How Salesforce Enables GDPR Compliance

The Right to be forgotten has taken the world by storm and European Parliament General Data Protection Regulation (GDPR) guidelines have marketers anxious and worried for months. GDPR has forced organizations to rethink customer data and privacy with a ‘Privacy by Design’ approach. This means consent from customers is required to hold their data.

 

Apart from posing as a burden for marketing and data professionals, GDPR also means a huge change in internal processes. Salesforce’s Spring ‘18 Release solved this to a large extent, containing essential components for data protection and privacy.

Managing Consent

GDPR brings the onus of responsibility towards ensuring that corporations have the right approval from there users on how to leverage the data that they have collected. Salesforce has configured privacy settings across the various roles in an organization, customers can leverage an amalgamation of Standard Objects and its settings, Custom Objects, and combine their own business workflows to configure their compliance requirements.

The ‘Individual’ object

A new standard object called ‘Individual’ was released in Spring ’18 Salesforce. It essentially registers a person’s data preferences – how they wish their data to be stored, used, and shared. ‘Individual’ records have a lookup relationship to a Lead, Person Account, Contact, and custom object, carrying extra contextual information. The User object can also be linked via Apex which means that an individual with any Lead, Contact, Person Account can relate all of them to a single Individual record.

The Individual object can hold a higher level of consent data. In the future, Salesforce is expected to launch Consent objects to control the type of consent, date of obtaining and expiry, as required by GDPR. Until they become available you can create these as custom objects.

The ‘Individual’ object can be enabled from Setup. It can be found under ‘Data Protection and Privacy. On clicking edit, you can check the box ‘make data protection details available in records’. On adding the ‘Individual’ field to the Lead and Contact page layouts, you can associate a Contact/Lead to their relevant ‘Individual’ record via lookup.

Out-of-the-box records are basic but functional. These are the fields ready for use, not necessary for you to create.

 

Checkboxes:

 

  • Don’t Market, Don’t Process, Don’t Profile, Don’t Track
  • Block Geolocation Tracking
  • Export Individual’s Data
  • Ok to Store Personally Identifiable Information Data Elsewhere, also known as data transfer
  • Forget this Individual

Change Tracking:

  • Created by/Date
  • Modified by/Date

Creating Individual records

Instead of using Apex to create Individual records one by one, take a segmented approach. Start with records with the strongest consent.

 

  1. Create an Individual record related to every Contact that has a contract with the organization. Add the Privacy Permission record with a Privacy Source of “contract” to validate your contractual agreement to process data at the time an individual is a customer.
  2. Look at all Contact with open Opportunities. Before creating a new Individual record, check if it already exists and connects it to the Contact. Add the Privacy Permission record with a Privacy Source of “Legitimate Interest” to validate an individual is an engaged customer and can have a shared legitimate interest in your organization.
  3. Look at Contacts connected to campaigns and determine how long back the campaigns were held and if the person actually consented to you holding their data. If you have a record of them opting in, this consent may still be valid but still check with the legal team.
  4. Look at your Lead data and assess if you evidence of the individual actually consenting to you holding their data.

Enabling compliance

Storing customer information is important to enabling efficiencies and control to data processing. The Individual object can be used as the basis of workflows such as data deletion for data that has been kept for longer than is necessary. Salesforce users can leverage standard reporting to categorize and filter records before executing mass actions, such as sharing with third parties. Using Salesforce reports for campaign segmentation means one can be sure of excluding anyone who has opted out of marketing communications and who do not wish to be profiled.

 

A ‘Privacy by Design’ approach in Salesforce is sure to reap long-term benefits using the Individual object and adding custom consent objects. Using the Individual object as the basis of privacy data is important. If you want your organization to be GDPR-compliant, it is important to track consent data in custom objects.

Portability

In a GDPR regime corporations are required to share an individual’s personal data in an easy to understand format that they have acquired about a consumer. Salesforce enables corporations to export data in several of these formats, including CSV, XLS, JSON, and XML.

Data Security

Security is one of the key principles of the GDPR and measures are required to protect personal data. Some of the measures include user authentication and access controls. Corporations leveraging the Salesforce platform can rest assured about cloud security and can deploy access controls and other measures to secure their Data.

Wrapping Up

There are various solutions out there that enable corporations to become GDPR compliant, but if a corporation is looking at securing and complying with the regulations set forth by GDPR Salesforce can be one of the easiest solutions to implement.

Share This Blog
Related Articles

Salesforce CPQ (Configure, Price, Quote) is a powerful tool that enables businesses to streamline their quoting process by providing advanced configuration options. Among its many features, Multi-Dimensional Quoting (MDQ) stands out as a powerful capability that allows sales teams to create more detailed and flexible quotes for complex products. In this blog, we’ll dive into […]

Read More
Dynamic Search Filters in Salesforce CPQ

Salesforce CPQ (Configure, Price, Quote) is a powerful tool that allows sales teams to generate quotes with speed and accuracy. One of the key features that makes CPQ so flexible is its dynamic search filter capability. In this blog, we’ll explore how you can create dynamic search filters in Salesforce CPQ to make your quoting […]

Read More
How to Create Quote Templates Customization Methods

The objective after completing a quote is usually to produce a precise and expert quote document for clients. However, without the proper procedures in place, quoting can be difficult, error-prone, and time-consuming. Salesforce CPQ (Configure, Price, Quote) streamlines the process and improves quote accuracy by assisting with the setup and administration of quotation papers. By […]

Read More
Boost Performance with a Robust Trigger Framework in Salesforce

Boost Performance with a Robust Trigger Framework in Salesforce If you want to make sure of scalability and performance in the Salesforce development, managing Apex triggers is a must. With a trigger framework, you get a structured approach to organizing and maintaining trigger logic. This way, developers can follow the best practices while maintaining the […]

Read More

When it comes to Salesforce development, efficiently managing and deploying metadata is important to maintain streamlined operations. With the help of Unlocked Package, you can easily achieve this. It is specially designed for business’s internal use and allows businesses to develop and manage modular applications. This blog will walk you through the importance of Unlocked […]

Read More
How Salesforce Data Cloud Streamlines Data Management

The Data Cloud integrates your company’s data onto Salesforce’s Einstein 1 Platform. It provides each team with a comprehensive customer view for a better experience. The Data Cloud consolidates disparate data sources into a unified model, facilitating easy access and comprehension. It encompasses various data types such as web engagement and more from both internal […]

Read More
Our Location worldwide
Indian Flag India
3rd Floor, A-10, Pegasus Tower, Sector 68, Noida, Uttar Pradesh 201301 +91-1203117884
United States of America Flag USA
333 West Brown Deer Road Unit G – 366 Milwaukee WI, USA 53217 +1(262) 310-7818
United Kingdom Flag UK
7 Bell Yard, London, WC2A 2JR +44 20 3239 9428
Canada Canada
HIC Global Solutions INC
43 Lafferty Lane, Richmond Hill, L4C 3N8, CA +1(262) 310-7818