Guest user Created: Apr 14, 2018 Last commented: Apr 14, 2018

Sensitive personal data

Good morning, I have a question about the personal and sensitive data within the GDPR. We are using Contact information like Name, Surname, Email, Telephone Number, Business Number and Address for the Contract Creation in B2B CRM system. The question is that in the big system it is very important to have all the history about the sales in one place, and not to be deleted at all. Could this personal information be changed to clients id and in the future all the records will be stored just with the id without name and other data?

0 0

Assign topic to the user

Select user

Expert

Andrei Hanganu Apr 14, 2018

Answer:

From your description you provided the data in your CRM system is indeed personal data but not “special category of data” as per article 9 of the EU GDPR – “Processing of special categories of personal data” https://advisera.com/eugdpracademy/gdpr/processing-of-special-categories-of-personal-data/

The deidentification of data using a ID number or customer number is a measure to protect personal data which is caller “pseudonymization” which is referred to and recommended in article 32 of the EU GDPR – “Sec urity of processing” https://advisera.com/eugdpracademy/gdpr/security-of-processing/ so by all means proceed.

To find out more about the security of personal data you can check out our free EU GDPR Foundations Course https://advisera.com/training/eu-gdpr-foundations-course//

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 14, 2018

Expert Advice Community