SugarCRM Embeds More Data Privacy Controls for GDPR Compliance

New features within the company’s cloud, relationship management, and relationship intelligence offerings aimed to help companies implement best practices for GDPR.

SugarCRM, which last fall beefed up its cloud customer relationship platform with a mobile SDK and updated management platform, has released a Spring 2018 update that will enable its customers to automatically implement best practices for data privacy.

These capabilities mean organizations can deploy SugarCRM products as a key part of their GDPR compliance plans.

Data privacy-related functionality is now included as part of the company’s Spring ‘18 Cloud update as well as the Sugar 8 release for on-premises customers, the company said.

Cupertino, Calif.-based SugarCRM, long an alternative to the Salesforces and Oracles of the world, said its new features will ensure that organizations are better prepared for whatever comes next. New privacy-related features include:

A “command center” for data privacy: Sugar now includes a new module to address and log all customer requests related to data privacy.

The advent of the data privacy manager (DPM): SugarCRM added a new role within Sugar to review requests and mark records for erasure.

Easy access to stored customer data: Sugar introduces a Personal Information Log (PI Log) feature that captures the sources of customer data input and modifications. Companies can send the personal data within the PI Log  to data subjects upon request.

Flagging customers who object to data processing: Sugar users can “flag” anyone who requests that their personal data is not used in profiling or automated business processes. This is then used as a filter in campaigns and reports.

Email communications: A new global setting specifies if new email addresses should default to “opted-out” or “opted-in” for customer communications. If an email address is set to opt-out, a clear visual indicator is next to wherever Sugar displays the email address.

Managing consent: Organizations now manage within Sugar the process of a person providing “consent” to the storing and processing of their personal data. If the customer withdraws consent, Sugar records the request within the data privacy management module.

Limiting data collection to only what is necessary: Data privacy regulations dictate that businesses should only process relevant personal data, and all other personal data may be inappropriate. Admins can easily remove unneeded fields via Studio (Sugar’s configuration console for admins).

SugarCRM Hint:  Customers and prospects can request that any personal data not relevant to doing business be removed from all systems. Companies can now control what data is provided via a Hint search.

Sugar Cloud: SugarCRM has put internal policies in place to protect customers’ data in the cloud and to perform its obligations as a data processor.

The latest version of Sugar is available now for both cloud and on-premises customers. For more information, or to sign up for a free trial, go here.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 13 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...