1. Good Grants Help Centre
  2. Pre-award
  3. 04. Field configuration

Data protection on fields explained

Ben Urwin
Updated
 

Data stored in Good Grants is protected by a range of built-in security measures. For additional protection, you can apply data protection levels to individual fields. These settings help you manage and secure sensitive information collected in your application form.

Important: this article does not constitute legal advice. If GDPR is applicable to your program you should familiarise yourself with the regulation and seek legal advice where necessary, particularly if your program is collecting personal data. 

What is GDPR?

The General Data Protection Regulation (GDPR) requires organisations handling personal data of individuals in Europe to implement strong data protection measures.

  • You are the data controller
  • Good Grants is the data processor

Field-level data protection helps support compliance by:

  • Identifying where personal data is collected
  • Applying additional technical protections to sensitive fields

If GDPR does not apply

If your program does not collect data from individuals in Europe, GDPR may not apply.

However, it is still recommended to follow best-practice data protection, especially for:

  • Personal data
  • Commercially sensitive information

Data protection levels

Good Grants provides three levels of data protection for fields.

Default protection

  • All data is encrypted in transit and at rest
  • No additional field-level encryption is applied

Elevated protection

  • Applies AES-256 encryption at the field level
  • Data can only be read through the Good Grants application
  • Option to enable searchability using a hashed value
  • Search behaviour:
    • Supports exact match (case-insensitive)
    • Does not support partial search

Maximum protection

  • Applies AES-256 encryption at the field level
  • No searchability option available
  • No hashed data stored
  • Provides the highest level of protection

When to use each level

  • Use Elevated protection for personal data
  • Use Maximum protection for sensitive personal data

Personal data

Information that identifies an individual, such as:

  • Name
  • Identification number
  • Location data
  • Online identifiers

Sensitive personal data

Special categories of data, such as:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Health data
  • Sexual orientation

Configure field data protection

  1. In the Manage workspace, go to Applications
  2. Click Edit form and choose your form
  3. Hover over a field and click the settings icon
  4. Choose the desired Data protection level
  5. Click Save

Good to know

  • You can learn more about security and compliance in the trust centre: trust.creativeforce.team.
  • Elevated and Maximum protection use AES-256 encryption at the field level.
  • Elevated protection allows limited search via hashed data, which is less secure than full encryption.
  • Maximum protection disables search to provide maximum security.
  • Field-level encryption means data can only be accessed through the Good Grants platform.
  • File upload (single) fields do not support additional protection settings, as files are already encrypted at the disk level.
  • Not all fields use elevated protection by default due to search and usability limitations.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more