The General Data Protection Regulation (GDPR) goes into effect in the European Union (EU) on May 25, 2018. GDPR improves data protection for EU citizens by letting Dynatrace users control their personal data within social networks and in the cloud.
NAM and personal data
The recording of personal data is acceptable under GDPR as long as the data collection is proportionate. A data controller must:
- Record minimal personal data and process it safely.
- Adhere to obligations that ensure rights, such as the right to be informed and the right to be forgotten.
When Dynatrace products capture personal data, it's typically through the use of Real User Monitoring (RUM), also known as User Experience Monitoring (UEM), and through the network data analysis that is an underpinning technology.
NAM settings that comply with GDPR
Customers are required to be transparent with their users and inform them of the ways in which they collect and use their users' information (typically by way of a Privacy Notice). Where customers engage any third parties to collect information about their users on their behalf (such as Dynatrace), whether for the purposes of application and behavioral analytics or otherwise, this should be made transparent in its Privacy Notice.
Dynatrace additionally recommends the following NAM settings: How to configure NAM for data privacy