Managing your Continia Banking Data

  • 20/02/2024
  • 7 minutes to read

At Continia Software it is important to protect the personal data of our customers, by complying with the rules of the EU Personal Data Regulation.

EU Personal Data Regulation

All Continia software solutions comply with the requirements of GDPR legislation. Therefore, we follow the ISEA 3402 standard framework specifically with the GDPR in mind, which among other things consists of the following components:

  • Training of our employees.
  • Privacy and data protection are built into development and production.
  • Appointment of a dedicated Data Protection Officer.
  • Continuous control and measurements.
  • All data is processed and stored in the EU.
  • All data is processed by our data processor agreement.

At our Continia Trust Center, it is possible to inquire about our data processing agreement and have it sent to you.

Below you will find the specific description of how Continia Banking communicates with Continia Bank Integration Component (CBIC) and Continia Bank Communication Components (CBCC).

GDPR compliance for Continia Banking

When using Continia Banking you will create, send, and retrieve payment files. The file communication and data management are accomplished with the use of two external components installed on Continia Online, meaning they are not part of the Microsoft Dynamics 365 Business Central software package but are delivered by Continia Software. The two external components concerns:

  • The Continia Bank Integration Component (CBIC), for creating the files.

  • The Continia Bank Communication Component (CBCC), is for sending the files to the bank and for retrieving status files, cash receipt files, and account statements.

Important

Continia Software is providing this GDPR-compliance document as a matter of convenience only. It's your responsibility to classify the data appropriately and comply with any laws and regulations that apply to you. Continia Software disclaims all responsibility toward any claims related to your classification of the data.

Also, files saved to a local file location are the responsibility of the user.

Data flow when sending and importing files

Creating the payment file

When creating payments with Continia Banking, an XML-formatted file is created with payment data from Microsoft Dynamics 365 Business Central. The file is then sent to the CBIC Component on Continia Online.

The CBIC Component then processes the payment data in the XML-formatted file and creates a new XML-formatted file that fits with the chosen bank file format. The new file is then sent back to Microsoft Dynamics 365 Business Central.

Sending the payment file

When sending payments with Continia Banking, (the payment file returned by the CBIC Component), depending on which setting the user has selected when setting up the bank, the following flow is used:

  • If the user has selected Direct Communication, the payment file generated by the CBIC Component will be sent to the CBCC Component on Continia Online, which will handle the communication with the bank using the user's Certificate.
  • If the user has selected Manuel Communication, the payment file generated by the CBIC Component is saved on a user-specific file location. The user must then manually upload the file to the bank either using an SFTP folder or using the bank's online system, which will handle the communication with the bank.

Retrieving status files, cash receipt files, and account statements

When receiving status files, cash receipt files, and account statements with Continia Banking, depending on which setting the user has selected when setting up the bank, the following flow is used:

  • If the user has selected Direct Communication, Business Central generates a request file and sends the file to the CBCC Component on Continia Online, which will handle the communication with the bank using the user's Certificate. Based on the request file the CBCC Component then retrieves the files requested and sends the files back to Business Central.
  • If the user has selected Manuel Communication, the files must be manually downloaded, for example, using the bank's online system, and afterward imported into Business Central using Continia Banking feature-specific import actions.

Data store expiration

Using Continia Bank Integration Component (CBIC):

When creating the payment file, data is not saved locally, and they expire immediately after the generated XML file is sent back to Business Central.

Using Continia Bank Communication Component (CBCC):

  • Creating Certificate: Data is not saved locally, and they expire immediately after the certificate is sent to the bank and secure communication has been established.
  • Sending the payment file: Data is not saved locally, and it expires immediately after the file is sent to the bank.
  • Retrieving status files, cash receipt files, and account statements: Data is not saved locally, and they expire immediately after the retrieved files are sent to Business Central.

Content

Data related to Creating and Sending Payment files:

Sender Ex.: Bank Reg. No., Account No., Address, CVR, CPR, Amount, Company Name, Company Address, Currency, Bank Name, Bank IBAN, Bank SWIFT, Sender reference.

Recipient Ex.: Name, Address, Account No. Account Reg. No., Bank Name, Bank IBAN, Bank SWIFT, Creditor Number, SE-No., P-No., Receiver Reference.

Creating Certificate Ex.: Sender-id, Signer-id, Receiver-id, Certificate-holder, activation-code.

Data related to Retrieving status files, cash receipt files, and account statements Ex.:

Bank user information, File reference number from the bank, Swift number, IBAN.

Sensitivity

All data is considered personal sensitive.

See also

Compliance