CRM for GDPR
"Only 40% of SMEs in the UK have taken steps to become GDPR compliant."
- Survey by ICO in 2019
CRM can get you on your way to manage your GDPR compliance!
Know your data
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation in the European Union (EU) that took effect on May 25, 2018.
It replaces the 1995 EU Data Protection Directive and strengthens the EU data protection rules. The GDPR applies to any company that processes the personal data of EU citizens, regardless of where the company is located.
The GDPR gives individuals more control over their personal data, including the right to know what data is being collected about them, the right to access that data, the right to have it deleted, and the right to have it corrected.
It also requires companies to obtain explicit consent from individuals before collecting their data and to inform them of how that data will be used.
What is Personal Data?
Personal data is any information that can be used to identify a living individual. This can include a wide range of information, such as a person's name, address, email address, phone number, date of birth, government-issued identification numbers, and financial information.
Personal data can also include sensitive information, such as medical records, religious or political beliefs, and sexual orientation.
Biometric data, such as fingerprints and facial recognition, is also considered personal data. Personal data can be in the form of text, images, audio, or video recordings.
The right tool to use
How does CRM help with GDPR?
CRM can help organisations comply with the General Data Protection Regulation (GDPR) by providing tools to manage and protect personal data.
By using a CRM system, organisations can effectively manage and protect personal data, helping them to comply with GDPR and avoid costly fines.
1. Data Collection and Management
A CRM system can be used to collect and store personal data in a centralised location, making it easier for organisations to access, update, and delete personal data when required by GDPR.
2. Data Governance
A CRM system can provide tools to control access to personal data, set permissions, and track changes to personal data, enabling organisations to monitor and enforce GDPR compliance.
3. Data Retention and Deletion
A CRM system can be used to set retention policies for personal data and automate the deletion of data that is no longer needed, in compliance with GDPR's "right to be forgotten" requirement.
4. Data Auditing
A CRM system can provide audit trails and reporting capabilities, enabling organisations to track and demonstrate GDPR compliance, including data breaches and data access requests.
5. Data Consent
A CRM system can be used to collect and store explicit consent from individuals before collecting their data, in compliance with GDPR's consent requirements. Additionally, CRM systems can automate the notification and auto-renewal of the consent from the individual.
First contact made
Website > CRM
CRM gives you the ability to create website forms that securely send client information from your website to your CRM
Immediately capture GDPR related fields and request consent from your client!
'I give my consent for you to store my information'
This is sent and saved inside the CRM
GDPR Fields inside CRM
Contact Management
'I give consent'
This is the mandatory checkbox on the webform when customers submit their data
Lawful Basis
Record the one or more reasons why you have stored this data stored
Lawful Basis Source
Record and group your data sources, add a note for more information
Lawful Basis Date Reviewed
Record the date when this data was sourced / Reviewed
Centralise your interactions
Activities & History
CRM gives a you a central place to store all activities that have taken place with a client and quickly report on them if required.
You can see everything that has taken place with a Contact in chronological order, all one place.
Listen to your audience
Email Marketing > Opt Out
Inside the CRM sending bulk emails to potentials clients and existing clients is a step by step process and includes automation for individuals responses.
This will ensure you are sending relevant content to your Contacts and giving all recipients the chance to opt out of your organisation's marketing
Keep your paperwork safe
Document Management
GDPR requirements can also relate to the hosting and storage of your files and documents.
We guarantee our hosting is in the UK and the CRM can help toward organising your documents!
Know who modified the record
Audit Change Log
All fields inside the CRM can be added to the 'audit log' for the module they are inside
This allows administrator users to go to a record and click 'View Change Log'
Showing a list in order of every change that has taken place on the record!
Built by Engage, available for all customers
CRM Reports for GDPR
We have created a number of specific GDPR related reports to support our clients have the start point to audit and report on GDPR related areas
Suppression List
Using the automated opt out process inside CRM you can have a live suppression list report to ensure you are in control of your email communications
GDPR Date Reviewed
Live report showing your GDPR date reviewed. Keep up to date with your company policy of retaining data / data consent
Use this report to make a marketing list 'Renew Consent' and resend consent emails in bulk
GDPR Audit
Using the reporter to help highlight data gaps within the Contact data and GDPR fields
Copyright © EngageCRM UK. All Rights Reserved.