CRM for GDPR

"Only 40% of SMEs in the UK have taken steps to become GDPR compliant."
- Survey by ICO in 2019

CRM can get you on your way to manage your GDPR compliance!

Know your data

What is GDPR?


The General Data Protection Regulation (GDPR) is a regulation in the European Union (EU) that took effect on May 25, 2018.
It replaces the 1995 EU Data Protection Directive and strengthens the EU data protection rules. The GDPR applies to any company that processes the personal data of EU citizens, regardless of where the company is located.

The GDPR gives individuals more control over their personal data, including the right to know what data is being collected about them, the right to access that data, the right to have it deleted, and the right to have it corrected. 

It also requires companies to obtain explicit consent from individuals before collecting their data and to inform them of how that data will be used.

What is Personal Data?

Personal data is any information that can be used to identify a living individual. This can include a wide range of information, such as a person's name, address, email address, phone number, date of birth, government-issued identification numbers, and financial information.
Personal data can also include sensitive information, such as medical records, religious or political beliefs, and sexual orientation.

Biometric data, such as fingerprints and facial recognition, is also considered personal data. Personal data can be in the form of text, images, audio, or video recordings.

The right tool to use

How does CRM help with GDPR?


CRM can help organisations comply with the General Data Protection Regulation (GDPR) by providing tools to manage and protect personal data. 

By using a CRM system, organisations can effectively manage and protect personal data, helping them to comply with GDPR and avoid costly fines.

1. Data Collection and Management

A CRM system can be used to collect and store personal data in a centralised location, making it easier for organisations to access, update, and delete personal data when required by GDPR.

2. Data Governance

A CRM system can provide tools to control access to personal data, set permissions, and track changes to personal data, enabling organisations to monitor and enforce GDPR compliance.

3. Data Retention and Deletion

A CRM system can be used to set retention policies for personal data and automate the deletion of data that is no longer needed, in compliance with GDPR's "right to be forgotten" requirement.

4. Data Auditing

A CRM system can provide audit trails and reporting capabilities, enabling organisations to track and demonstrate GDPR compliance, including data breaches and data access requests.

5. Data Consent

A CRM system can be used to collect and store explicit consent from individuals before collecting their data, in compliance with GDPR's consent requirements. Additionally, CRM systems can automate the notification and auto-renewal of the consent from the individual.

First contact made

Website > CRM


CRM gives you the ability to create website forms that securely send client information from your website to your CRM

Immediately capture GDPR related fields and request consent from your client!

'I give my consent for you to store my information'

This is sent and saved inside the CRM

GDPR Fields inside CRM

Contact Management


'I give consent'
This is the mandatory checkbox on the webform when customers submit their data

Lawful Basis
Record the one or more reasons why you have stored this data stored

Lawful Basis Source
Record and group your data sources, add a note for more information

Lawful Basis Date Reviewed
Record the date when this data was sourced / Reviewed

Centralise your interactions

Activities & History


CRM gives a you a central place to store all activities that have taken place with a client and quickly report on them if required.

You can see everything that has taken place with a Contact in chronological order, all one place.

Create Meetings, Calls & Tasks
Relate to multiple Contacts and Organisations
Sync with Outlook and Gmail
Shared User Calendar

Listen to your audience

Email Marketing > Opt Out


Inside the CRM sending bulk emails to potentials clients and existing clients is a step by step process and includes automation for individuals responses.  

Opt Out automation Include an 'unsubscribe' link in your email, if an individual clicks on it their email is automatically 'opt out' from receiving any emails from the CRM
Go Further with a 'Preference' page EngageCRM can help upgrade your CRM to include your Contact Subscriptions list If you are sending different content to your Contacts

This will ensure you are sending relevant content to your Contacts and giving all recipients the chance to opt out of your organisation's marketing  

Keep your paperwork safe

Document Management


GDPR requirements can also relate to the hosting and storage of your files and documents.

We guarantee our hosting is in the UK and the CRM can help toward organising your documents!

Generate and Mail Merge documents
Upload Documents and link to records
Store and track all revisions
Set reminders for updates and deletion 
Intergrate with Docusign and other esignature applications 

Know who modified the record

Audit Change Log


All fields inside the CRM can be added to the 'audit log' for the module they are inside

This allows administrator users to go to a record and click 'View Change Log'

Showing a list in order of every change that has taken place on the record!

Built by Engage, available for all customers

CRM Reports for GDPR


We have created a number of specific GDPR related reports to support our clients have the start point to audit and report on GDPR related areas

Suppression List
Using the automated opt out process inside CRM you can have a live suppression list report to ensure you are in control of your email communications

GDPR Date Reviewed
Live report showing your GDPR date reviewed. Keep up to date with your company policy of retaining data / data consent
Use this report to make a marketing list 'Renew Consent' and resend consent emails in bulk

GDPR Audit
Using the reporter to help highlight data gaps within the Contact data and GDPR fields

Try EngageCRM for free.

No credit card, no subscription, no risk.

Stay Connected

Tel: 01793 236246
Email: info@engagecrm.co.uk
Address: 1 Milton Road, Swindon, SN1 5JE

Copyright © EngageCRM UK. All Rights Reserved.