Reading Time: 4 minutes
Unless you’re a robot, most of your important business is done through your own work email – not through a mass email service. So it’s surprising that most of the attention related to GDPR compliance has focused on email marketing services, not on your real email.
With the GDPR coming into force today, May 25, 2018, European Union citizens need to be able withdraw their consent, you need to be able to track your Lawful Basis for contacting them, and protect yourself against any mistakes regardless of whether you contact them through a mass email service or real email.
To meet these new demands, Cloze is the first email app that has GDPR compliance built-in:
- We’ve included protections so you don’t accidentally email someone you shouldn’t
- You can use Smart Links to automate the process of managing consent. Just add them to your signature and templates once (set and forget) and Cloze takes care of the rest.
And, because Cloze indexes the information from so many different types of systems, we’re the only CRM that can act as a central hub for addressing compliance requests:
- To help with right to be forgotten, Cloze can give you a report of all the places you have personal data stored about someone (even down to which of your devices have copies of their contact records on them).
- To help with right of access, Cloze can automatically create a single unified view of all of the information you hold about someone (from contact information through communication and documents).
New Features to help you comply with the GDPR
You will see several new compliance features in Cloze. All of these are available today in the iOS, Android, and web version of Cloze.
Lawful Basis tracking and enforcement
As the Controller you will need what is called Lawful Basis for the processing of personal information of EU citizens. These are found in Article 6 of the GDPR. To help you with this aspect of the GDPR we automate the tracking and enforcement of your Lawful Basis.
Simply put, with our enforcement feature enabled you can’t email or call someone unless you have the Lawful Basis to do so. It protects you and it protects your entire team.
- Control Scope of Compliance. Do you want to enforce GDPR just for your contacts that are EU or Swiss nationals, or have you made the decision to follow consistent rules with all of your contacts regardless of where they are located? Just toggle a few settings and Cloze will be customized to meet your needs. Learn More
- “Lawful Basis” Custom Field. Cloze includes several standard Custom Fields that you can enable including a standard field called “Lawful Basis”. You can use this field to record your GDPR legal basis for storage and processing of personal information. Learn More
- Separate Work and Personal Use. Cloze recognizes your friends and family separately, so you don’t have to store your Lawful Basis to contact them (though, if you want, you can make Cloze enforce GDPR for them too!).
- “Do Not Contact” Custom Field. You can use this field to track when a contact has opted out of different kinds of communications from you. Learn More
- Auto-Enforce Do Not Contact. If no Lawful Basis is set or the person has opted out you will not be able to contact them via Cloze. Learn More
- Smart Links. Add Smart Links to your email signatures and templates to allow recipients to unsubscribe or to acquire their consent. When a recipient clicks on a Smart Link in an email you send, Cloze knows who they are and customizes the content of the Smart Link page to their language and country. Any changes they make are automatically linked to the above Lawful Basis and Do Not Contact custom fields of their profile, and an audit trail is kept about what change they made and when they made it. Learn More
Right to erasure (aka “right to be forgotten”)
Forgetting is hard! Cloze makes it easy to find and erase this information both inside and outside of Cloze. Under Article 17 of the GDPR EU citizen clients have the “right to erasure” (or “right to be forgotten” as it is better known).
To help you with these right-to-be-forgotten requests we have a Data Cleanup feature that allows you to quickly find and remove contact information, communication history, and content related to a specific person from Cloze.
- Data Cleanup – Permanently delete timeline activity if requested
- Deleting Contacts – Permanently delete a contact record if requested
- Delete specific contact information – Permanently delete specific contact information if requested
Cloze even takes this a step further and also helps you find all of the places outside of Cloze where this data resides as well. Our analysis report gives you detailed view of all the places you need to remove this information when asked to do so.
Right of access and rectification features
EU nationals can ask you for a copy of all data you hold about them. Normally, gathering this information is complicated and tedious – you’d have to search through potentially dozens of systems to collect it.
But, with Cloze, you have one place to go to export a complete history of your activity related to a person (for example what emails and calls you’ve exchanged, notes you’ve taken, documents related to them, etc.) – whether these were originally stored inside or outside Cloze (if Cloze can find it, it’s in the timeline export).
- Export timeline interactions for a person or company
- Export Project or Deal timelines
- Export contact information for a single person
Cloze is Privacy Shield certified
On the legal front, Cloze is Privacy Shield certified. If you are a European or Swiss business, or you hold personal information related to European or Swiss nations, this means you can safely transfer data to Cloze in compliance with all EU and Swiss data protection requirements. You can read more about Privacy Shield at https://www.privacyshield.gov.