With regards to the Tribe CRM system, its architected on Dynamics365 and takes advantage of a number of standard features to ensure compliance with GDPR regulation including :
- Secure logins and identify management
- Access permission based on Roles
- Record and Field level security for access
Specifics around data portability, the right to be forgotten and the right not to be profiled can all be met with standard functionality within the Tribe software, and Microsoft themselves are committed to ensuring Dynamics365 can meet the GDPR regulations, and so as a partner on their EU and Global Partner Advisory Councils we are working closely with them to ensure this happens – in a timely fashion.
We conduct regular penetration tests of our infrastructure and of our Tribe Cloud Servers to identify any vulnerabilities and all TSG processes are currently being updated to ensure both compliance with GDPR and the next annual audit due in January 2018.
Out implementation methodology (‘GURU’) has been updated to include tick boxes that the customer has updated their privacy policies, their legal basis for processing personal data, the basis for consent, the policy on data breaches, a DPO has been nominated etc…..
Over the next 3 months, we expect to be issuing further notices on our offerings with regards to the GDPR regulations, as well as statements on our own products (Tribe, Elementary and Traveller) and their adherence to the regulations.
So, whilst this isn’t an all-encompassing statement, its very much ‘watch this space’ as we head into May 2018.