GDPR is fast approaching, and as companies prepare, they are assessing not only their own data, but the systems that house that data. One of the biggest software investments for companies across all industries is CRM. In the next few weeks, we’ll look at some of the major CRM systems and how they are preparing their products for GDPR compliance — starting with SugarCRM. Here’s what we know about Sugar’s plans for GDPR compliance.

SugarCRM’s Spring release (version 8.0) will include data privacy functionality for data controllers complying with GDPR. The release will be accessible to all product users, whether they use the on-premises or Cloud version of the software. While the company cautions that the final Spring release may be altered at their discretion, they are currently citing some major changes which include:

New Opt-in Defaults

Currently, SugarCRM defaults to an implicit opt-in for all new emails. Its new release will mitigate this by allowing administrators to default the system to opt-out new email addresses. Addresses that are opted out will display indicators in the CRM that show the individual can be contacted for business purposes, but not for marketing.

Data Privacy Management Module

A data privacy management module will track any changes to customer consent and allow consent to be withdrawn by the data subject. Data controllers will be able to record if consent was granted and the business purposes for that consent. The module will be fully configurable and able to relate to any other module, including custom. Any requests for partial or permanent data erasure will also be logged using this module. Once erased, the selected fields will read “Value erased” as a placeholder.

PI Log

The GDPR compliant SugarCRM release will offer Personal Information (PI) logs which display the information and its source. When a subject requests access to their personal data, contents of this log can be pulled to accommodate. Users also can export personal information in a list view to send to the subject.

Custom Fields for Processing Objections

If a data subject prefers their information not be used for profiling, SugarCRM users can create a custom field that flags the record to exclude it from campaigns, reports, or other business processes.

Internally, SugarCRM also has plans for their use of customer data. The company has indicated its inherent compliance with the new GDPR statutes for privacy and protection through policies, procedures, technical measures, and organizational activities to prepare for any data event. For customers looking for more information on Sugar’s GDPR policies, visit this link.

Danine Midura's picture
Danine Midura
Director of Marketing

Danine is the Director of Marketing for Technology Advisors Inc. She spearheads TAI events, marketing campaigns, and social media efforts. Prior to her work at TAI, Danine was a copywriter in the B2B publishing industry. Her interests include blockbuster disaster movies, tank tops in an array of colors, used book stores, Clint Eastwood, and being surrounded by trees. 

Related Articles

January 6, 2020

Insurance companies know that insurance is uncomfortable, confusing, complex, and that their legacy processes and programs are not cutting it. When looking to stand out from competitors, it’s important for internal and external processes to change simultaneously, making a major transformation unavoidable. 

August 27, 2018

During a recent chat with one of our CRM consultants, he mentioned concerns about customer perceptions of CRM. “Sometimes I worry they don’t see the full picture,” he said. “CRM is an ongoing investment. As a business grows, the CRM must grow too. They assume once the CRM is purchased and the team knows how to use it, the software journey is over; but there’s a lot more to it.”