GDPR in Salesforce

​
 

What is GDPR?

​GDPR is Europe’s data privacy and security law that imposes obligations on organizations collection and use of personal information. 

​

​

Who does it apply to?

Any enterprise, regardless of location, which collects or processes personal data of EU residents are subject to GDPR regulations. This is often referred to as ‘Cross border enforcement’.

​​

​

Should we care about GDPR?

As the #1 customer relationship management (CRM) platform in the world, Salesforce customers need to ensure client information is collected and processed securely.

 

Leads, customers, partners, employees or any other relationship with an individual that your organization engages with and their information is under the purview of data privacy. 

 

Having data centralized in Salesforce provides endless opportunities in reducing friction and removing barriers to how it is used. It also means there are multiple approaches in building automation behind the scenes. In the simplest terms one can take a manual or automated approach.

 

We asked our Cloud Compliance for Salesforce customers how they viewed the specifics around GDPR and below is the summary: 

​​

​

​What do we have to address in our org?

​First and foremost, data privacy has legal ramifications and the best place to start is speaking to your legal and compliance team.

 

While the Cloud Compliance for Salesforce managed package provides all the automation we need, they are not a law firm and won’t pay any GDPR fines for your company. 

 

Common GDPR requirements that apply to Salesforce:​

​