Article 25
Data protection by design and by default
For Salesforce customers this article is generally the most challenging to understand. It covers a number of different privacy rights such as the right to revoke consent, view/access/obtain their personal information and in some cases, right to erasure. Where applicable information must be given on who the data controller and data protection officer is.
Impact
Business processes and measures are required to support pseudonymization, commonly referred to as de-identification or anonymization of customer information. Having a simple process to comply with the right to view/access/obtain information is also critical.
Solutions
Manual: Build a flow process or apex to delete or anonymize requested customer data
Automated: Consent Management
Next: Article 30
  • Grey Facebook Icon
  • Grey Twitter Icon
  • Grey LinkedIn Icon

All statements for informational purposes only

© 2020 Plumcloud Labs - All rights reserved