The Right to be forgotten has taken the world by storm and European Parliament General Data Protection Regulation (GDPR) guidelines have marketers anxious and worried for months. GDPR has forced organizations to rethink customer data and privacy with a ‘Privacy by Design’ approach. This means consent from customers is required to hold their data.

 

Apart from posing as a burden for marketing and data professionals, GDPR also means a huge change in internal processes. Salesforce’s Spring ‘18 Release solved this to a large extent, containing essential components for data protection and privacy.

Managing Consent

GDPR brings the onus of responsibility towards ensuring that corporations have the right approval from there users on how to leverage the data that they have collected. Salesforce has configured privacy settings across the various roles in an organization, customers can leverage an amalgamation of Standard Objects and its settings, Custom Objects, and combine their own business workflows to configure their compliance requirements.

The ‘Individual’ object

A new standard object called ‘Individual’ was released in Spring ’18 Salesforce. It essentially registers a person’s data preferences – how they wish their data to be stored, used, and shared. ‘Individual’ records have a lookup relationship to a Lead, Person Account, Contact, and custom object, carrying extra contextual information. The User object can also be linked via Apex which means that an individual with any Lead, Contact, Person Account can relate all of them to a single Individual record.

The Individual object can hold a higher level of consent data. In the future, Salesforce is expected to launch Consent objects to control the type of consent, date of obtaining and expiry, as required by GDPR. Until they become available you can create these as custom objects.

The ‘Individual’ object can be enabled from Setup. It can be found under ‘Data Protection and Privacy. On clicking edit, you can check the box ‘make data protection details available in records’. On adding the ‘Individual’ field to the Lead and Contact page layouts, you can associate a Contact/Lead to their relevant ‘Individual’ record via lookup.

How Salesforce Enables GDPR Compliance 2

Out-of-the-box records are basic but functional. These are the fields ready for use, not necessary for you to create.

 

Checkboxes:

 

  • Don’t Market, Don’t Process, Don’t Profile, Don’t Track
  • Block Geolocation Tracking
  • Export Individual’s Data
  • Ok to Store Personally Identifiable Information Data Elsewhere, also known as data transfer
  • Forget this Individual

Change Tracking:

  • Created by/Date
  • Modified by/Date

Creating Individual records

Instead of using Apex to create Individual records one by one, take a segmented approach. Start with records with the strongest consent.

 

  1. Create an Individual record related to every Contact that has a contract with the organization. Add the Privacy Permission record with a Privacy Source of “contract” to validate your contractual agreement to process data at the time an individual is a customer.
  2. Look at all Contact with open Opportunities. Before creating a new Individual record, check if it already exists and connects it to the Contact. Add the Privacy Permission record with a Privacy Source of “Legitimate Interest” to validate an individual is an engaged customer and can have a shared legitimate interest in your organization.
  3. Look at Contacts connected to campaigns and determine how long back the campaigns were held and if the person actually consented to you holding their data. If you have a record of them opting in, this consent may still be valid but still check with the legal team.
  4. Look at your Lead data and assess if you evidence of the individual actually consenting to you holding their data.

Enabling compliance

Storing customer information is important to enabling efficiencies and control to data processing. The Individual object can be used as the basis of workflows such as data deletion for data that has been kept for longer than is necessary. Salesforce users can leverage standard reporting to categorize and filter records before executing mass actions, such as sharing with third parties. Using Salesforce reports for campaign segmentation means one can be sure of excluding anyone who has opted out of marketing communications and who do not wish to be profiled.

 

A ‘Privacy by Design’ approach in Salesforce is sure to reap long-term benefits using the Individual object and adding custom consent objects. Using the Individual object as the basis of privacy data is important. If you want your organization to be GDPR-compliant, it is important to track consent data in custom objects.

Portability

In a GDPR regime corporations are required to share an individual’s personal data in an easy to understand format that they have acquired about a consumer. Salesforce enables corporations to export data in several of these formats, including CSV, XLS, JSON, and XML.

Data Security

Security is one of the key principles of the GDPR and measures are required to protect personal data. Some of the measures include user authentication and access controls. Corporations leveraging the Salesforce platform can rest assured about cloud security and can deploy access controls and other measures to secure their Data.

Wrapping Up

There are various solutions out there that enable corporations to become GDPR compliant, but if a corporation is looking at securing and complying with the regulations set forth by GDPR Salesforce can be one of the easiest solutions to implement.

Share This Blog
Related Articles
Beginners Guide to Making Your LWC Component Multilingual
Beginner’s Guide to Making Your LWC Component Multilingual

If you’re wondering how to make your LWC component multilingual, you’re already ahead of the curve. Global users expect content in their native language, and Salesforce gives you the tools to deliver exactly that. With Custom Labels and the Translation Workbench, you can easily localize your Lightning Web Components without touching a single line of […]

Read More
Hands-On Guide Building a Drag-and-Drop Form Builder Using Lightning Web Components
Hands-On Guide: Building a Drag-and-Drop Form Builder Using Lightning Web Components

Drag-and-drop interfaces are a user experience staple, and when paired with the power of Lightning Web Components (LWC), they unlock dynamic, highly interactive Salesforce components. In this blog post, we’ll walk you through how to build a custom drag-and-drop form builder in LWC. Users can drag form fields like text inputs and dropdowns into a […]

Read More
Please Make Blog Banner How to Create an Agentforce Enabled Scratch Org in Salesforce 100 1
How to Create an Agentforce-Enabled Scratch Org in Salesforce

Setting up an Agentforce-enabled scratch org is the most important step for developers who want to experiment with AI features such as Prompt Builder and Einstein GPT. Whether you’re developing the next generation CRM software or experimenting with how generative AI may improve user experience, a scratch org equipped with Agentforce is your playground. Follow […]

Read More
Step-by-Step Guide to Enhance Your LWC Development Workflow with the Logger API
Step-by-Step Guide to Enhance Your LWC Development Workflow with the Logger API

Are you looking to streamline your LWC development workflow but confused about how to do it? Then you are in the right place. The Salesforce Logger API is a powerful tool that helps you monitor, debug, and improve code quality in real time.  This step-by-step guide walks you through how to set it up and […]

Read More
Enhancing Your Salesforce Experience with a Custom Activity Component
Enhancing Your Salesforce Experience with a Custom Activity Component

In today’s fast-paced business landscape, productivity hinges on streamlined workflows and intuitive interfaces. While Salesforce offers robust activity tracking capabilities, sometimes the standard components fall short of specific organizational needs.  That’s where a Custom Activity Component comes in—designed to tailor your activity management experience, boost user efficiency, and provide deeper insights into customer interactions. In […]

Read More
Step-by-Step Guide to Integrating Salesforce Doc-Gen with eSigning Tools
A Step-by-Step Guide to Integrating Salesforce Doc-Gen with eSigning Tools

In today’s fast-paced digital landscape, streamlining document workflows is no longer a luxury—it’s a necessity.  Integrating a document generation app, like Docs Made Easy, with an eSigning tool, helps businesses automate the entire document lifecycle—from creation to signature—saving time, reducing errors, and boosting productivity. In this guide, we’ll walk you through the key steps, tools, […]

Read More
Our Location worldwide
Indian Flag India
3rd Floor, A-10, Pegasus Tower, Sector 68, Noida, Uttar Pradesh 201301 +91-1203117884
United States of America Flag USA
333 West Brown Deer Road Unit G – 366 Milwaukee WI, USA 53217 +1(262) 310-7818
United Kingdom Flag UK
7 Bell Yard, London, WC2A 2JR +44 20 3239 9428
Canada Canada
HIC Global Solutions INC
43 Lafferty Lane, Richmond Hill, L4C 3N8, CA +1(262) 310-7818