Right to be informed of any personal data processing
You must have the customer’s consent to store and process personal data, send out newsletters and to process their data in other ways.
Lime CRM allows you to specify a purpose for storing of personal data. For example, “We need to store customer information to be able to sell our products”. This purpose is displayed to the customer via the GDPR portal when the user gives them access to their personal data.
Various types of available consents can easily be configured by the system administrator directly in Lime CRM.
Right to access
You must allow your customer access to the data held about him or her, when so requested by them.
Lime CRM allows you to search and find a customer and then click on a link in the Actionpad, which connects to a temporary webpage. The customer can view and edit their personal data in Lime CRM. It’s a temporary link, only accessible for a limited period of time.
Based on your specific CRM solution, you can configure what data to display and make editable for the customer.
Right to correction of personal data
The customer is entitled to get their personal data rectified.
Via the GDPR portal, the customer can easily correct their personal data in Lime CRM. Alternatively, and based on the customer’s request, you can correct the data directly in Lime CRM on their behalf.
Right to data portability
The customer is entitled to obtain a copy of the personal data held on them.
Lime CRM allows the customer to easily export their personal data from the GDPR portal. They can choose to export to Excel or JSON. As a Lime CRM user, you have the same functionality via the Actionpad.
Personal data breach and incident management under GDPR
Under GDPR, you must notify relevant customers of a personal data breach within 72 hours after having become aware of it. For example, if you become aware that an unauthorised party has gained access to your customer database, the affected customers must be notified.
Using the already built-in standard feature for mass-mailings in Lime CRM, you can easily contact customers that are potentially impacted by a personal data breach.
Right to be forgotten
The customer is entitled to have their personal data erased. In Lime CRM, this is done by means of anonymisation. When the customer requests to be anonymised, a final date is set for when the customer shall be anonymised.
The GDPR portal
The GDPR portal is where the customer gets access to all personal data in Lime CRM, and where the customer can do the following:
1. View their personal and related data.
2. Correct certain data that is then synchronised directly with Lime CRM.
3. Export personal data. Data can be exported directly by the customer in Excel or JSON formats. See what data the customer has provided and withdrawn or wants to add or erase.