GDPR in eWay-CRM
eWay-CRM gives you the set of functions that you can use for implementation of GDPR rules in your company.
Important: GDPR functions in eWay-CRM are not absolute fulfillment of GDPR rules for your company. GDPR rules are very comprehensive, affect many aspects of your business, so we recommend to consult it with specialist.
Turn on GDPR Functions in eWay-CRM
If you want to turn on GDPR functions in eWay-CRM, you need to be administrator.
There is Apply General Data Protection Rules (GDPR) setting in Administration Application. If you turn it on, it will allows you to use all GDPR functions that are prepared for you. These functions are:
- manual and automatic marking of item as GDPR relevant,
- removing of items with all related items,
- register and get the confirmation of personal data processing,
- track history of changes,
- fulfilling of GDPR rights.
GDPR Relevant Items
If GDPR setting is turned on, you have new possibilities in eWay-CRM. You can mark items as GDPR Relevant. Modules whose items can be marked as GDPR Relevant are:
- Journal
- Documents
- Emails
All three modules have new GDPR Relevant icon in their dialogs. For example, if your customer wants to change his or her personal data, you just create journal and mark it as GDPR Relevant.
Same action can be done when you right click journal (or document or email) in the list and select GDPR Relevant. Item will be marked as GDPR Relevant and you can easily filter all GDPR Relevant items in the list.
In some cases, items can be automatically marked as GDPR Relevant. For example, when you convert email to deal, project or contact, it is automatically marked as GDPR Relevant.
For more information, go to Mark Item as GDPR Relevant.
Remove Items in GDPR Regime
If GDPR setting is turned on, some modules have different way of removing. It is applied on these modules:
- Deals
- Contacts
- Companies
If you want to remove deal, contact or company in GDPR regime, you will see different icon for removing:
If you try to delete the contact (or deal or company), new dialog will pop up. There are some new features:
- When you remove an item (only deal, contact or company), not only the item itself will be deleted, but related items will be deleted too. These related items will be deleted: journal, documents, emails, tasks, calendars and related items from marketing list. So it is required that the user is also able to view and delete all items from these modules.
- If you want to delete the item, you firstly need to type down displayed code. After inserting three displayed letters, Yes button will be enabled.
Important: Removing of deals, contacts and companies from eWay-CRM when the GDPR setting is turned on, is irreversible! Please, be sure that you want to delete an item and all its relations.
When the contact (or deal or company) is removed, journal about deleting is created with all deleted values hashed in the Note field.
Go to https://passwordsgenerator.net/sha256-hash-generator where you can generate SHA-256 hash of some value. For example, you want to look that some email address was deleted. You can find in these journal all values that were deleted (name, surname, email address, phone, etc.).
If you have hash of email address, you can try to find it in the Note field as you can see in the picture.
If you know the value that should be deleted, you can always check whether it was really deleted. You can send your client verification, that his or her values were removed from your system.
Register Confirmation of Personal Data Processing
Registering of client confirmation is not specific function of eWay-CRM, but you can use its possibilities that are already available. Confirmation of personal data processing can be registered in custom fields. We prepare manuals to show you how to use custom fields for this purpose:
-
How to Get Processing Consents (this function does not need to have GDPR turned on in eWay-CRM)
eWay-CRM allows you to create marketing lists only with respondents that gives you confirmation that they want to receive your marketing communication. For more information, go to Create and Edit Marketing List.
Activity History Tracking
The function is not related with GDPR, it can work without GDPR setting turned on, but when you mark GDPR setting as is described above, you will see dialog that asks you whether you wanted to track history of items.
If you confirm the dialog, you will be moved to the Activity History Tracking section in Administration Application.
You can choose all modules which items history you want to track. For more information, go to Activity History Tracking.
Fulfill the GDPR Responsibilities
We prepared manuals so you can easily use eWay-CRM to fulfill rules that are set by GDPR. You can register clients request to change his or her personal data or other request, but you can also create record that verifies the change and its completion. eWay-CRM can be used to fulfill these GDPR rights:
- Right of Personal Data Access by Data Subject
- Right to Rectification
- Right to Data Portability
- Right to Restriction of Processing
- Right to Object
- Right to Erasure
Availability: GDPR functions are available since eWay-CRM 5.2.0.