GDPR and OpenCRM
The General Data Protection Regulation (GDPR) came into force across the EU on 25 May 2018 and continues
to apply in the UK as the UK GDPR, alongside the Data Protection Act 2018.
It sets out how organisations must handle and protect personal data, and the rights individuals have over their information.
To support users of OpenCRM, we have created this page to help you understand your
responsibilities, how to use OpenCRM in a compliant way, and the measures we have implemented as a business.
General GDPR guides
- ICO’s guide to GDPR
- Principles of the GDPR
How to…in OpenCRM
- How to use Data Retention Rules in OpenCRM
- Setting up Right to be Forgotten
- Managing mailing lists and “opt in” consent to marketing
- Overview of GDPR features webinar
- What is the Customer Portal?
Our thoughts on GDPR
- How can your CRM help you prepare for GDPR?
- Need some easy GDPR wins?
- GDPR is fast approaching, is your SME ready?
- GDPR Fact Sheet
Resources Available on Request
- Data Retention Workbook
- Right to be Forgotten Workbook
- Considerations with your Customer Portal
- Recording data processing consent
When it comes to data about an individual or company, GDPR guarantees you a number of rights, including…
- Knowing where the data came from
- The ability to correct inaccurate data
- Being kept informed about how your data is processed (and able to object to this processing)
- Requesting a copy of the data
- Having to explicitly opt in to receiving marketing communications
- Asking for your data to be removed
That means we as a data controller…
- Tell you what data we hold on you and where we got it (and let you know when we are collecting more)
- Have documented data processing policies (and give you information about these)
- Provide you with the ability to check and update your data
- Have data retention policies in place so we don’t keep data longer than we need it
- Obtain your consent for sending you any marketing communication
- Work with you (and within our legal requirements) to erase any data you don’t think we should have
We also have a responsibility to protect your data to the best of our ability. To ensure this, we…
- Follow best industry and development guidelines for all systems and servers
- Carry out 24/7 monitoring on our data centres
- Ensure all servers and PCs are kept up to date and patched
- Have documented data processing and retention policies
- Train our personnel on best practices and our own procedures
- Regularly review this these procedures and policies
- Find out more about our commitment to security on our Security overview page
- We have also achieved the Cyber Essentials Plus certification
We also have a responsibility to protect your data to the best of our ability. To ensure this, we…
- Follow best industry and development guidelines for all systems and servers
- Carry out 24/7 monitoring on our data centres
- Ensure all servers and PCs are kept up to date and patched
- Have documented data processing and retention policies
- Train our personnel on best practices and our own procedures
- Regularly review this these procedures and policies
- Find out more about our commitment to security on our Security overview page
- We have also achieved the Cyber Essentials Plus certification
We’re here if you need us
Get in touch with our team to chat about how you can use Open CRM to meet your GDPR requirements.
