What are taxonomies?
Taxonomies are databases of information that help us understand how your organization uses data. TerraTrue comes pre-populated with rich taxonomies of commonly used information — like data types, data uses, and third parties. Each piece of information in our taxonomies is known as a taxonomy item, and is defined by a range of attributes that help TerraTrue provide accurate recommendations. Our default taxonomy items may not be exactly right for your org, so we make it simple to manage and edit your taxonomies with the customization setting.
TerraTrue supports customization of the following taxonomy item types:
- Data types
- Data uses
- Third parties
- Launch goals
- Data subjects
- Retention periods
- Geographic regions
Creating custom taxonomy items
- Navigate to Settings > Customization
- Select the type of taxonomy item you'd like to add
- Click Create New
- Using the modal, add a name and attributes to your custom taxonomy item, and click Save. (For more information about taxonomy attributes, see Understanding custom taxonomy attributes, below.)
Understanding taxonomy attributes
For more information on taxonomy attributes related to California's privacy law, see Understanding CPRA-specific taxonomy attributes.
Attributes allow you to add more information to your custom taxonomy items and help TerraTrue provide you better, more personalized recommendations. Note that not all attributes are present on all taxonomy types or for all orgs.
Certain taxonomy items — like data types, data uses, and third parties — are grouped into categories using TerraTrue's default taxonomies. Categories are primarily a convenience and are meant to help you find data types more easily. You can edit these default categories or create your own by visiting Settings > Customization, selecting the taxonomy type you'd like to edit, then clicking the Categories tab.
This field allows you to mark certain custom taxonomy items as having a high, medium, or low risk level. We'll tailor your recommendations according to these risk levels.
- Data Spec Visibility
Selecting Show will allow a taxonomy item to appear as an option on the Data Spec. Selecting Hide prevents users from selecting that particular taxonomy item when completing the Data Spec.
- Triggers DPIA
Selecting Yes designates a taxonomy item as one that would require your organization to complete a Data Protection Impact Assessment (DPIA) in certain jurisdictions.
- Machine Learning
Selecting Yes designates this item as being used for machine learning purposes.
- SPI Modules
SPI (Sensitive Personal Information) Modules are TerraTrue's term for supported privacy and security laws. If you want to add a custom region to your taxonomies, you can choose one or more laws from the SPI Modules menu that apply to that particular region.
Some data types are considered "Sensitive Personal Information" (SPI) under state laws, and residents have the right to request that companies limit their use of such information. By selecting the appropriate law from the SPI Modules menu, you can designate a custom data type as falling under the protection of that module's SPI regulations.
Note that this attribute is optional and can be left blank.
- CA Category
California's privacy law organizes data types into specific categories. For orgs using TerraTrue's CPRA module, this field allows you to add a custom data type to one of those categories.
- CA Breach
Select Yes to designate this data type as falling under California's breach stipulation. Under California law, a company is legally obligated to adopt reasonable safeguards to protect this information.
Modifying TerraTrue’s default taxonomy items
By default, you can't delete or rename the default data types, data uses, and third parties that come packaged with TerraTrue. This default is designed to prevent our customers from receiving incorrect recommendations or guidance. If you’d like to edit our defaults anyway, enable the Advanced Customization setting.