top of page
Article 25
Data protection by design and by default
​
For Salesforce customers this article is generally the most challenging to understand. It covers a number of different privacy rights such as the right to revoke consent, view/access/obtain their personal information and in some cases, right to erasure. Where applicable information must be given on who the data controller and data protection officer is.
​
Impact
​
Business processes and measures are required to support pseudonymization, commonly referred to as de-identification or anonymization of customer information. Having a simple process to comply with the right to view/access/obtain information is also critical.
​
Solutions
​
Manual: Build a flow process or apex to delete or anonymize requested customer data
​
Automated: Consent Management
​
Next: Article 30
​
​
bottom of page