User Management is found in the Cog Wheel in the upper navigation bar under Users:
User access privileges
You will assign a user type which is called a “System role”. We recommend you only use two types of Roles: Administrator and Power User. If an employee is not an Administrator, you may easily assign and remove user functionality within a Power User.
- Administrator – has access to all system functionality
- Power – will access all features assigned to them; a picklist of features to assign the user appears after you choose Power User option. You can combine types of users with a Power User; a feature that was not available in the legacy Roles. Access for sections that contain Tasks (Compliance, DSAR, PIA) allow users to view and manage checklists. But these users must also have “Task” permissions to own Tasks. We recommend all Power users be given the Task permission. A Power User with all features assigned will not have full Administrator functionality; for example they do not have access to Settings or User Management.
These are legacy (deprecated) User Roles, implemented prior to the development of a Power User. We no longer recommend their use.
- Compliance – can view and manage all checklists but cannot be assigned Tasks
- DPIA
- Task – will only access and complete individual tasks assigned to them
If you change users and remove privileges, e.g. from remove Task but add Compliance, they will no longer be able to see their Tasks under their user Tasks listing; or vice versa from Compliance to Task. Thus you should use caution when reducing privileges of a Power User or changing user types for the deprecated Roles.
Additional user settings:
- Active – Toggle on/off
- Is Privacy Officer (DPO) – Toggle on/off – this user’s review comments will be recorded as such within Privacy Impact Assessments, with (DPO) appended to the user’s name. DPO, or Data Protection Officer is a role defined in other regulations as the person providing guidance and support to the compliance program.
- Primary Contact – Toggle on/off – Each org can only have one primary contact. To remove someone as Primary Contact, do not edit that user to uncheck. Instead assign a new user as Primary Contact.
Create user
To create a user, click Add New
- Enter Name and Email Address – the email address is also the login name and cannot be changed
- Mobile Phone number is optional
- After you Save, new users will receive an email with a temporary password which they must use to login and then set a new password
- A new user must login with the temporary password the first time. Using the login page (https://app.priviq.com/) with the “Forgot your password?” option will NOT send an email for a password reset. Instead an admin can edit that user and resend the welcome email.
- Note if you have multiple organizations within PrivIQ: If a user exists anywhere in PrivIQ, each time that user is added to a new account, the notification will not include a temp password. The only time you will see the temp password is when a user is added to PrivIQ the very first time – or when the welcome email is resent.
We recommend that all users upload a picture to their profile. Pictures (instead of names) are sometimes used to show task assignment, for example in Subject Access (DSAR) > Requests.
Instruct a user to add a photo from their User Dropdown > Settings:
Modify/delete user
To edit or delete a user, click on the user’s entry. Here you may:
- Change name or phone
- You cannot change an email address. Until this functionality is allowed, to change an email address and thus login name: create a new user with the same privileges, edit the old user and Delete; assign all tasks from Old to New during deletion.
- Change System Role and other settings
- Have the user log out and log back in to see functionality changes
- Add a photo
- Deactivate user
- If the user has assignments, this notice appears: User has the following responsibilities and tasks. Please select a replacement for all or adjust each individually. See reassignment strategies below.
- Delete a user
- If the user has assignments, this notice appears: User has the following responsibilities and tasks. Please select a replacement for all or adjust each individually. See reassignment strategies below.
- Resend the welcome email with a new temporary password – use this for first-time login and also to reset a user’s password
Task reassignment
Inactive and deleted users cannot own Tasks or Audit items. If a user is being deleted or deactivated, this pop-up appears:
Strategies for reassignment:
- If a replacement is not known, create a temporary user and assign everything to the temp user. When a new hire is made or reassignment is determined, deactivate the temporary user and reassign to the new responsible party.
- If the replacement is known for all tasks, use “Select Replacement” then “Replace All”
- If tasks will be split among multiple users, manually assign individual tasks to the new responsible parties.