Hipchat Server: Right to erasure

Under Article 17 of the GDPR, individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Whether or not you are required to honor an individual's request to have personal data deleted will vary on a case-by-case basis, and is determination you should always make with the assistance of legal counsel. Once you have determined you have an obligation to delete personal data, we have provided the following instructions on how to do so within certain Atlassian products.  

Personal data stored within the product can be divided into one of two areas: 1) account-level personal data; and 2) free-form text. Account-level personal data are data fields that exist within the product for the sole purpose of identifying an individual throughout the product. Examples of account-level personal data include the user's display name, profile picture or avatar and email address. These data elements are generally visible from the user's profile and are used throughout the product to point back to the user's profile when the user is @mentioned or tagged on in certain spaces or content. Deleting account-level personal data elements will automatically remove those data elements throughout the product where the relevant account-level data elements appear and in the database (subject to some limitations discussed below). 

If you have included personal data in free-form text, either typed into content spaces or as a custom field label, you will need to use the product's global search feature to surface this personal data and delete it on a case-by-case basis.

Intro

Personal data for a specific user can be found in multiple components of the Hipchat service. We have compiled a checklist so that Hipchat administrators can make sure they can remove personal data for a specific user. Make sure you read every item and apply the recommended steps.

Version compatibility

Hipchat Server 2.0 and later.

Workarounds for End-users

Removing your Full Name, Mention Name, Job Title, Timezone

Some fields may not be editable if your Hipchat instance uses an external authentication system. In this case, contact your Hipchat administrator to remove the personal data in the external directory.

  1. Log in to your Hipchat Server instance.
  2. Click the Edit Profile button at the top right.
  3. Change the contents of the Full Name, Mention Name, Job Title and Timezone fields to random, non-personal values.
  4. Click Save.

Removing your Password and Email Address

If your Hipchat instance uses external authentication, the password reset needs to be performed from the authentication provider. Contact your Hipchat administrator for assistance.

  1. Log in to your Hipchat Server instance.
  2. Click the Edit Profile button at the top right.
  3. Click Change Credentials in the left navigation.
  4. Change the fields to random, non-personal values.
  5. Click Save.

Removing your Mobile Device IDs

  1. Log in to your Hipchat Server instance.
  2. Click the Edit Profile button at the top right.
  3. Click Notifications in the left navigation.
  4. If any of mobile devices are enrolled with Hipchat Server, click the Remove link next to the device description.

Removing your User Photo

  1. Log in to your Hipchat Server instance.
  2. Click the Edit Profile button at the top right.
  3. Your user photo appears on the right. Click Delete Photo to remove it. 
    (If you never uploaded a photo a default image appears, and this default image cannot be removed.)

Deleting messages or file attachments

When you delete a message, the process deletes the message text only. Hipchat still shows a history entry, including the sender name and mention name, but no body text.

If you find a message or file attachment that contains personal data that needs to be removed, use the instructions in the Delete messages and files knowledge base article.

Deactivating your account to prevent further data processing

If you want to replace or remove your personal data stored by Hipchat, do this before you deactivate your account.

Once you deactivate your account you can no longer log in to and use Hipchat. Hipchat administrators can re-enable your account if needed.

Deactivated users are not available in lobby search, disappear from room lists and one-to-one messages, and do not appear in mentions search.

  1. Log in to your Hipchat Server instance.
  2. Click the Edit Profile button at the top right.
  3. Click Deactivate Account in the left navigation.
  4. Enter your password, and optionally enter a reason for deactivating the account.
  5. Click Deactivate account.


Workarounds for Hipchat Administrators

Removing Full Name, Mention Name, Job Title, and Email Address for a user

Some fields may not be editable if your Hipchat instance uses external authentication. In this case, you will need to modify these in the authentication source (for example. LDAP or Active Directory).

  1. Log in to your Hipchat Server instance.
  2. Click the Group Admin tab at the top.
  3. Click the Users tab.
  4. Locate the user in the user roster. You may need to search or navigate through pages to find them.
  5. Click the username link to view the user's profile page.
  6. Change the user profile field contents to random non-personal values.
  7. Click Save.

Resetting Password for a user

If your Hipchat instance is configured for external authentication, the password reset needs to be performed on the authentication provider.

  1. Log in to your Hipchat Server instance.
  2. Click the Group Admin tab at the top.
  3. Click the Users tab.
  4. Locate the user in the user roster. You may need to search or navigate through pages to find them.
  5. Click the username link to view the user's profile page.
  6. Check the Require user to reset their password checkbox
  7. Click Save.

Deactivating the user to prevent further data processing

Deactivated users are not available in lobby search, disappear from room lists and one-to-one messages, and do not appear in mentions search.

  1. Log in to your Hipchat Server instance.
  2. Click the Group Admin tab at the top.
  3. Click the Users tab.
  4. Locate the user in the user roster. You may need to search or navigate through pages to find them.
  5. Click the username link to view the user's profile page.
  6. Click Deactivate.

Removing system logs that could potentially contain user email addresses

Hipchat Server automatically removes any system log files older than 8 weeks. Use this command only if you need to remove log files before that period has elapsed.

  1. Connect to the Hipchat Server appliance using ssh.
  2. Run the following shell command:

    hipchat log --purge

    Any system log files that could potentially contain user email addresses are removed. 

    This command only removes log entries from before the command was run; it does not prevent additional entries that might contain email address from being recorded. 

Limitations

  • Some chat messages and file attachments might contain personal data. After you identify such a message or file, you can follow the process in Hipchat Server Right to Erasure: Deleting Message or File Attachment.
  • The personal data in the Audit Log is not modifiable and can not be erased by anyone.  The purpose of the Audit Log is to make sure sure any changes to personal data are accounted for, and to assist in detecting malicious activities such as impersonation. The Audit Log is ONLY accessible to Hipchat Administrators.
  • Hipchat Administrators can run a cleanup process that removes entries that might potentially contain email addresses. If you do not have Administrator privileges, you can request your Hipchat administrator run the cleanup process for you after deactivating your account.

Additional notes

There may be limitations based on your product version.

Note, the above-related GDPR workaround has been optimized for the latest version of this product. If you are running on a legacy version of the product, the efficacy of the workaround may be limited. Please consider upgrading to the latest product version to optimize the workarounds available under this article.

Third-party add-ons may store personal data in their own database tables or on the filesystem.

The above article in support of your GDPR compliance efforts applies only to personal data stored within the Atlassian server and data center products. To the extent you have installed third-party add-ons within your server or data center environment, you will need to contact that third-party add-on provider to understand what personal data from your server or data center environment they may access, transfer or otherwise process and how they will support your GDPR compliance efforts.

If you are a server or data center customer, Atlassian does not access, store, or otherwise process the personal data you choose to store within the products. For information about personal data Atlassian processes, see our Privacy Policy.

Last modified on May 29, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.