GDPR and Zoho CRM - An Introduction
On this page, we'll be taking a look at what the new rules in GDPR are and how Zoho CRM can help you comply with them. We'll also help you understand how to protect your customers’ data.
General Data Protection Regulation (GDPR) is a new set of rules designed to provide EU residents control over how their personal data can be used by companies across the globe. At its core, these rules aim to protect the data of its EU residents. This means organizations need to be well aware of the impact that this will have on individuals and businesses who deal with EU residents' personal data. One also needs to be well-prepared to follow consistent data protection compliance requirements.
First, let's get familiar with Controllers, Processors, and Data Subjects. It is essential to understand and identify the difference in the roles of each.
- Data Controller - Someone who controls the purpose and means of processing personal data. The controller defines how the data should be put to use and why it should be used. Often, data controllers use an external service or another organization to process the data. This is where data processors come in. In this case, control over collected personal data remains with the data controller and is not passed on.
- Data Processor - Organizations that process personal data on behalf of the controller are known as the data processors. They do not have control over what is done with the data nor can they change the purpose of data collection. Processors get limited rights to process the data as per the instructions provided by the controller.
- Data Subject - The person whose personal information you collect are the data subjects. In a business, data subjects tend to be your customers and employees. You collect information from them, such as their name, address, phone number, and email address, to process and contact them for business.
Zoho as a Data Processor
A data processor must have a secure system, tool, and method to collect and store personal data. Zoho CRM is equipped to comply with the GDPR as a data processor. There are many options in Zoho CRM that are designed to help you safeguard your customers' data and meet the security and privacy standards set in GDPR.
Data security and privacy are two different terms that are often used interchangeably. However, they have specific meanings:
- Data privacy revolves around the lawful collection and usage of personal data.
- Data security is having the physical, technical and administrative safeguards in place to protect your customer's data.
As a result, we've introduced options in Zoho CRM that will both:
- help you abide by the privacy rules, and
- provide you a secure platform to protect your customer’s data.
Where to Begin in Zoho CRM?
Step 1 - Switch on GDPR Compliance Settings for your Zoho CRM account.
To switch on GDPR compliance, go to Setup > Security control > Compliance Settings .
Users with the Manage Compliance Settings profile permission can enable it.
After you switch on the GDPR compliance, you need to select the modules that contain data subject's information and for which GDPR compliance is required. Along with Info and Online sections, Data Privacy section will be available for the records in these modules and you can select a lawful basis to process the data.
Step 2 - Update lawful basis to process personal data
By default, all the records in the selected modules will have the Data Processing Basis set to Not Applicable when you enable GDPR Compliance setting from Setup > Security Control > Compliance Settings . You can change this based on your discretion and business cases and update the lawful bases for the records.
Step 3 - When Consent is the lawful bases to process data.
- Customize the consent form from Setup > Security Control > Compliance Settings > Consent Form . See Also Customize consent form .
- Include a link for the form in an email template. You can use this email template to send emails and get the consent details updated from the customers. You can also add the link to the form while composing an email and send it to the recipients. See Also Add Consent Link in an Email Template
Step 4 - View the dashboard that lists the data processing bases for all the records.
Go to Setup > Security control > Compliance Settings > Overview , to view the dashboard that gives you the following details:
- Number of records that have the lawful basis marked as Not Applicable.
- Number of records that have been updated with one of the lawful bases.
- Chart that displays the consent status - Pending , Waiting , Obtained .
Lawful Bases for Data Processing
Consent Management
Data subject rights
Data privacy
Marking personal fields
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
Zoho Sheet Resources
Zoho Forms Resources
Zoho Sign Resources
Sign, Paperless!
Zoho TeamInbox Resources
Zoho DataPrep Resources
Design. Discuss. Deliver.
Related Articles
GDPR Compliance
Enable GDPR Compliance and protect your customer data from unauthorized access Help guide GDPR and Zoho CRM - An Introduction Consent Management Data Subject Rights Data PrivacyHIPAA Compliance with Zoho CRM
The Health Insurance Portability and Accountability Act (including the Privacy Rule, Security Rule, Breach notification Rule, and Health Information Technology for Economic and Clinical Health Act) ("HIPAA"), requires Covered Entities and Business ...Introduction to Zoho CRM
What is CRM? Customer Relationship Management (CRM) can be defined in many ways depending on what an individual intends to achieve. For some, it is the strategy to identify, understand, manage, and cater to the business needs of their prospects and ...Understand your CRM Account
Key CRM Terminologies In any business environment, there are terms such as Leads, Deals, Campaigns, Invoices, etc. Following are the list of such terms and their definitions as used in Zoho CRM. You can refer to more such terms in the Zoho CRM's ...Troubleshooting Zoho Campaigns integration with Zoho CRM
1. Why aren't all of my contacts syncing between Zoho CRM and Campaigns? There can be a few reasons why your Zoho CRM contacts are not syncing in Campaigns. No email address has been entered in your customer account: Double check to ensure there ...