These capabilities mean organisations can confidently deploy SugarCRM products as a key part of their GDPR compliance plans.

Data privacy-related functionality is now available as part of the company’s Spring ‘18 Cloud update as well as the Sugar 8 release for on-premise customers.

“SugarCRM has a reputation as a trustworthy CRM provider, so it’s not a surprise they took the GDPR challenge head on,” said Rebecca Wettemann, vice president at Nucleus Research. “What SugarCRM has done with this investment is accelerate time-to-compliance for customers and reduce the time and effort they need to ensure they’re managing GDPR compliance on an ongoing basis."

SugarCRM’s new features will ensure financial institutions are better prepared for whatever comes next. New privacy-related features include:

A “command centre” for data privacy - Sugar now includes a new module to address and log all customer requests related to data privacy.

The advent of the data privacy manager (DPM) - SugarCRM added a new role within Sugar to review requests and mark records for erasure.

Easy access to stored customer data - Sugar introduces a Personal Information Log (PI Log) feature that captures the sources of customer data input and modifications. Companies can send the personal data within the PI Log to data subjects upon request.

Flagging Customers who object to data processing - Sugar users can “flag” anyone who requests that their personal data is not used in profiling or automated business processes. This is then used as a filter in campaigns and reports.

Email Communications - A new global setting specifies if new email addresses should default to “opted-out” or “opted-in” for customer communications. If an email address is set to opt-out, a clear visual indicator is next to wherever Sugar displays the email address.

Managing Consent - Organisations now manage within Sugar the process of a person providing “consent” to the storing and processing of their personal data. If the customer withdraws consent, Sugar records the request within the data privacy management module.

Limiting data collection to only what is necessary - Data privacy regulations dictate that businesses should only process relevant personal data, and all other personal data may be inappropriate. Admins can easily remove unneeded fields via Studio (Sugar’s configuration console for admins).

SugarCRM HintⓇ - Customers and prospects can request that any personal data not relevant to doing business be removed from all systems. Companies can now control what data is provided via a Hint search.

Sugar Cloud - SugarCRM has put internal policies in place to protect our customers’ data in our cloud and to perform our obligations as a data processor.

“SugarCRM has a reputation as a trustworthy CRM provider, so it’s not a surprise they took the GDPR challenge head on,” said Rebecca Wettemann, VP Research at Nucleus Research. “I’ve seen an early demo of the new features coming in Sugar and I’m excited to see how they will help organisations implement best practices for data privacy.”  

The latest version of Sugar is available for both cloud and on-premise customers today.