• Cookie Policy (UK)
  • Cookie Policy (EU)

Salesforce Partner UK & Marketing consultants

5-Star, Certified, Experienced. Data Cloud, Sales Cloud, Service Cloud

Call +44 (0)330 808 3317
Salesforce consultant - marketing consultants, Salesforce partner UK REVIEWS
  • SALESFORCE CONSULTING
    • Pardot Consulting
      • Pardot Services to support your ongoing success
    • Marketing Cloud Consulting
      • Salesforce Data Cloud for Marketing
    • CDP Implementation Consultants
    • Sales Cloud Consulting
      • Salesforce Managed Services
    • Salesforce Service Cloud Consulting
    • Salesforce integrators for ISV partners
      • Build Your Email Marketing with Campaign Monitor for Salesforce
      • Emma for Salesforce
      • The Best Email Marketing Packages for Small Business
    • Salesforce Community Cloud Implementation
  • CLIENT SUCCESS
    • Clients Who Trust Us
    • Testimonials
    • Healthcare Case Study – Patient Communication
    • Salesforce nonprofit case study – LoveYourBrain’s marketing automation platform migration
    • Marketing Cloud Case Study for Church Community
    • Salesforce Marketing Cloud Case Study: Luxury Membership Club
  • ABOUT
    • Our Leadership
    • Our Team
      • Jobs
    • Our 1% Pledge
    • Press
  • BOOK A DISCOVERY CALL
  • CONTACT
    • Contact us by email
    • Call us at +44 (0)330 808 3317
    • Ask us a question
    • Get a Salesforce Demo
    • Marketing Cloud Prep Workshop
  • FREE RESOURCES
    • What is Salesforce
      • What lies ahead: Salesforce Roadmap in 4 min videos
    • Marketing Cloud
      • Salesforce Marketing Cloud Case Study – B2B2C – Great read for Cat lovers
      • Salesforce Marketing Cloud FAQ
      • Boost Retention w/ Salesforce Loyalty Management Solutions
    • Pardot
      • Pardot Naming Convention Generator
      • Guinness World Records Pardot Case Study
    • Sales Cloud
      • Hospitality Case Study
      • Grow Your Business Successfully with Salesforce CPQ
      • Build Your Email Marketing with Campaign Monitor for Salesforce
    • Service Cloud
    • Salesforce Communities
    • Strategic Marketing
    • Other Digital Marketing Platforms and Tools
      • SEcockpit for SEO
      • Trendemon for Journey Optimising
      • Hootsuite for Social Mgt
      • WordPress
  • SALESFORCE BLOG
    • Insights for Marketing
    • For Sales & RevOps
    • Small Business Tips
    • Tips & Tools for Service
    • For Salesforce Leadership
    • Our Salesforce Webinars & Events

GDPR Compliance Process – Checklist for Companies

January 24, 2018 By ASTRID VAN DORST

The General Data Protection Regulation (GDPR). It’s the EU’s – UK’s new landmark privacy law will take effect on May 25, 2018. That’s around the corner. Have you started yet? If not, get quickly up to speed with this GDPR Compliance Process – Checklist for companies.

 

GDPR Compliance Process in 5 “easy” Steps: What Companies Need to Do

This GDPR Compliance Process and step-by-step Checklist is intended for our clients who are Salesforce and Marketing Cloud users to help them sort their compliance challenges, and quickly forge a path towards compliance, in 5 “easy” (or, not so easy) steps:

GDPR Compliance Process - Checklist

Let’s work through the checklist. For each major step, there are a couple of activities. As follows:

STEP 1. Get All Informed.

  • You: Learn about GDPR requirements for your particular business. If you are in an industry with sensitive personal data, your data management requirements will be stricter. (see this article: GDPR: What you need to know today.)
  • Management:Raise its awareness of the importance of GDPR compliance. This seem like extra nuisance paperwork to some business leaders who hope it will go away if they don’t look into it. Not so. Forge action.

 

STEP 2. Get to Build the Team.

  • Approval: Get management approval for needed budget & staff (your time, time of critical other employees who ought to be your team mates).
  • Lead: Appoint a GDPR “captain”.
  • Board: Build a steering committee with key functional managers. Get everyone on board and talking about it.
  • Champions: Pinpoint data protection champions throughout your company.

 

STEP 3. Assess Your Business.

  • SWOT: Assess the strengths and weaknesses of current privacy and security efforts. Is there anything in place yet? Look for “trouble spots”, areas of data management that must be cleaned up.
  • Create Data Inventory, embracing all data, in all systems. That is: everyone’s laptop, all databases, everywhere where the company stores personal data. For each data set, mark:
    • Specific purpose of holding the data.
    • When was individual consent obtained and for what specific usage.
    • Reasonable timeframe of holding the data, relating to that time frame. E.g.
      if people consented to get information regarding a particular seminar, and that seminar is passed, you probably don’t need to keep their personal data.
  • Create a Process Register: list all data processing activities. Depending what your company does with customer data, this can be quite a job.
  • Conduct a Privacy Impact Assessment: for high-risk activities.
  • Resolve issues and document current compliance..

 

STEP 4. Establish Controls & Processes.

Next, you need to setup a system that will ensure continued compliance over time.

  • Notices: Place privacy notices where/where your company collects personal data.
  • Controls: Set data-usage-controls to limit data usage to the purposes for which it was collected.
  • Consent Mechanisms: Establish mechanisms to manage data subject consent preferences.
  • Detection Measures: Implement appropriate administrative, physical, and technological security measures and processes to detect and respond to security breaches.
  • Response Procedures: Establish procedures to respond to data subject requests for access, rectification, objection, restriction, portability, and deletion (right to be forgotten).
  • Contracts: Enter into contracts with affiliates and vendors that collect or receive personal data. Salesforce & Marketing Cloud Customers, need this contract addendum: Salesforce Data Processing Addendum, plus this Salesforce Trust and Compliance Documentation for each Service. You will need this for each of your key data -related vendor.
  • Process: Establish a Privacy Impact Assessments’ Process. (Read the ICO’s Privacy by Design overview
  • Training: Conduct Employee & Vendor ‘privacy and security awareness’-Training.

 

STEP 5. Document Compliance & Upkeep.

  • Compile: copies of privacy notices and consent forms, the data inventory and register of data processing activities, written policies and procedures, training materials, intra-company data transfer agreements, and vendor contracts.
  • Appoint, if required, a Data Protection Officer, and identify the appropriate EU supervisory authority. (See Salesforce’s GDPR Facts vs. Fiction to see if you need an officer).
    Not everyone does.
  • Conduct: periodic risk assessments.

 

The GDPR Compliance Process – In conclusion

How much work this is varies by business. Best to start a.s.a.p.

I personally see all these legal requirements as a great opportunity for companies to become more customer-centric, and as such, become better marketer/more successful sellers. If you truly have your customers’ interest at heart, and you look at the world from their point of view, ‘blasting emails’ becomes repugnant. You’ll adopt an attitude of ‘helping them to achieve their goals’ instead.

I believe this attitude is the right angle to grow your business in much better way. The competitive game in 2018 is all about winning on customer experience. Use this legal compliance exercise to forge a shift towards helping customers in your organisation.

Disclaimer

Only lawyers can give you legal advice. We are not lawyers and our articles do not constitute legal advice. Therefore, we cannot take any responsibility for your compliance.

More GDPR & Related Resources

We just held a London Salesforce MARKETING CLOUD user group meeting on GDPR. Our presenter, Stephan Chandler-Garcia, is a well-known GDPR expert.

Stephan pointed out several additional complications for UK firms in particular:

1) GDPR is a European initiative. The UK will first be part of that, for a while. After that, upon Brexit, this legislation will be replaced by a UK regulation, which may be more stringent. This UK legislation is still being developed.

2) There is also the ePrivacy Regulation (ePR) and the (PECR), which was mentioned here, in a previous article: GDPR- what you need to know today. Here is the ICO Guide for PECR audits.

Do see our video below to learn more about these nuances and a wealth of further information on how you can gain legal compliance in this complex, broad and potentially costly data regulatory world.

 

Last Updated on June 30, 2023

Filed Under: Marketing Cloud Salesforce, Salesforce Sales Cloud Tagged With: Data Protection

Want better
revenue marketing?


Expert UK salesforce consultants
Start today.

Get a FREE consultation with our Salesforce experts.




Follow us

LATEST ARTICLES – Tips & Insights from Salesforce experts

  • Get Started w. Data Cloud: ‘free’ licenses, certs and success
  • Marketing Automation for Tight Budgets – Solution: Unlock its ROI
  • Top Takeaways Salesforce Dreamforce 2023
  • Target Specific Industries with Personalised Campaigns for marketing success!
  • Top Sources of Free Stock Images to Promote your Content and Improve your Email Marketing
  • Top ChatGPT Prompts for Marketing & Business Success
  • What wows us in Winter 24 for Account Engagement?
  • Salesforce Social Studio: best alternatives to build a social business
  • Mastering Salesforce Prompt Studio: Tips for AI Success
  • Email Marketing Best Practices for Preference Centre Success
  • How to craft an AI Marketing Strategy for growth & success
  • Aligning Salesforce CRM Solutions in Construction industry M&A
  • 5 Email Relay Salesforce Benefits You Didn’t Know But Could Use
  • Marketing GPT, Commerce GPT: Lift Campaigns & Shopping w/ Generative AI
  • Adopting gender-inclusive language by design: The Infinite Guide
  • For easy Pardot email validating, get Email Validator for MCAE
  • Use our top 10 Salesforce Marketing Cloud features for best results
  • How to implement Salesforce Events software for successful events and members services
  • How many Account-based Marketing companies to target?
  • How to move your Contact Centre from a Cost Centre to a Profit Centre

TOPICS

Salesforce Marketing Cloud Specialists Consultants UK - CloudAnalysts

Salesforce Consulting Partner
CloudAnalysts Proudly Took the 1 Percent Pledge
CloudAnalysts Proudly Took the 1 Percent Pledge

CloudAnalysts
Ridge Salesforce UK Consulting Partner
0330 808 3317

Registered office
1 Rosemont Road
London NW3 6NG
UK

Serving clients in:
UK, EMEA, US, Canada.

WHAT CLIENTS SAY


star_rate star_rate star_rate star_rate star_rate

"Exceptionally well executed project"
"CloudAnalysts did an excellent job designing and implementing our Salesforce Marketing Cloud solution within 2-3 weeks to swiftly migrate from Oracle Service Cloud ensuring business-continuity." -- CIO


star_rate star_rate star_rate star_rate star_rate

From scoping to delivery, Cloud Analysts were professional, knowledgeable, flexible and accommodating." -- IT Projects Delivery Manager


star_rate star_rate star_rate star_rate star_rate

"Exceptionally talented marketeers"
"Helped me reframe my thinking about how we should be approaching sales and marketing." -- Head of Operations and Franchise Development


Copyright © 2023 CloudAnalysts, owned and operated by Aryta Ltd. | Privacy Policy | Cookie Policy