To set up Zammad, it is important to understand the basic principles of the architecture. Below you will find a multi-step exercise to understand groups, roles, attributes, triggers and assignment rules. After completing this exercise, you will be able to connect new departments and divisions.
1) Create a new group: "DSGVO/GDPR"
2) Create new role: "Data Protection Officer"
--> Once you have created this new role, go to User Management and assign this newly created role (Data Protection Officer)
to your user (in addition to the agent role). This will now give you access to the tickets in the new "protected" group
for data protection requests!
3) Create new ticket attributes:
In the EU, you are legally obliged to give customers the opportunity to view the personal data stored at
in the context of "Data Privacy" (data protection request / right to information) and to have data stored at
deleted (data protection deletion request). For this purpose, please create two
separate object attributes at ticket level:
a) Single selection: Support Type
--> This new ticket attribute allows you to classify tickets according to ITIL/ITSM and configure dedicated
processes for user questions (Issues), faults (Incident) or change requests
(Change Request).
b) Boolean: DSGVO/GDPR deletion request (yes/no)
--> You can now use this ticket attribute to classify requests as GDPR requests or deletion requests,
you can then use trigger-based workflows to introduce a dual control principle to have the users and/or
automatically delete the tickets in accordance with data privacy principles.
Of course, you can now create any number of additional attributes in various formats.
You can also create Object Manager attributes at user level (e.g. personnel number for internal IT)
or at organizational level (e.g. B2B classification "A/B/C/D" or contract level for SLAs)!
Triggers are classic automations in "If --> Then" relationships. You define here as
the condition when the rule should take effect and below it the defined action chain that should then be executed.
a) Adapt existing trigger "Auto-Reply on new tickets"
--> With this change, you only send the standard auto-reply in English for tickets
from customers who have not written in German. You can of course customize the content of the mail,
the variables (everything that is contained in brackets cryptically) are placeholders and refer to stored
information from the Zammad database!
b) Clone the existing "Auto Reply Trigger" and modify the clone (language = German)
--> This new trigger now sends auto-reply confirmations of receipt in German if the recognized
language of the request was "German".
Of course, the action can also be an "SMS" or a "webhook" in addition to the "email dispatch", e.g. to send
a data ping to a third-party system in order to query data from Zammad via API or to transfer data to Zammad
via API and, for example, to enrich the ticket with order data and documents from the store system.
--> This filter ensures that tickets with GDPR in the subject are assigned to a protected group,
to which only authorized persons (Data Protection Officer) have access.