v1.2.0 — Phase 5: DSAR Extended Workflows & Break-Glass
What's new in v1.2.0
Break-Glass Access
Club admins can now manage CANNEVO support access grants from a dedicated Break-Glass page:
- Approve or revoke support access grants
- Real-time expiry countdown (max 2-hour duration)
- Full audit trail of all break-glass sessions
- Accessible at Compliance → Break-Glass
DSAR Extended Workflows
The DSAR module has been significantly extended:
- Access Package — generate a GDPR Art. 15 data export for a member
- Erasure Check — verify what can be deleted vs. legally required to retain (§26 KCanG retention)
- Portability Export — generate a machine-readable export (Art. 20 GDPR)
- 60-day Extension — request a deadline extension with mandatory justification
- Legal Hold Flag — mark a DSAR as legally sensitive to flag for review
DPA Configuration
A new Config page shows the club's Data Processing Agreement (DPA) status. If the DPA has not yet been accepted, a one-click acceptance button is shown — the acceptance is recorded immutably.
Fixes
- Fixed DSAR deadline calculation not accounting for weekends in some timezones
- Fixed break-glass grant incorrectly allowing creation of a second active grant