Hi, Humans. How may we help you?

  1. Home page
  2. Return to search
  3. Zenvia Customer Cloud
  4. 07. Support Service
  5. 7.4 Configurations
  6. 7.4.1 Tickets configurations
Data classification in creating additional fields
6 min
Created by Leonora Alves on 1/27/2025 7:03 PM
Updated by Leonora Alves on 1/30/2025 2:55 PM

The additional fields allow for the customization of the ticket system with detailed information, but it is essential to correctly classify the requested data in compliance with the General Data Protection Law (LGPD). This classification ensures that the data is handled properly.

In this article, you will see:

 

Types of Data

The data requested in the additional fields can be classified as normal data, personal data, and sensitive personal data. Each type has specific characteristics and precautions.

1. Normal Data

  • Data that does not directly identify or recognize a person. They are used for general or operational information.
  • Common examples: Ticket number, order status (e.g., "In progress" or "Completed"), or the name of a product or service associated with a service request.
  • These are considered normal data because they do not contain personal information that can identify a person, nor are they associated with individual characteristics or preferences.

2. Personal Data

  • Data that directly identifies a person or can be used to identify them, even indirectly.
  • Common examples: ID number, CPF, full name, phone number, or email.
  • According to LGPD, personal data is any "information related to an identified or identifiable natural person." This means that if the data allows identifying a person, it must be treated as personal data. This data requires protection during collection, storage, and use, as it is fundamental to the privacy of individuals.

3. Sensitive Personal Data

  • Data that not only identifies a person but also reveals information about their intimate characteristics, beliefs, health, or personal preferences.
  • Common examples: Blood type, religion, political opinion, union affiliation.
  • LGPD defines this as "personal data about racial or ethnic origin, religious belief, political opinion, union affiliation, health or sexual life data, genetic or biometric data linked to a natural person."
  • Why do they require more attention? Sensitive data can cause discrimination or privacy violations if misused. They require specific consent and restricted handling to ensure security.

 

How to classify the type of data when creating fields

  1. Go to Support > Settings.
  2. In Ticket Settings, click Manage under Additional Fields.
  3. Click Create new field and follow the steps described in Create a new additional field, which includes defining a field name, help text, and choosing the field type.
  4. Then classify the data: normal, personal, or sensitive personal.
    • Fields like people's list, email, and phone number are automatically classified as personal or sensitive personal.

Changing existing additional fields or display rules will result in the loss of already registered data.

 

Display Rules for Sensitive Data

If the field contains sensitive personal data, you will see the following notice:

"The selected field requires sensitive personal data according to LGPD. This data requires extra care during collection, processing, and use."

What does this mean?

  • The notice does not prevent the creation of the rule or the field, but reinforces the need for care.
  • Only users who actually need to access this data should have access.

 

What does the LGPD say?

These parameters were developed in accordance with Chapters II and III of the LGPD, primarily following the items:

Chapter II - Data Processing

IX - when necessary to meet the legitimate interests of the controller or a third party, except when the fundamental rights and freedoms of the data subject prevail, requiring the protection of personal data;

2nd In processing data as described in § 1 of this article, controllers must publicly maintain information about the types of data collected, the way they are used, and the procedures for exercising the rights referred to in art. 18 of this Law.

The processing of sensitive personal data may only occur in the following cases:

I - when the data subject or their legal representative consents, in a specific and highlighted manner, for specific purposes.



Chapter III - Rights of the Data Subject


I - confirmation of the existence of processing;

II - access to the data;

III - correction of incomplete, inaccurate, or outdated data;

For more details, check the General Data Protection Law (LGPD).

With the correct data classification set up, you will be in compliance with the LGPD and ensure a more secure ticketing system.