Details about this thread
  • State Not Answered
  • Replies 8 replies
  • Subscribers 292 subscribers
  • Views 1405 views
  • Users 0 members are here
Related content from around SugarClub

GDPR erasure requests - importing previously removed records

Philippa Grover

Is anyone else struggling to get their head around GDPR erasure requests?

Say someone requests to be erased from your systems. You follow the new legislation, process their request, and delete their data.

You then obtain a new database (either from a marketing tool, or via a third party), and import the data into your system. But, the list contained the details of the aforementioned individual.

Without having their details recorded somewhere, how would you know that they had previously requested to be removed, prior to importing them?

I know v8 will contain a Data Privacy Module, but I still don't see how we will get around the above problem. Has anyone else had any ideas about how to handle this, either in Sugar or outside Sugar?

Has anyone else thought about this?

Parents
  • 0

    Hi Philippa Grover 

    The emails are stored in the table email_addresses, which manage the email address it self and the information of invalid email and opted out.

    The table email_addr_bean_rel implements the relationship between a record (Account, Contact, Lead etc) against a speciffic email address.

    So lets suppose several differents records are related to the same email address which is set as opted out, it means all of these records will be marked as opted out for that same email address.

    So when you are going to import a third part database the SugarCRM application will double check if the given email address does exist and then it will assign that email address to the new record. Note that SugarCRM will not undo the opted out flag of such email on importing, this way if you try to send an email marketing campaign to a new record whose email address had been previously opted out the SugarCRM will refuse the send the message to that one.

    But if that new Person/Company has some other email addressed not opted out then he/she will be targeted without big deal.

    I hope I could answer your question.

    Kind regards

    André Lopes
    Lampada Global
    Skype: andre.lampada
  • 0 in reply to André Lopes

    The way erasure requests will work in Sugar is a bit different than delete. A data privacy manager will be able to select specific personal fields for erasure. What then happens is that the value of those personal fields is erased. On the front end, you will see "Value Erased".  The record itself is not removed, so that we can retain relationships with other records such as calls, meetings, tasks etc. 

    If an email is marked for erasure, then the email value is also erased from the table. 

    If that email address comes in again as a new lead or contact, then the new email will be created as a new record. There is no mechanism to tie in the new incoming email address to the previously held email address, because the previous email record was permanently erased. 

    Hope that helps. 

    Deepak Deolalikar

    Senior Director Product Management

Reply
  • 0 in reply to André Lopes

    The way erasure requests will work in Sugar is a bit different than delete. A data privacy manager will be able to select specific personal fields for erasure. What then happens is that the value of those personal fields is erased. On the front end, you will see "Value Erased".  The record itself is not removed, so that we can retain relationships with other records such as calls, meetings, tasks etc. 

    If an email is marked for erasure, then the email value is also erased from the table. 

    If that email address comes in again as a new lead or contact, then the new email will be created as a new record. There is no mechanism to tie in the new incoming email address to the previously held email address, because the previous email record was permanently erased. 

    Hope that helps. 

    Deepak Deolalikar

    Senior Director Product Management

Children
  • 0 in reply to Deepak Deolalikar

    Hi Deepak,

    Many thanks for getting back to me. I understand what you're referring to with regard to erasing content from fields which have been marked as PII.

    To be clear, are you saying that processing an Erasure Request does not result in a deletion of a record, but rather it displays "Value Erased" within the fields. If this is the case, how can we identify who the person is, because presumably their name will display "Value Erased" as a name constitutes PII.

    Your note refers to an email being marked for erasure - do you mean an email record, or an email address? Our issue is with email addresses. Apologies, I just want to ensure I understand you correctly.

    If I undertstand you correctly, the processing of an Erasure Request will erase the subject's email address from the table - is that correct? If this is the case, isn't this a problem for importing new records for previously-forgotten subjects? If the email address of a subject is erased as part of processing an Erasure Request and it is deleted from the tables, how is it possible to identify this person as having previously been forgotten?

    Many thanks,

    Philippa

  • 0 in reply to Deepak Deolalikar

    Here's my understanding:

    If I ask you to REMOVE my data, you have to remove it completely, you will have no reference whatsoever to whether I ever existed in your system or asked you to delete me. I become a total stranger.

    Now, if you get my name from a list, the provider of the list also has to provide you with MY EXPLICIT CONSENT for the data contained in the list to be gathered for the PURPOSE of SHARING it with you (Opt-In Policy). Therefore you have EXPLICIT consent FROM ME (via the company who provided you the list) to use that data and you can add me.

    If you don't have that documented consent you can't add me to your system. The default is DENIAL of consent.

    In other words, you should NEVER AGAIN get just a list of random people that you bought or otherwise obtain without the explicit approval of the people whose information is contained in that list.

    Makes sense?
    FrancescaS