7 rows affected)
Executed search for "bach" in schema [dbo], table [EmailMessage], column [recipient].
(7 rows affected)
Executed search for "bach" in schema [dbo], table [EmailMessage], column [body].
(1 row affected)
Executed search for "bach" in schema [dbo], table [Order], column [customerLastName].
(1 row affected)
Executed search for "bach" in schema [dbo], table [Order], column [sellerCompanyName].
(1 row affected)
Executed search for "bach" in schema [dbo], table [Order], column [sellerSignature].
(46 rows affected)
Executed search for "bach" in schema [dbo], table [cmsContentNu], column [dataRaw].
(420 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [performingDetails].
(1356 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [affectedDetails].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoAudit], column [eventDetails].
(2 rows affected)
Executed search for "bach" in schema [dbo], table [cmsMember], column [Email].
(2 rows affected)
Executed search for "bach" in schema [dbo], table [cmsMember], column [LoginName].
(20 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoPropertyData], column [varcharValue].
(79 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoPropertyData], column [textValue].
(2 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userName].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userLogin].
(1 row affected)
Executed search for "bach" in schema [dbo], table [umbracoUser], column [userEmail].
(8 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoNode], column [text].
(9 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoContentVersion], column [text].
(4 rows affected)
Executed search for "bach" in schema [dbo], table [umbracoMediaVersion], column [path].After examining three different Umbraco databases, it's evident that most personal data resides primarily in the [umbracoAudit], [umbracoUser], and [cmsMember] tables.
This method is also effective for identifying sensitive data in any custom tables you may have in your Umbraco setup.
For example - [EmailMessage] and [Order] if you're working with an e-commerce store.
If you want to remove users from the Umbraco database - don't miss the How to Delete Umbraco User Permanently article.
Encrypting Umbraco database file on Azure
A lot of Umbraco solutions are hosted on Azure.
Azure is a cloud platform owned by Microsoft located in Redmond, USA - outside the EU.
If you go to the GPDR website, you will find the following:
First, if you process the personal data of EU citizens or residents, or you offer goods or services to such people, then the GDPR applies to you even if you’re not in the EU.
This means you need to secure your database files hosted on Azure or any other cloud provider outside the EU.
The good news is that Azure enables us to encrypt the database files, backups, and logs easily.
You can enable the feature in 3 steps:
- Find the database in Azure Portal.
- Navigate to the Security Section and then to Data Encryption.
- Enable "Data encryption" option under 'Transparent data encryption' tab.
Azure transparent data encryption for SQL database is enabled. SQL DB > Security > Data Encryption
You can even enable Transparent data encryption on the SQL server level with a Customer-managed key.
TIP: It's common practice to store your encryption keys in Azure Key Vault.
Azure transparent data encryption for SQL Server. SQL Server > Security > Data Encryption
Finding personal data in the Umbraco log files
Umbraco log files are another place where you should review Personal data.
Usually, you will find them in UmbracoProject.Web\umbraco\Logs path.
To illustrate, I will perform a simple search on my local file system using the popular Total Commander tool:
Looking for personal data in Umbraco's local file system
Compliance Strategies and Tips for Umbraco Files:
Conduct Regular Checks
Schedule a monthly review of the log files to identify any unintended storage of personal data.
Use grep or log management software to automate the search for personal identifiers.
Data Minimization
Modify logging settings in Umbraco to exclude unnecessary personal details.
Secure Storage and Encryption
For Azure cloud environments, utilize Azure Blob Storage to store log files with encryption enabled.
Ensure that the storage account is accessible only through secure channels.
Consider using private blob storage over the public to avoid potential security risks.
You will find more insights and recommendations in the article Integrating Umbraco with Azure Private Blob Storage.
Access Control
Implement role-based access controls in Umbraco and Azure, ensuring that only staff members with a legitimate need can access log files.
Regularly review and update access permissions.
Final Thoughts: Achieving and Maintaining GDPR Compliance in Umbraco
When integrating GDPR principles into your Umbraco project, it's crucial to focus on user consent, data minimization, and the ability to easily access, rectify, and erase personal data.
You must ensure that data is securely stored and transmitted and that privacy settings are set to high by default.
Additionally, it's essential to document all data processing activities and ensure that third-party plugins or extensions used within Umbraco are also GDPR compliant.
Regular GDPR compliance audits and possibly appointing a Data Protection Officer (DPO) for larger projects are also recommended.
It's crucial to address several key areas in your Umbraco site to ensure GDPR compliance: securing user data within database tables, protecting personal information in file logs, and enhancing consent mechanisms are essential steps.
However, remember there are numerous other aspects to consider for full compliance.
🌐 Explore More: Interested in learning about Umbraco and web development insights?
Explore our blog for a wealth of information and expert advice.