Customer Relations in Compliance with Data Protection Regulations

PisaSales CRM supports you and your company with convenient functions for implementing all basic requirements of the European General Data Protection Regulation (GDPR) in handling personal data. By consistently following the implementation of the basic regulation, you not only fulfill the strict legal requirements, but you also show your customers and interested parties that the topic of data protection is important to you. By using PisaSales CRM you are not only legally on the safe side. You can also ensure that personal data is handled in compliance with data protection regulations and that all rights of the people concerned are protected with just a few clicks.

Meet GDPR Requirements Easily 

  • Record with a few clicks for what purpose a person was created in the system
  • Obtain pending consents at the push of a button
  • Checking of e.g. contact lists for existing consents
  • Manual or automatic setting of retention periods
  • Customizable information reports on stored data
  • Three different extinguishing levels

Recording of Intended Use

In PisaSales CRM, you can record with just a few clicks for what purpose a person in the system has been recorded and what is the legal basis for this. Of course you can immediately deposit several purposes or other purposes beyond what is legally required. The system automatically logs all changes and actions for you. This means that you can track at any time who gave or withdrew which consent and when. Furthermore, retention periods for personal data records can be set manually or automatically.

Obtaining Consent

Do people lack consent for a specific purpose? Directly when you call up a person, the system shows you whether all purposes (green), at least one (yellow) or no purpose (red) have a valid legal basis. 

Also when obtaining outstanding consent, you will be specifically supported by PisaSales CRM: At the push of a button, the software generates a personalized e-mail with a link to a likewise personalized web page (microsite) on which the data protection settings of the person concerned are displayed. These can be changed accordingly by ticking or unchecking the box. All changes are automatically transferred to PisaSales CRM and logged exactly. 

At trade fairs or at the customer’s premises, your contact people in the PisaSales CRM apps can give their consent to certain uses simply by signing a finger. Consents or objections received by e-mail, telephone or fax, for example, can also be conveniently recorded in PisaSales CRM. For example, the e-mail is simply checked into the system and assigned as proof when the purpose of use is changed manually (e.g. consent to newsletter dispatch).

Admissibility Check  

Marketing, in particular, is faced with the challenge of addressing interested parties and customers in campaigns in a targeted and at the same time GDPR compliant manner. 

With PisaSales CRM you do not run the risk of addressing contacts without expressed consent. Because the system can check all agreements efficiently for you at created marketing selections – and of course also at various other contact lists – with just one click. Of course, immediately after the check, you can send a serial e-mail to obtain the missing consent to all persons without a valid purpose.

Information about Stored Data 

The PisaSales CRM standard takes into account the strengthening of the rights of data subjects by the European GDPR. If a person makes use of their right to information in accordance with the Article 15 of the GDPR and requests information about their data stored with you, the CRM system will provide you with the appropriate report at the touch of a button. 

This report can be sent simply by e-mail and contains all linked information with personal reference (in addition to personal data, also bank data, telephone logs, purpose of processing, consents granted, linked activities, documents, contact relationships, etc.etc.) The report is easily customizable to avoid unwanted disclosure of internal company information.

Right to Be Forgotten  

Delete requests, expired retention periods or objections of an affected person can be easily done using three delete levels in PisaSales CRM. With a click:

Level 1: All use of a person data are deactivated, mail blocks are set

Level 2: All communication data is deleted except for the e-mail address

Level 3: All personal data is anonymized; the e-mail address remains as an encrypted value on the blacklist, in order to warn by means of a duplicate check in the future if the contact is reinvested.

Recording and Processing   
Data Protection 
Queries & Incidents

For the timely and efficient recording and processing of data protection inquiries and PisaSales CRM provides appropriate processes for data protection incidents that guide the processor through the most important steps and document the course of the respective incident. This means that responsible people can view the status, the related contacts, activities and documents relating to inquiries and incidents at any time. Escalation mechanisms and resubmissions ensure correct process compliance.