GDPR Compliance

Owned by p_demou (Deactivated)
Last updated: Sept 21, 2018 by Andros Papageorgiou (Unlicensed)
6 min read

Table of Contents

Overview

In order to comply to General Data Protection Regulation (GDPR) as of May 2018 certain measures must be taken by organizations to protect every individual's rights to control how their personal information is collected and processed. The following tools are available in CRM.COM to ensure that the collection of personal data of your customers is done in a way that is accepted by GDPR.

  • Contact Consent for keeping and processing data
  • Anonymization of data
  • Expanded audit trail logging for access retrieving and modification of data

 

As part of CRM.COM's continuous need to provide statutory compliance, several features and new functionality has been implemented to assist our clients to comply to the EU's General Data Protection Regulation (GDPR). The features provided are meant to assist CRM.COM's customers to achieve compliance with the regulation but the responsibility for compliance is on our customers. It also has to be noted that each customer may still need to further investigate GDPR in order to identify any additional operational and data requirements based on each customer's business needs. 

Consenting

Contact Consent State 

Each contact information has a state/status associated to their consent which is one of the following:

  • Pending: Contact has not yet provided their consent 
  • Accepted: Contact has provided their consent
  • Rejected: Contact has rejected the consent
  • Withdrawn: A contact who previously provided their consent, withdraws it

Through the Consent Settings available in the Contact Information Definition, you can set up how data of contacts can be manipulated according to the state the consent is at, except the case where the contact has provided their consent (Accepted) in which case there are no restrictions or options to restrict it. In any other case the following options are available:

  • Complete functionality: Indicates that the contacts and the actions applicable on them are fully functional.
  • No functionality allowed: Indicates that no further actions can be applied on these contacts but they will exist as contacts in the system. (Only available for 'Rejected' and 'Withdrawn' states)
  • Anonymize Contact: Indicates that contacts will be fully anonymized and no longer functional in any way (Only available for 'Rejected' and 'Withdrawn' states)

A contact's consent state (apart from Pending' which is the default state) can be captured in the system in 3 ways

  1. By using the dedicated action in the Contact information page Actions > Add Consent Form in which case the consent state can be selected and the consent form can also be uploaded
  2. By using links available in emails or SMS sent to the contacts through which the contact can either accept or reject the consent. For more information on using the Links refer to Communications
  3. Through a third part system such as a portal or mobile app which can make use of the associated WEB APIs

Contact Consent Form

A contact consent form can be attached on every contact through which their consent can be verified. The consent form can be individualized, for example, a scanned copy of a signed accepted consent form or a global consent form which is the same for all contacts and can be selected through the attachments library

If the form is individualized then it can be added by using the dedicated action in the Contact information page Actions > Add Consent Form in which case a consent form can be uploaded or selected through the attachment's library (global). If however the consent form does not need to be individualized, then set the consent form in the Contact information Definition Consent Settings and the selected form will be automatically attached to all contacts

 

Consent forms may be updated through the time thus it may be mandatory to require re-consent from the contacts.  This is possible by using the action available in the Contact Information Definitions data entry page 'Require Re-Consent'. This is applicable only for contacts that have either accepted, rejected or pending consent state.  Once the action is selected then the following information are updated

  • Consent State: Pending
  • Consent Updated Date: empty
  • Consent Form: update it with the new attachment

The affected Contacts are then considered as "Pending Consent" and the respective functionality applied on the Contact Information Definitions is applied.

Anonymization

Anonymizing Data

Anonymization process is vital to GDPR compliance. Once a contact is anonymized then any CRM.COM functionality is not possible. In greater detail the following actions are no longer functional

  • Updating or executing any action on the Contact Information
  • Creating, updating or executing any action on the Contact's related Accounts
  • Creating, updating or executing any action the entities (Service Requests, Activities, Jobs etc.) which are related either to the Contact Information or the related Accounts
  • Executing any processes which are related either to the Contact Information or the related Accounts such as Provisioning Runs, Payment Gateway Runs etc.
  • If any financial transaction is imported to the system and is related to an anonymized accounts receivable then it should be posted on the System's Suspense Account instead (available through Accounts Receivable Definitions)

A contact information can be anonymized in the following three ways:

  • Through the dedicated action in the Contact Information data entry page (if the anonymization process is enabled in the Contact Information definition)
  • Through the batch process that can be executed through the Contact Information Definitions
  • Once the Contact rejects or withdraws consent and the Consent Settings of the Contact Information definition were configured so as to anonymize the contact 

In order for the contact information to be anonymized a set of conditions must be met:

  • The contact must not be a User, related to a group (internal or partner) or related to a unit (internal or partner)
  • The contact does not own a non terminated subscription, relates to a pending job, activity, service request or lead
  • The contact does not relate to a pending un-processed RBIs, or an un-posted Financial Transaction
  • The conditions set in the Contact Information Definition Anonymization settings

Check Appendix A for a full list of the data in CRM.COM that is anonymized once the process takes place.

Managing Customer Data 

Exporting customer data

Information associated to each and every contact can be made available to them through a printout which optionally it can be sent to them through an email.

Communicating contact information

Communications can be created and sent to the contact information either manually or triggered by an event taking place in the system, such as the creation or the update of the contact information. You can use tags related to contact information (text that is automatically replaced by values specific to selected records) when creating communications. Tags are available for selection by typing '#'. Additionally dynamic links can be added to these communications (dynamic link communication tags) which enable the customer to either accept or deny consent to the usage of their personal data.

Refer to the Communications manual for a full description of how to use communications, a complete list of contact information communication tags as well as specific information on how to use dynamic links.

Keeping an Audit Trail

Audit trail of any action associated to the accessing of any record is now kept in the system along with the option to view a complete list of the audit log. Additionally reports are now available which display a list of the audit trail logs of a specific Contact Information and its related Entities (Accounts Receivable and Rewards Participant and another one to display the changes performed on a contact information by a specific user. 

For more information on Audit Trail refer to Security Management

 Appendix A - Anonymized data 

 

The following data will be set to 'Anonymized' once the anonymization process is executed as part of the GDPR compliance.

 

Entity
Field
Contact InformationFirst Name and First Name UC
Contact InformationMiddle Name and Middle Name UC
Contact InformationLast Name and Last Name UC
Contact InformationID Number
Contact InformationID Registration Country
Contact InformationPassport Number
Contact InformationPassport Registration Country
Contact InformationSocial Security Number
Contact InformationDate of Birth - Day, Month, Year
Contact InformationCompany Name and Company Name UC
Contact InformationTax Reference Number
Contact InformationRegistration Number
Contact InformationRegistration Country
Contact InformationVAT Number
Contact InformationAll Address Information
  • Street number
  • Street Name
  • Postal Code
  • Floor
  • Apartment Number
  • Area
  • City
  • District
  • Municipality
  • PO Box
  • PO Box Postal Code
Contact InformationAll Phones Information
  • Area Code
  • Phone number
  • Full phone number
  • Country
  • Notes
Contact InformationAll Emails Information
  • Email Address
  • Notes
Contact InformationAttachments
  • File Name
  • File Content
  • URL
Contact InformationAll "From Values" and "To Values" from Contact's Audit Log
Accounts ReceivableName and Name UC
Accounts ReceivableNumber
Accounts Receivable Payment Preferences
  • Used for recurring payments
  • Medium identifier
  • Medium Type
  • Medium Brand
  • Bank
  • Bank Brach
  • Bank Account Type
  • Bank Account holder
  • Bank Account number
  • IBAN
  • BIC
  • Unique Mandate Ref
  • Mandate Sign Date
  • Mandate Terminate Date
Payment Gateway Cards
  • Reference Number
  • Card holder name
  • Brand
  • Type
  • Card holder address line 1
  • Card holder address line 2
  • Card holder address city
  • Card holder address zip
  • Card holder address state
  • Card holder country
  • Card holder address line 1 check result
  • Card holder address zip check result
  • Card holder address security code check result
  • Default
  • Last digits
  • Finger print
  • Expiration month
  • Expiration year
Accounts ReceivableAll Presentment Preferences Information (method, value, is active)
Accounts ReceivableAll "From Values" and "To Values" from Account's Audit Log
CommunicationsSubject
CommunicationsDescription
CommunicationsShared Notes
CommunicationsTo Recipient
CommunicationsFrom Recipient
CommunicationsContent
Financial Transactions
  • Credit notes
  • Invoices
  • Invoice Cancellations
  • Payments
  • Payment Cancellations
  • Refunds
Shared Notes
SubscriptionsNotes
Subscription ActionsCancellation Notes
ActivitiesDescription
ActivitiesShared Notes
ActivitiesContact Information email
ActivitiesContact phone
JobsDescription
JobsShared Notes
JobsContact Info Phone
JobsContact Info Email
Customer Events
  • Purchase
  • Referral
  • Social Media
  • Web
  • Achievement
  • Financial Achievement
  • Financial Statement
  • Spend Requests
Description
Service RequestsDescription
Service RequestsShared Notes
Service RequestsCaller Email
Service RequestsCaller Phone
LeadsDescription
LeadsShared Notes
LeadsContact Info Phone
LeadsContact Info Email
Rated Billing Items
  • Normal Subscription RBI
  • Normal UDR RBI
  • Prepaid Subscription RBI
  • Prepaid UDR RBI
  • Job RBI
Cancellation Notes
Access TokensAuthentication code
Access TokensIdentifier
Access TokensPass code