Zoho CRM is on its way to GDPR Compliance
Hello folks,
GDPR has been the talk of the hour and we would like to ensure that this GDPR fever does not come in the way of your business and selling. There are several GDPR centric enhancements in Zoho CRM that will be released in a phased manner to all our users in the following weeks.
Designed to help you meet the privacy standards set by the European Union, these enhancements will provide a streamlined mechanism for you to collect, process and store your customer data in conformation with the GDPR.
So what is GDPR and how will it affect your business?
GDPR or General Data Protection Regulation is a landmark policy aimed at empowering citizens of the European Union regarding their personal data. With increasingly complex flow of information across the world, GDPR aims to give EU citizens more direct control on how their personal information is being processed in addition to improved data privacy.
GDPR not only applies to companies in the EU region but to any organization that collects or processes the data of EU citizens. If you are one of those organizations who collect or process data of EU citizens, the following enhancements in Zoho CRM are for you.
GDPR centric enhancements in Zoho CRM:
We have split GDPR requirements into Data collection, Data processing and Data Subject Rights. In the sections below, we state the GDPR requirements along with the respective enhancements in Zoho CRM that meet them.
Note: The Organization collecting customer data is referred to as "Data Controller"/"Controller", your customers are referred to as "Data Subjects" and Zoho CRM will be the "Data Processor".
1. Data Collection
GDPR demands that personal information collected from Data Subjects should be limited to what the Data Controller needs in order to deliver its services, and a legitimate need in case of requesting additional information must be demonstrated. It is also mandatory that you state the purpose and get clear consent when collecting personal information.
Consent must be explicit, where Data Subjects take an affirmative action (clicking on the checkbox, so no pre-ticked check boxes). Controllers are also expected to be transparent about the duration for which the data will be processed.
Consent Form: Consent is one of the cornerstones of GDPR, as the execution of any processing activity now depends on the consent provided by the Data Subject. So in-order to demonstrate compliance, it is mandatory that a Data Controller identifies Data Subjects who require consent and those who do not require it under criteria such as Legitimate interest, Vital interest, Public interest, Contract, Freely given consent and other basis. After identifying this, the Data Controller should get consent from Data Subjects who require consent and be able to provide proof of consent if needed.
The fully customizable consent form in Zoho CRM allows Controllers to get explicit consent in regards to:
- The purpose of data collection.
- Preferred communication channel.
- Duration for which the data can be processed or consent duration.
- Sharing information with connected services.
Consent from Data Subjects, in written declaration or orally obtained consent (through email or telephone) can be attached to the form using the Attachment option.
Once the Data Subject has submitted their consent, it's stored under the Data Subject's record details page for the purpose of official record and for the Controller to know their actionable items from the data provided. For example, if a Data Subject has explicitly stated that their preferred channel of communication is email, then they are not to be contacted through any other means.
Double Opt-in Mechanism: This is one more compliance feature which you can use when setting up webforms. Anytime a Data Subject submits their information through a webform, a double Opt-in email is sent to them to confirm their registration/sign-up.
Double Opt-in Mechanism: This is one more compliance feature which you can use when setting up webforms. Anytime a Data Subject submits their information through a webform, a double Opt-in email is sent to them to confirm their registration/sign-up.
Data source tracking: Data Subjects' information can be pushed into Zoho CRM from multiple sources which include direct sources like web-forms, and indirect sources such as imports, manual entries, APIs, and third-party integrations.
The source and additional details if any (like the URL, IP address and geo-location) will be documented in the record details page. The screenshot below shows a new section called Data Privacy, under which Data source and the respective consent details are populated.
2. Data Processing
Information provided by a Data Subject can only be processed in a lawful basis. There is significant emphasis on the fact that all processing activities must be carried out securely to ensure that personal information is not exposed.
Marking Personal fields - fields containing PII (Personally Identifiable Information): Data Controllers can mark fields containing personal information as Personal fields and set a sensitivity level (High and Low). Based on the privacy preference, the Controller can choose to restrict these fields from certain processing activities such as exports, APIs and connected services.
There are two cases when data is being processed via connected services:
There are two cases when data is being processed via connected services:
Case 1 - Data Subject has not consented to their data being shared with any connected services. In such a case no information of theirs will be shared with any of the integrated services of Zoho CRM.
Case 2 - Data Subject has consented to their data being shared with connected services but there is an organizational restriction in sharing PIIs. In such a case the fields with PIIs will be not be processed in APIs and connected services.
With regards to Zoho connected services (Zoho products like Books, Desk, Campaigns, etc.) consent provided in one product will apply across all integrated Zoho products.
Encryption At Rest (EAR): Enterprise users have the option of Encryption At Rest for Personal fields.
Audit log and timeline for customer records: The Data Controller can monitor the processing activities done on a Data Subject's personal information.
Consent Management: The consent management system helps the Controller to keep track on the consent status of their Data Subjects. The system helps users identify Data Subjects who are yet to provide consent and immediately allows for sending an email with the consent form link. Consent can be obtained through webforms, consent form, portals and offline consent (Email or phone call).
The screenshot below is a consent dashboard showing the various consent statuses. Clicking on them will get you a list of all Data Subjects with their particular consent status.
3. Data Subject Rights
GDPR comes with a slew of rights which EU Data Subjects can exercise at any time which must be addressed in a month's time. The data request management in Zoho CRM lets the Controller keep track of all data requests to address them in a timely manner. The data requests raised is also maintained under each Data Subject's record details page so that the Controller is informed on any pending requests.
The Data Subject can exercise their rights through the consent form, portal, or offline through email and phone calls.
Zoho CRM helps Controllers address these data requests through the following options:
Access (Right to View): Using Zoho CRM's email feature, a template consisting of all customer information fields can be quickly created, which can then be sent to your customer upon request.
Rectify (Right to Rectify): Customer specific information can be exported and sent to the customer for rectification and the same can be updated.
Export (Right to Portability): Customer specific information can be exported, attached to an email and sent to a customer in a machine readable format, all without being downloaded on to your device.
Stop Process (Right to Stop Processing): Once a customer exercises this right, the corresponding record will be locked preventing further processing.
Erase (Right to be forgotten): Once exercised, the customer's record will be locked for the duration of the retention period defined in the Data controller's terms of service, after which the controller has the option to delete the customer information. Once deleted, the record will be moved to a blocklist and the re-entry of the same data will be prevented.
All of these enhancements will be made available for you in Zoho CRM in a phased manner. So watch this space for more updates!
Access your files securely from anywhere
New to Zoho Recruit?
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Aishwarya EK
Bueller Bueller
Thomas iwant2help
Bala Ganesh
Sunderjan Siddharth
Sticky Posts
Good news! Calendar in Zoho CRM gets a face lift
Dear Customers, We are delighted to unveil the revamped calendar UI in Zoho CRM. With a complete visual overhaul aligned with CRM for Everyone, the calendar now offers a more intuitive and flexible scheduling experience. What’s new? Distinguish activitiesConsumers are talking about your business. Are you listening?👂
A loyal customer might be praising your product in a forum. A frustrated user could be posting a harsh review on a public site. An excited partner may have left a comment on your campaign. A domain expert might be deconstructing your product. A prospectEnhancements to the formula field in Zoho CRM: Auto-refresh formulas with the "Now" function, stop formula executions based on criteria, and include formulas within formulas
Dear Customers, We hope you're well! By their nature, modern businesses rely every day on computations, whether it's to calculate the price of a product, assess ROI, evaluate the lifetime value of a customer, or even determine the age of a record. WithElevate your CX delivery using CommandCenter 2.0: Simplified builder; seamless orchestration
Most businesses want to create memorable customer experiences—but they often find it hard to keep them smooth, especially as they grow. To achieve a state of flow across their processes, teams often stitch together a series of automations using WorkflowPresenting ABM for Zoho CRM: Expand and retain your customers with precision
Picture this scenario: You're a growing SaaS company ready to launch a powerful business suite, and are looking to gain traction and momentum. But as a business with a tight budget, you know acquiring new customers is slow, expensive, and often delivers
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Improved RingCentral Integration
We’d like to request an enhancement to the current RingCentral integration with Zoho. RingCentral now automatically generates call transcripts and AI-based call summaries (AI Notes) for each call, which are extremely helpful for support and sales teams.Introducing New APIs in Zoho Contracts
We are excited to announce the release of new APIs in Zoho Contracts to help you automate and manage every stage of your contract lifecycle more efficiently. Here’s a quick overview of what’s new: 1. Complete Contract Draft You can use this API to completeVimeo
For me Vimeo is the most important video social channel for media and filmmakers. Would others agree and like it added to Zoho Social.Delete a department or category
How do I delete a Department? Also, how do I delete a Category? This is pretty basic stuff here and it's impossible to find.Organization Emails in Email History
How can I make received Org Emails to show up here?Deleting Fields in CRM Deletes Views in Analytics
Hey friends! I'm having some issues when we modify some fields within ZohoCRM. There are times where we need to sunset a field and eventually completely remove it. In these instances, it seems like a lot of views are removed in Analytics. This rangesHow to setup pricing in Zoho
Hi everyone, I am relatively new here and have just moved from my old inventory system to the Zoho one. I am trying to get my head around how it all works. I am mostly setup connected to a shopify store, but I do manual sales also For manual invoicing,Prefilled Date fields auto-changed and then locked when using “Edit as new”
If a document out for signature has date fields (not SignedDate fields) that were pre-filled before sending, and then you use “Edit as new” to create a new version of the same document, the value of those date fields gets automatically changed to todayIs there a way to update all the start and end dates of tasks of a project after a calendar change?
Hi! Here's my situation. I've built a complete project planning. All its tasks have start dates and due dates. After completing the planning, I've realized that the project calendar was not the right one. So I changed the project calendar. I now haveAccess Phone Field Components (Country Code) Directly
Hello everyone, I'd like to propose an enhancement for the Phone field in Zoho Creator. The Problem: The Phone field captures the country code and local number separately, but stores them as a single string (e.g., +1234567890). To get the country code,Send mass messages through WhatsApp from the Tickets module
Hi Everyone! Effective communication is key to delivering prompt and reliable customer support. Because WhatsApp is one of the most widely used and familiar messaging platforms, it's an effective channel for agents to reach customers who have submittedLead Owner Signature Merge Field
I want to automatically insert a signature (i.e. contact info usually found at the bottom of an email) into an email template, depending on who the lead owner is. What is the merge code for the Signature from a Users profile? CRM > Settings > Customization > Templates There is a popup near the bottom of the edit screen which says: "You can insert a Signature, which is available as a merge field in the users section." It is also referenced on this page: https://help.zoho.com/portal/en/kb/crm/customize-crm-account/customizing-templates/articles/template-builder#Merge_FieldsHow do I create a time field?
I want a field that only records time. I can only see how to create a date-time field. If I do that and enter a time, without a date, nothing is recorded. If I create a number or decimal field, I cannot use it in time calculations. All I want is a fieldAlternating columns - How to reverse order on mobile - Responsive template
Can the order of alternating columns be reversed on mobile so that image comes before the text? Example: Desktop Row 1 column Left (image) , column right (text) Row 2 column Left (text) , column right (image) Mobile Currently Row 1 Image over text RowInvokeURL butchering JSON for OpenAI API calls
My organization works with mostly educational institutions. We have a custom module called "Schools", which is the user-entered school name they put when using our service (which they enter along with their state and zip code). We want to map this toCustom order for Current Stage (Blueprint field)
Hi! I suggest adding the option to set a custom order in reports for the Blueprint field ‘Current Stage’. Currently, these fields can only be sorted in ascending or descending order. Thanks!CRM E-mail Sync from Outlook
We are exploring Zoho as a possible new solution for our company. We are trying to understand further on how e-mail sync works. We use outlook. Our current CRM logs anytime we e-mail a customer so we can see in the CRM the message sent to the customer.Run your help desk on your schedule
In business, time is of the essence. This is especially true in a function like customer service, where KPIs such as response time and agent availability are the measures of success. Perhaps the most crucial consideration one needs to make about time is your hours of operation. These set expectations for your customer and for employees. To make communicating this information easier, we've revamped the way business hours and holiday lists work in Zoho Desk. In order to accommodate teams that workThe Customer Happiness REST API is broken
1. We are unable to extract the customerHappiness ( https://desk.zoho.com/DeskAPIDocument#CustomerHappiness#CustomerHappiness_ListallcustomerHappiness) object using the ticketNumber criteria. We keep getting HTTP 429 even when we limit to 60 calls perCan the Product Image on the Quote Template be enlarged
Hello, I am editing the Quote Template and added ${Products.Product Image} to the line item and the image comes up but it is very tiny. Is there anyway that you can resize this to be larger? Any help would be great! ThanksAutomatic Department and Employee Sync Between Zoho One and Zoho People
Dear Zoho Support, I'm writing to propose a valuable feature request that would streamline data management and improve user experience within the Zoho ecosystem: automatic synchronization between departments and employees in Zoho One and Zoho People.Zoho Expense and Chase Bank Visa credit cards - Direct Feed?
Our company uses JP Morgan Chase Visa credit cards. We can't be the first to try and use a combination of Zoho Expense + Chase Bank + Visa Credit Cards --- anyone successful with this combination? 1. The direct feed automation isn't working. When I goImpossibile inviare il messaggio;Motivo:554 5.1.8 Indirizzo del mittente bloccato
" Impossibile inviare il messaggio;Motivo:554 5.1.8 Indirizzo del mittente bloccato" Hi need to send email, how can fix this? Thanks, AliceImage inputed in Zoho Form were displayed to small in exported version
Good evening, my name is athallah, i am a trainee in government office Right now, i use Zoho form to digitalize an airfield monitoring form. my problem is, the image were to small to displayed in exported version. it really bad for formal presentationAPI. How do I get responses submitted to the form?
Hi, I'm trying to retrieve a list of form responses via the API. I've created a Self Client application in API Console. What scoup should I enter? What are the endpoints? Is there documentation on this anywhere? I've wasted a lot of time searching. GPTQuestion about Zoho CRM Professional plan users
Hello! I have a question about the Zoho CRM Professional plan. Is the pricing charged per user or per organization? Are there any free users included in this plan, or do I need to pay for each additional user separately? Thank you!Communicating with emojis
On July 17, we celebrate World Emoji Day! We're a bit late 😐 sharing insights about this day. But we just couldn't let it pass without a mention 😊 because emojis have a meaningful connection with customer service 💬 🤝. We do not want to miss out onChanging the Default Search Criteria for Finding Duplicates
Hey everyone, is it possible to adjust the default search criteria for finding and merging duplicate records? Right now, CRM uses some (in my opinion nonsensical) fields as search criteria for duplicate records which do nothing except dilute the results.Is it possible to create a word cloud chart in ZoHo Analystics?
Hi there, I have a volume of transaction text that I would like to analyse using word cloud (or other approcah to detect and present word frequency in a dataset). For example, I have 50,000 records describing menu items in restaurants. I want to be ableHelp integrating Aircall into Zoho CRM
Hi all, We are need to get better AirCall integration into Zoho. We have configured in the Aircall dashboard but we have not done the Zoho side. We cannot see Zoho CRM information on incoming calls. And we calls and text's are not being logged. SpecificallyShopify Extension no longer working in CRM
Zoho CRM and Extension are no longer working properly. We have used Shopify Basic for years. All of the sudden it stopped working, then started working again, and now no longer working again. There are several ways for Personal Information to sync fromHow to keep track of bags, cans, drums of inventory?
We buy and sell products that are packaged in bags 🛍️, cans🥫, drums🛢️, etc. with batch numbers. When we get a shipment of one of the products, how do we track we received (say) 10 cans each of 5L of a product and maybe we received 10 cans of anotherEasy third party collaboration: Zoho Flow Integration
Third-party integrations extend your project functionality with improved workflow, and data processing. With Zoho Flow integration you can include multiple third party actions into your project or task automation. Add Zoho Flow action in Workflow rulesZoho Inventory - How to pay a supplier up front then receive multiple deliveries
How do we manage situations where we pay a supplier up front, then the receive the products in increments? Example Workflow: Create Purchase Order > Receive Bill for full amount > Receive Items 2 or more deliveries. Currently, once a Bill is created againstIntroducing Configure, Price, Quote (CPQ) in Zoho CRM | Public early access 2023
Greetings Customers! We're excited to announce that the CPQ feature will soon be available in Zoho CRM and accessible to all accounts using the Professional, Enterprise, and Ultimate editions. We've opened this feature to select customers, and it'll behow to edit the converted lead records?
so I can fetch the converted leads records using API (COQL), using this endpoint https://www.zohoapis.com/crm/v5/coql and using COQL filter Converted__s=true for some reasons I need to change the value from a field in a converted lead record. When I tryZoho Bookings <> CRM integration
Hello Zoho community! We are enabling our Zoho Bookings <> CRM integration. What is the workflow if the integration detects that the contact already exists in the CRM? Does it create a duplicate record? Overwrite the record? Merge the record? (in thisCannot reject empty expense report
Hello, We are currently having issues with two empty expense reports where if we try to reject them, either manually or through the REST API, we get error 114016, which says some of the expenses have already been billed and must be removed. I'd appreciateUse of Zia within Forms
I have noticed that recently you have added Zia to help create forms from scratch. Would it be possible to add Zia functionality to free text fields for form submissions or if this is already on the roadmap an ETA for this please? We have a lot of fieldDefault in fields on Form B based on the user selection in Form A
Hi Everyone, I have added an action button to a form report to bring up a new form based on user selection, see it indicated in red below: Then when the ne form loads, I want to default in some of the fields based on the record the user was selected on.Next Page