Organization-Guide/Workfiles/App/GDPdU.md

GDPdU Requirements

1. Complete storage of all documents (order, delivery note, invoice, accounting etc.)
2. Complete history of same document in case of changes
3. Long term storage
4. Permission management to prevent altering
5. Encrypting sensitive data (recommended not regulated)
6. Deleting of data older than x must be possible (not earlier)
7. Getting all data related to one person or issue must be possible
8. No certificate required (for Germany)
9. Export control check (not GDPdU but still required)
10. Deleting none business relevant data of user must be possible (EU law)
11. Export of GDPdU files must be possible
12. "E-balance must be possible" (doesn't have to be but then client has to create them manually)
13. Regular backups must be ensured (also required for data security reasons)
14. Unique invoice numbers
15. Consecutive invoice numbers
16. Correct invoice (delivery address, invoice address, date, vat id, items, amounts, single price, values, tax, discount, delivery terms, payment terms, skonti, currency, exchange rate, person who created invoice)
17. Document correct working by logging every activity (e.g. invoice reduces stock and the stock log needs to reference the invoice id etc.)
18. Every posting has to be related to a voucher
19. Comment for posting possible
20. IKS (cross check different areas e.g. P&L / Balance, allow to print checklists like all postings etc.)
21. Document changes in settings (e.g. fiscal year change, change of invoice number layout)
22. Check if documents are created correctly (all invoices where sent to customers)
23. Exports need to be possible in excel and PDF
24. Documentation of workflows (technical and manual part)