What admin settings or configurations are needed?
- Data Privacy Module
Enable this module in the admin section under “Display Modules and Subpanels”. The DP module is related (M:M) with the leads, contacts, accounts and targets module. The module can also be related to other modules, including custom modules.
Note: The status field is a dropdown list of value and should not be modified or removed.
- List of Values - Type
Sugar provides the type of data privacy activity that are relevant under GDPR such as data subject rights, consent receipt and consent withdrawal. You can customize the labels in this list of values. The only restriction is that the following types cannot be removed (label can be changed) -
- RIght to Erase Information
- Consent to Process
- Withdraw Consent
- Consent fields
Two consent fields are included for leads, contacts and targets respectively. To use these fields, add them to the record view layout.
One of the consent fields is a multi select field for business purposes. The default values are suggestions. Actual values will be based on policy and should be customized accordingly.
- Mark fields as personal information
In studio, each field can be marked as personal information. This is used for the personal information view and for the erase process. Sugar has marked specific fields in the Leads, Targets, Accounts and Contacts module as personal information by default.
Note that fields can only be marked as personal information if the module is auditable.
- Email Opt In/ Out
In Email settings in administration, set the global default for email opt in or opt out. In general EU customers should set this to Opt out. New email addresses will default to this global setting.
- Assigning users to DPM
The Data Privacy Manager (DPM) role is included out of the box. Designated users who will perform data privacy related tasks should be assigned to this role. Users in the DPM role will be able to perform tasks such as erasure. By default, DPM's are also module admins for leads, contacts and targets module.
Note: When relating the Data Privacy module to other modules, the DPO role should be updated to give admin rights to these modules.