GDPR requires organisations to protect the data it holds about individuals. As a result of our Pan Government Security Accreditation, ProTech clients can be confident that our solutions are independently tested and assured at regular intervals by a Government approved ‘CHECK’ agency. Furthermore, we only use UK sovereign data centres for our ProCloud hosted solution.
In terms of our CRM application, Pro9, we have already completed a number of key enhancements to support GDPR, these are:
- Enhancements to Pro9’s data archiving and deletion capabilities to make it easier for our clients to forensically remove data where consent has been withdrawn.
- A subject access request workflow which automates the initial request to provide the ‘subject’ with a copy of all the data you hold about a customer. There are strict deadlines for responding to these requests and Pro9 monitors the case to ensure these timescales are adhered to.
- The workflow also supports the processing of the legal requirement around the ‘right to be forgotten’. Pro9 monitors the request ‘to be forgotten’ and ensures that the relevant data is removed from the system.
- Although our clients can delete entire records to comply with a member’s ‘right to be forgotten’, ProTech has worked to ensure the integrity of reports they may run which draw on historical data.
Further actions that ProTech will take
From autumn 2017, our digital platform ProWeb will support our clients’ members to provide informed consent to data collection and processing as part of their online registration process.
This feature will also ensure that members’ preferences are automatically updated by our specialist CRM software, Pro9, so that our clients only hold and process data where informed consent has been provided.
If you require any further information from ProTech please contact Kim.Smith@protech.co.uk