On May 25, 2018, a new EU privacy regulation came into effect called the General Data Protection Regulation (GDPR). It imposes tougher obligations on businesses with regards to how they collect, store and manage personal data of EU citizens, regardless of whether the data processing takes place in the EU or not.
This post is to assist you in using Wakeupsales CRM, but should not be regarded as legal advice. If you have questions on how the GDPR will affect your business we recommend you seek legal advice.
The GDPR will affect anyone who stores personally identifiable information of any EU citizen. Personally identifiable information can be a name, email, address, date of birth, personal interests, unique identifiers or even digital footprints.
We're committed to your data security and privacy. In light of the GDPR we have reviewed our data processes and practices to ensure we're fully compliant. For example we are:
Reviewing Wakeupsales CRM's functionalities to consider whether we can make any improvements that make the CRM more efficient for users who are subject to the GDPR.
GDPR emphasises on respecting your customer's data and processing only the data that you need. We already have features in place to help you manage your customer's data correctly. Here are some suggestions to help you with the compliance:
With the GDPR you need to have lawful basis for processing personal data, consent is one of them. If you need to record consent, you could add a date field to record when the consent was given. You could also use Wakeupsales CRM's notes features to mark contacts who have consented to you contacting them again.
You may wish to remove data that is no longer being used for its original purposes since May 25, 2018. Also, under GDPR there is emphasis on the right to be forgotten, enabling an individual to request that their data be deleted. In Wakeupsales CRM, you can choose to delete your account & allow us to keep your data or you can opt for complete deletion of your account info. In case of the latter, the records are permanently deleted & can't be retrieved back at any future point of time.
If you're looking to understand more about GDPR, we suggest you review advice given by the UK Information Commission Office (ICO), who's responsible for implementing the GDPR legislation in the UK. They provide practical advice such as an overview including key areas for Data Controllers to consider and get in place, along with their 12 steps to take now.
Please write to us on "email@example.com" if you have any questions and we'll be happy to answer.