Zoho CRM is on its way to GDPR Compliance
Hello folks,
GDPR has been the talk of the hour and we would like to ensure that this GDPR fever does not come in the way of your business and selling. There are several GDPR centric enhancements in Zoho CRM that will be released in a phased manner to all our users in the following weeks.
Designed to help you meet the privacy standards set by the European Union, these enhancements will provide a streamlined mechanism for you to collect, process and store your customer data in conformation with the GDPR.
So what is GDPR and how will it affect your business?
GDPR or General Data Protection Regulation is a landmark policy aimed at empowering citizens of the European Union regarding their personal data. With increasingly complex flow of information across the world, GDPR aims to give EU citizens more direct control on how their personal information is being processed in addition to improved data privacy.
GDPR not only applies to companies in the EU region but to any organization that collects or processes the data of EU citizens. If you are one of those organizations who collect or process data of EU citizens, the following enhancements in Zoho CRM are for you.
GDPR centric enhancements in Zoho CRM:
We have split GDPR requirements into Data collection, Data processing and Data Subject Rights. In the sections below, we state the GDPR requirements along with the respective enhancements in Zoho CRM that meet them.
Note: The Organization collecting customer data is referred to as "Data Controller"/"Controller", your customers are referred to as "Data Subjects" and Zoho CRM will be the "Data Processor".
1. Data Collection
GDPR demands that personal information collected from Data Subjects should be limited to what the Data Controller needs in order to deliver its services, and a legitimate need in case of requesting additional information must be demonstrated. It is also mandatory that you state the purpose and get clear consent when collecting personal information.
Consent must be explicit, where Data Subjects take an affirmative action (clicking on the checkbox, so no pre-ticked check boxes). Controllers are also expected to be transparent about the duration for which the data will be processed.
Consent Form: Consent is one of the cornerstones of GDPR, as the execution of any processing activity now depends on the consent provided by the Data Subject. So in-order to demonstrate compliance, it is mandatory that a Data Controller identifies Data Subjects who require consent and those who do not require it under criteria such as Legitimate interest, Vital interest, Public interest, Contract, Freely given consent and other basis. After identifying this, the Data Controller should get consent from Data Subjects who require consent and be able to provide proof of consent if needed.
The fully customizable consent form in Zoho CRM allows Controllers to get explicit consent in regards to:
- The purpose of data collection.
- Preferred communication channel.
- Duration for which the data can be processed or consent duration.
- Sharing information with connected services.
Consent from Data Subjects, in written declaration or orally obtained consent (through email or telephone) can be attached to the form using the Attachment option.
Once the Data Subject has submitted their consent, it's stored under the Data Subject's record details page for the purpose of official record and for the Controller to know their actionable items from the data provided. For example, if a Data Subject has explicitly stated that their preferred channel of communication is email, then they are not to be contacted through any other means.
Double Opt-in Mechanism: This is one more compliance feature which you can use when setting up webforms. Anytime a Data Subject submits their information through a webform, a double Opt-in email is sent to them to confirm their registration/sign-up.
Double Opt-in Mechanism: This is one more compliance feature which you can use when setting up webforms. Anytime a Data Subject submits their information through a webform, a double Opt-in email is sent to them to confirm their registration/sign-up.
Data source tracking: Data Subjects' information can be pushed into Zoho CRM from multiple sources which include direct sources like web-forms, and indirect sources such as imports, manual entries, APIs, and third-party integrations.
The source and additional details if any (like the URL, IP address and geo-location) will be documented in the record details page. The screenshot below shows a new section called Data Privacy, under which Data source and the respective consent details are populated.
2. Data Processing
Information provided by a Data Subject can only be processed in a lawful basis. There is significant emphasis on the fact that all processing activities must be carried out securely to ensure that personal information is not exposed.
Marking Personal fields - fields containing PII (Personally Identifiable Information): Data Controllers can mark fields containing personal information as Personal fields and set a sensitivity level (High and Low). Based on the privacy preference, the Controller can choose to restrict these fields from certain processing activities such as exports, APIs and connected services.
There are two cases when data is being processed via connected services:
There are two cases when data is being processed via connected services:
Case 1 - Data Subject has not consented to their data being shared with any connected services. In such a case no information of theirs will be shared with any of the integrated services of Zoho CRM.
Case 2 - Data Subject has consented to their data being shared with connected services but there is an organizational restriction in sharing PIIs. In such a case the fields with PIIs will be not be processed in APIs and connected services.
With regards to Zoho connected services (Zoho products like Books, Desk, Campaigns, etc.) consent provided in one product will apply across all integrated Zoho products.
Encryption At Rest (EAR): Enterprise users have the option of Encryption At Rest for Personal fields.
Audit log and timeline for customer records: The Data Controller can monitor the processing activities done on a Data Subject's personal information.
Consent Management: The consent management system helps the Controller to keep track on the consent status of their Data Subjects. The system helps users identify Data Subjects who are yet to provide consent and immediately allows for sending an email with the consent form link. Consent can be obtained through webforms, consent form, portals and offline consent (Email or phone call).
The screenshot below is a consent dashboard showing the various consent statuses. Clicking on them will get you a list of all Data Subjects with their particular consent status.
3. Data Subject Rights
GDPR comes with a slew of rights which EU Data Subjects can exercise at any time which must be addressed in a month's time. The data request management in Zoho CRM lets the Controller keep track of all data requests to address them in a timely manner. The data requests raised is also maintained under each Data Subject's record details page so that the Controller is informed on any pending requests.
The Data Subject can exercise their rights through the consent form, portal, or offline through email and phone calls.
Zoho CRM helps Controllers address these data requests through the following options:
Access (Right to View): Using Zoho CRM's email feature, a template consisting of all customer information fields can be quickly created, which can then be sent to your customer upon request.
Rectify (Right to Rectify): Customer specific information can be exported and sent to the customer for rectification and the same can be updated.
Export (Right to Portability): Customer specific information can be exported, attached to an email and sent to a customer in a machine readable format, all without being downloaded on to your device.
Stop Process (Right to Stop Processing): Once a customer exercises this right, the corresponding record will be locked preventing further processing.
Erase (Right to be forgotten): Once exercised, the customer's record will be locked for the duration of the retention period defined in the Data controller's terms of service, after which the controller has the option to delete the customer information. Once deleted, the record will be moved to a blocklist and the re-entry of the same data will be prevented.
All of these enhancements will be made available for you in Zoho CRM in a phased manner. So watch this space for more updates!
Access your files securely from anywhere
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Aishwarya EK
Bueller Bueller
Thomas iwant2help
Bala Ganesh
Sunderjan Siddharth
Sticky Posts
Accessibility in Zoho CRM: Not just a feature—a way to empower
For instructions on setting up these controls, please check this help document: Configuring accessibility controls. Hello everyone, Today (December 3, 2024), on the International Day of Persons with Disabilities, we begin our journey towards a CRM thatAct on your customers' voices in Zoho CRM
Dear Customers, We hope you're well! We are super excited to present a pivotal addition to VoC in Zoho CRM—the ability to act! Customer feedback is directly proportional to customer experience, and in this customer-driven market, that feedback has a powerfulFocus Group Webinar - Streamline Record Creation with Wizards
Hi there, With all the time your users spend on record creation, do you feel like they have the most seamless experience while doing it? For different types of records or those with a LOT of fields, do your users spend time navigating to enter data repeatedly?Notes and Attachments visibility can now be restricted based on profiles
Dear All, We hope you're well! We are here with a quick update about Notes and Attachments profile permissions. In the past, a record's Notes and Attachments were visible by default to all users with record access. However, as notes and attachments canIdentify and prioritize profitable deals: Zoho CRM Forecasts help users focus on revenue-driving opportunities
Post moderated on: 7th November: Release update: This feature is now available for users in all DCs. Dear Customers, We hope you're well! At any given time, a sales rep handles multiple deals, each progressing at its own pace. But not all deals will succeed—some
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho DataPrep Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Chronicles of 2024: The Year in Retrospect
As we close out 2024, let’s take a moment to highlight the new features and updates that have enhanced Zoho Invoice in 2024. Among the exciting enhancements, we have launched a new AI-powered chatbot designed to assist you in understanding the app's featuresPower of Automation :: Automatically archive your inactive Projects
Hello Everyone, A custom function is a software code that can be used to automate a process and this allows you to automate a notification, call a webhook, or perform logic immediately after a workflow rule is triggered. This feature helps to automate554 5.1.8 Email Outgoing Blocked
HELP!!!!! My e-mail marymariya@zoho.com is blocked. Error: 554 5.1.8 Email Outgoing Blocked The third day I am writing to the forum, but zohosupport is not responding. Why? What is the problem? I ask to help solve the problem, because I can not communicate with my customer base.Zoho Inventory: Rewinding 2024
Custom Modules Now available for Standard and Professional Editions with Expanded Limits across all editions
#CRM25Q1 Hello Everyone, We are here with an exciting update to Custom Modules in Zoho CRM. Custom modules will now be available to Standard and Professional Edition users, with expanded support across all editions. The standard modules offered in ZohoAssistance with Custom Attendance Report in Zoho People
Hi, I created a custom report in Zoho People 5.0 to track employee attendance according to our specific needs, as the existing reports do not include all the required details. However, I’ve noticed that the report doesn’t update continuously or on a dailyZoho analyticsでのタブを跨いだ集計
Zoho analyticsまたはCRMレポートなどを用いて、 見込み客タブと商談タブで共通するユニークキー(リード管理番号)を軸に、「共通選択リスト」で設定した項目別の集計を行うことは可能でしょうか? ・要望 ①リード管理番号をキーに、見込み客テーブルと商談テーブルを結合したRAWデータを作成したい ②具体的には下記表のように「共通選択リスト」項目(サービス)別のマーケ数値を一表にしたい ※リード=見込み客タブ 商談・成約=商談タブ リード数 商談数 成約数 サービスA 10 5 2How to refresh the page by widget in related list?
Hello, ZOHO.CRM.UI.Popup.closeReload method does the thing I need. But in my case, I'm not using popup. I have a widget in related list and I want to refresh the page when I'm done with it. I searched for it but I wasn't able to find it. Is there an anyyour phone line in the uk doesnt work i need help now
i need to speak with customer service urgentlyTop Menu Disappeared from Blog Page
Hi, Our top menu disappeared at Blog Posts page. However, it's still visible any other page on the website. I attached two screenshots, so it can be understood clearly. How can we bring back top menu? Thanks, K.Missing phone numbers
yesterday I have noticed that most contacts' phone numbers are missing. At first I thought it is a synchronisation problem with my Android phone but as I have found later, numbers are missing on Zoho. I have tried to reimport contacts from a backup butCustomise 404 page in Zoho Sites 2.0
Is it possible to customise the 404 page in Zoho Sites 2? You use to create a new 404 page and that became the default 404 page, but this does not seem to work anymore? Any pointers/suggestions/support appreciated :)[Important announcement] Zoho Writer will mandate DKIM configuration for automation users
Hi all, Effective Dec. 31, 2024, configuring DKIM for From addresses will be mandatory to send emails via Zoho Writer. DKIM configuration allows recipient email servers to identify your emails as valid and not spam. Emails sent from domains without DKIMCreate workflow rules based on notes
Last modified on 17/04/2023: Creating Workflow rules based on notes is now available for all Zoho CRM users in all DCs. Note that it was an early access feature available only upon request. As of April 13, 2023, it is rolled out for al Zoho CRM accounts.Workflow sync between zoho books and zoho inventory
Hello, While the custom fields, validation rules and even custom buttons are sync'd between zoho books and zoho inventory, the workflow rules do not. Not sure if this is an intentional purpose of zoho team for some good reason or if it's in the developmentItem sales account via api
Hey everyone, I’m making an invoice using the create invoice endpoint on the api. Is it possible to set a sales account in the line_items attributes?Zoho Please change your ways
I started using Your new Zoho bookings in earnest 3 days ago. What a mistake. Once again, everything is backwards and upside down. I had to spend 5 hours testing how the thing works in order for me to understand how to acutally use it. When i started using google calendar years ago. it took seconds to figure out how it works. Why is that. bc they put everything in places where it makes sense. Today, I needed to add an appointment as well as a time off. Stupid me i added the time off first,Make a ticket visible in the Community
Hi there, It is possible to have a conversation with a customer via a ticket and eventually the proposed solution isn't possible yet. Therefore you want to add it as an idea in the Community, available and open to everyone that is in the community, soZoho email folders gone
Hi, All my email folders are gone, i cant found any email, except sent. Also before folder rulesas was changed and i didnt fixed them, could you please check it?Pause/Resume Subscrtiption API
I don't see the option to Pause/Resume a subscription using the API, is it in the pipeline?Update Department on Ticket (with applied Blueprint)
Hello, Is it possible to update the Department of a ticket which is dictated by a blueprint, e.g. I would like to change departments at different states in the Blueprint. I do not see this is an option in workflow rules or blueprint transition actions,ERROR_CODE :554, ERROR_CODE :rejected due to spam
Please verify bounce message: This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. xxx@thalesesec.com Error, ERROR_CODE :554, ERROR_CODECan't verify domain with AWS Route53
I have a domain successfully transferred to AWS Route53 from NameCheap. When I try to CNAME or TXT Records as suggested, they are added in AWS console however zohomail does not verify them. For the TXT record zohomail says the value is wrong, whereasSent emails not going and showing "Processing"
Hello Team, Could you please assist with sent emails showing "processing" and not actually going through? Many thanks and regards, CycologyLinkedIn verification link and otp not receiving
For the last 2 to 3 weeks I'm trying to verify my LinkedIn account to access my company's LinkedIn page, Linkedin is sending verification links and codes to this email address but I have not received any codes or links. Please help me here. Looking forwardsend file to ftp or another external service
i'v created a zoho creator application for take a picture and rename it by phone. Now i need to send Each renamed pictures to my ftp or to specific folder on google drive...then, delete it from creator. (every picture recived it will processed by another program and stored on my Erp) HOW CAN I DO ??Mass pdfs into OCR field
I am working on a Creator app that my org will use internally. Is there any way to mass upload pfs through a form with an OCR file upload field? Is Creator capable of this, or would I need to use Catalyst?How to upload a file to form file upload field from deluge script.
Hi guys, I need to store API response into Form File upload field . I'm not getting any errors but PDF file is not assigned to file upload field. You can check possibilities using below details: Method: POST URL: https://v2.convertapi.com/convert/web/to/pdf?Secret=<<SecretKey>>&Token=<<APIKey>>&Url=https://www.google.com You need to generate secretKey and APIKey by Login to https://www.convertapi.com/a/su Response: { "ConversionCost": 4, "Files": { "FileName": "www_google_com.pdf", "FileSize": 68342,Export view via deluge.
Hi, Is it possible to export a view (as a spreadsheet) via deluge? I would like to be able to export a view as a spreadsheet when a user clicks a button. ThanksSubform Time field showing as null in script.
Good Afternoon everyone. I am trying to take the information from my subform and populate it into a multiline field in the CRM. The code below works with no errors. The problem is, it shows that the Open and Close (Time fields) are null. But they areIs there a way to sort report on record template by a specific field like date field
Hi, Is it possible to sort the report on the record template by the date field and not the default Added Time. Please check the example bellow: The records are sorting by the added time I wand to change that by the date field,Shared subfolders
Am I right in thinking that there is no Zoho email application that allows me to create a shared inbox and then add additional folders/subfolders under that inbox? If so, this is really quite incredible and probably a deal breaker for us to start usingUpdate Multi select field values to another form table as individual record
Hi, I am new to coding and do basics within deluge. I need help with the deluge script to meet the following requirement. Form Student Attendance The fields are : Attendance Date Course (Lookup to Course Form) Class (Lookup to Class Form) Students (MultiShared Mailbox - Mark as read for all users
Hi all, Maybe someone can help me out. At the moment we have a shared mailbox without streams. When a users reads an mail or marks it as read other users will not see this. How can we resolve this? We now archive the mails when read and followed up. HoweverAllocate emails to user in a shared mailbox
Hi, This might be obvious, but I cannot find the answer. I have 3 shared mailboxes so any team member can see the emails. Is there a way of allocating a specific email to a user so that it is their responsibility to deal with it? Thanks in advance.How to view shared mailbox in Outlook
How to view shared mailbox in Outlook or in another softwareCustomising the approval email
Is there anyway to customise the Approval email or to add further fields as the default looks so basic and unlike any of the other email notifications from Desk. My users just thought it was spam.Pushing GCLID info from Gravity Forms to ZohoCRM
We are switching to Gravity Forms from Zoho Forms and I cannot find any good info on how to make sure my GCLID tracking info is pushed through to the CRM through my new forms. There was an article in the documentation about placing something within theIssue Configuring SSO Integration with Cognito in Zoho Help Center
Dear Zoho Support Team, We have been working on configuring SSO integration for our Zoho Help Center using Amazon Cognito. While the setup appears to be completed successfully, we are encountering an issue when attempting to access the Help Center. TheNeed manual aggregate column pathing help
See linked video here: https://workdrive.zohoexternal.com/external/a5bef0f0889c18a02f722e59399979c604ce0660a1caf50b5fdc61d92166b3e7Next Page