SlideShare a Scribd company logo

Salesforce & GDPR: What happens next?

Desynit, profile picture
Desynit

This document discusses the implications of GDPR for Salesforce and outlines key aspects of personal data processing, including individual rights and data handling principles. It highlights the challenges faced by companies in preparing for GDPR compliance, potential lawsuits, and subsequent modifications made by Salesforce to its platform. The document concludes by mentioning emerging regulations and resources for further information.

Business
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
FORCEWEST BREAKFAST 18 JULY 2018 SALESFORCE & GDPR WHAT HAPPENS NEXT?
A Brief History Introduction
Introduction Stephan Chandler-Garcia Salesforce Practice Lead & Architect - Methods Founder - GDPR Superheroes @SGarcia421 @GDPRSuperheroes /in/stephanwgarcia UK Public Sector User Group
GDPR & Personal Data Data Processor Data Controller Data Subject
GDPR & Personal Data Personal Data any information relating to an identified or identifiable natural person; Online Identifiers IP Address Cookies RFID Tags Direct Identifiers Name Contact Details ID Number Location Data Indirect Identifiers Physical Physiological Genetic Mental Economic Cultural Social Identity
GDPR & Personal Data Processing Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
GDPR & Personal Data Profiling Any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
GDPR & Personal Data The Right to Rectification The Right of Access The Right to Erasure The Right to be Informed The Right to Restrict Processing The Right to Object The Right to Data Portability The Rights In relation to Automated Decision Making and Processing
GDPR & Personal Data Article 6 Lawfulness of Processing
GDPR & Personal Data Requirements 1. Consent 2. A Contract 3. Vital Interests 4. Legal Obligation 5. A Public Task 6. Legitimate Interest Article 6 Lawfulness of Processing
GDPR & Personal Data Principles 1. Purpose Limitations 2. Storage Limitations 3. Data Minimisation 4. Accuracy 5. Right to Erasure
GDPR & Personal Data The Right to Erasure Individuals have a right to have personal data erased in specific circumstances: 1. It is no longer necessary in relation to the purpose for which it was originally collected/processed; 2. when the individual withdraws consent; 3. when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing; 4. when the personal data was unlawfully processed; 5. when the personal data has to be erased in order to comply with a legal obligation; or 6. when the personal data is processed in relation to the offer of information society services to a child.
How has this played out? The calm before the storm 1. The media ‘frenzy’ was very short lived 2. Enhanced awareness 3. Temporary Solutions
Results Companies spent months scrambling to prepare for this, what has been the result? 1. Some acted on bad legal advice 2. Lots of lost data 3. Wait and see
Lawsuits There have been a few big-name lawsuits filed already. What do they actually mean? 1. The are mostly PR 2. Individuals do not have the right to press charges
Salesforce Changes Platform Changes Salesforce have made changes to their platform to aid compliance 1. The Individual Object… more on that shortly! 2. Internal Logging 3. Apex Method for User Deletion & more to come
Salesforce Changes The Individual Object A New Standard Object! 1. Must be Enabled 2. No Storage Limits 3. Related to Contact, Lead, Person Account, & User by Default
Post-GDPR Whats Next? 1. Emerging Regulations a. E Privacy Regulation b. California Consumer Privacy Act 2. the GDPR ‘rebrand'
Resources Where can I find more information? GDPR Superheroes - GDPRSuperheroes.com Information Commissioner's Office - ico.org.uk Data Privacy Manager - elements.cloud/dpm
GDPR Superheroes THANK YOU!

More Related Content

PDF
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
DATUM LLC
 
PDF
GDPR Compliance
Miguel Mello
 
PPT
Enterprise Discovery: Taking Control, Driving Change
Iron Mountain
 
PDF
GDPR Affects Email Worldwide
SparkPost
 
PDF
What is GDPR Data Flow Mapping
VISTA InfoSec
 
PPTX
GDPR non-compliance risks & GDPR365
Jaco Liebenberg
 
PDF
GDPR 
- The Do’s and Don'ts for Marketeers
Burst
 
PDF
12 steps to prepare for GDPR
Gary Chambers
 
GDPR Learning Lab: Gartner Data & Analytics 2018 Slides
DATUM LLC
 
GDPR Compliance
Miguel Mello
 
Enterprise Discovery: Taking Control, Driving Change
Iron Mountain
 
GDPR Affects Email Worldwide
SparkPost
 
What is GDPR Data Flow Mapping
VISTA InfoSec
 
GDPR non-compliance risks & GDPR365
Jaco Liebenberg
 
GDPR 
- The Do’s and Don'ts for Marketeers
Burst
 
12 steps to prepare for GDPR
Gary Chambers
 

What's hot (15)

PDF
GDPR 12 Steps infographic
Ermine Amies
 
PDF
What does GDPR laws mean for Australian businesses
iFactory Digital
 
PPTX
Data Governance in the Enterprise: Highlights from Our Research Report
Blancco
 
PDF
GDPR infographic
Marketing Team at Crown Worldwide Group
 
PDF
An Overview of GDPR by Pathway Group
The Pathway Group
 
PDF
hipaa compliance requirements for business associates
GlobalCompliancePanel
 
PDF
HIPAA Compliance Requirements for Business Associates
GlobalCompliancePanel
 
PDF
HIPAA compliance tuneup 2016
Compliancy Group
 
PPT
Privacy & Transparency in Digital Life
Susan Price
 
PPT
Stressing about GDPR? Key Facts
BizSmart Select
 
PDF
BigID PII & PI Discovery for GDPR Data Sheet
Dimitri Sirota
 
PPTX
Managing SharePoint within Office 365
Christian Buckley
 
PDF
CIO Summit talk: EU GDPR
John Culkin
 
PPTX
Personally Identifiable Information – FTC: Identity theft is the most common ...
Jan Carroza
 
DOCX
What is data protection and why it is important for business
SameerShaik43
 
GDPR 12 Steps infographic
Ermine Amies
 
What does GDPR laws mean for Australian businesses
iFactory Digital
 
Data Governance in the Enterprise: Highlights from Our Research Report
Blancco
 
GDPR infographic
Marketing Team at Crown Worldwide Group
 
An Overview of GDPR by Pathway Group
The Pathway Group
 
hipaa compliance requirements for business associates
GlobalCompliancePanel
 
HIPAA Compliance Requirements for Business Associates
GlobalCompliancePanel
 
HIPAA compliance tuneup 2016
Compliancy Group
 
Privacy & Transparency in Digital Life
Susan Price
 
Stressing about GDPR? Key Facts
BizSmart Select
 
BigID PII & PI Discovery for GDPR Data Sheet
Dimitri Sirota
 
Managing SharePoint within Office 365
Christian Buckley
 
CIO Summit talk: EU GDPR
John Culkin
 
Personally Identifiable Information – FTC: Identity theft is the most common ...
Jan Carroza
 
What is data protection and why it is important for business
SameerShaik43
 
Ad

Similar to Salesforce & GDPR: What happens next? (20)

PDF
What is GDPR and why does it matter to me?
Desynit
 
PDF
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Michael Adamberry
 
PDF
Innovation day Oslo FSI breakout
Salesforce - Sweden, Denmark, Norway
 
PPTX
GDPR Data Lifecycle
Jatin Kochhar
 
PPTX
How GDPR will change Personal Data Control and Affect Everyone
Thomas Goubau
 
PPTX
Webinar: Introduction to GDPR - What It Is and How It Will Affect Your Business
WithumSmith+Brown, formerly Portal Solutions
 
PPTX
GDPR Data Life Cycle
Jatin Kochhar
 
PPTX
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
BrightPay Payroll and Auto Enrolment Software
 
PDF
GDPR Is Coming - Get Over It Webinar
Sagittarius
 
PDF
GDPR – Readiness in IT offshore organization
Vishnuvarthanan Moorthy
 
PDF
GDPR and Analytics
brunomase
 
PDF
GDPR Whitepaper
Richard Goddard
 
PPTX
GDPR in the Healthcare Industry
EMMAIntl
 
PDF
Gdpr presentation
Iain Wicks MCIPR
 
PDF
Life with GDPR 2018 - From Governance to Optimisation
DAMA Ireland
 
PDF
GDPR: What does it mean for your business?
BrightPay Payroll and Auto Enrolment Software
 
PPTX
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
PDF
Impact of GDPR on User Experience
WSO2
 
PDF
The Essential Guide to GDPR
Tim Hyman LLB
 
PDF
The Essential Guide to GDPR
Tim Hyman LLB
 
What is GDPR and why does it matter to me?
Desynit
 
Data Protection Seminar_GDPR_ISOLAS_26-06-17
Michael Adamberry
 
Innovation day Oslo FSI breakout
Salesforce - Sweden, Denmark, Norway
 
GDPR Data Lifecycle
Jatin Kochhar
 
How GDPR will change Personal Data Control and Affect Everyone
Thomas Goubau
 
Webinar: Introduction to GDPR - What It Is and How It Will Affect Your Business
WithumSmith+Brown, formerly Portal Solutions
 
GDPR Data Life Cycle
Jatin Kochhar
 
GDPR: 3 Months On | Guest Speaker: Data Protection Commissioners
BrightPay Payroll and Auto Enrolment Software
 
GDPR Is Coming - Get Over It Webinar
Sagittarius
 
GDPR – Readiness in IT offshore organization
Vishnuvarthanan Moorthy
 
GDPR and Analytics
brunomase
 
GDPR Whitepaper
Richard Goddard
 
GDPR in the Healthcare Industry
EMMAIntl
 
Gdpr presentation
Iain Wicks MCIPR
 
Life with GDPR 2018 - From Governance to Optimisation
DAMA Ireland
 
GDPR: What does it mean for your business?
BrightPay Payroll and Auto Enrolment Software
 
General Data Protection Regulation (GDPR)
Extentia Information Technology
 
Impact of GDPR on User Experience
WSO2
 
The Essential Guide to GDPR
Tim Hyman LLB
 
The Essential Guide to GDPR
Tim Hyman LLB
 
Ad

More from Desynit (8)

PPTX
Nessy Learnings Salesforce Marketing Automation Case Study
Desynit
 
PPTX
How to create an inbound marketing engine
Desynit
 
PPTX
Are you ready for Lightning to strike?
Desynit
 
PPTX
Dreamforce 2015 - 4 days in 4 minutes
Desynit
 
PDF
Stories of sustainability on the Salesforce platform
Desynit
 
PPTX
Intro to Salesforce Lightning for Admins
Desynit
 
PPTX
Le Tour de Salesforce 2014
Desynit
 
PPTX
Customer experience with IPC Media & Bluewolf
Desynit
 
Nessy Learnings Salesforce Marketing Automation Case Study
Desynit
 
How to create an inbound marketing engine
Desynit
 
Are you ready for Lightning to strike?
Desynit
 
Dreamforce 2015 - 4 days in 4 minutes
Desynit
 
Stories of sustainability on the Salesforce platform
Desynit
 
Intro to Salesforce Lightning for Admins
Desynit
 
Le Tour de Salesforce 2014
Desynit
 
Customer experience with IPC Media & Bluewolf
Desynit
 

Recently uploaded (20)

DOCX
80 DE ÔN VÀO 10 NĂM 2023vhkkkjjhhhhjjjj
janggookdal
 
PDF
NewBase 12 August 2025 Energy News issue - 1812 by Khaled Al Awadi_compresse...
Khaled Al Awadi
 
PPTX
Project Management_ SMART Projects Class.pptx
ravindra661395
 
PDF
Solaris Resources Presentation - Corporate August 2025.pdf
pchambers2
 
PDF
ANALYZING THE OPPORTUNITIES OF DIGITAL MARKETING IN BANGLADESH TO PROVIDE AN ...
IJMIT JOURNAL
 
PDF
Technical Architecture - Chainsys dataZap
Chainsys SEO
 
PDF
Module 3 - Functions of the Supervisor - Part 1 - Student Resource (1).pdf
OmoobaOrun1
 
PDF
Satish NS: Fostering Innovation and Sustainability: Haier India’s Customer-Ce...
red402426
 
PDF
1911 Gold Corporate Presentation Aug 2025.pdf
Shaun Heinrichs
 
PDF
Tortilla Mexican Grill 发射点犯得上发射点发生发射点犯得上发生
ssun243
 
PDF
Blood Collected straight from the donor into a blood bag and mixed with an an...
UsamaJaved91
 
PPTX
BUSINESS CYCLE_INFLATION AND UNEMPLOYMENT.pptx
TasmiaThalil
 
PDF
Cours de Système d'information about ERP.pdf
pha nguyen
 
PPTX
Slide gioi thieu VietinBank Quy 2 - 2025
hoadm5190
 
PPTX
Astra-Investor- business Presentation (1).pptx
diksha27bhardwaj
 
PDF
PMB 401-Identification-of-Potential-Biotechnological-Products.pdf
princessbliss09
 
PDF
NEW - FEES STRUCTURES (01-july-2024).pdf
priyansubarmanwork
 
PDF
NISM Series V-A MFD Workbook v December 2024.khhhjtgvwevoypdnew one must use ...
RoopaSherkar
 
PDF
Charisse Litchman: A Maverick Making Neurological Care More Accessible
The lifescience magaizne
 
PPTX
Negotiation and Persuasion Skills: A Shrewd Person's Perspective
smartanimesh2710
 
80 DE ÔN VÀO 10 NĂM 2023vhkkkjjhhhhjjjj
janggookdal
 
NewBase 12 August 2025 Energy News issue - 1812 by Khaled Al Awadi_compresse...
Khaled Al Awadi
 
Project Management_ SMART Projects Class.pptx
ravindra661395
 
Solaris Resources Presentation - Corporate August 2025.pdf
pchambers2
 
ANALYZING THE OPPORTUNITIES OF DIGITAL MARKETING IN BANGLADESH TO PROVIDE AN ...
IJMIT JOURNAL
 
Technical Architecture - Chainsys dataZap
Chainsys SEO
 
Module 3 - Functions of the Supervisor - Part 1 - Student Resource (1).pdf
OmoobaOrun1
 
Satish NS: Fostering Innovation and Sustainability: Haier India’s Customer-Ce...
red402426
 
1911 Gold Corporate Presentation Aug 2025.pdf
Shaun Heinrichs
 
Tortilla Mexican Grill 发射点犯得上发射点发生发射点犯得上发生
ssun243
 
Blood Collected straight from the donor into a blood bag and mixed with an an...
UsamaJaved91
 
BUSINESS CYCLE_INFLATION AND UNEMPLOYMENT.pptx
TasmiaThalil
 
Cours de Système d'information about ERP.pdf
pha nguyen
 
Slide gioi thieu VietinBank Quy 2 - 2025
hoadm5190
 
Astra-Investor- business Presentation (1).pptx
diksha27bhardwaj
 
PMB 401-Identification-of-Potential-Biotechnological-Products.pdf
princessbliss09
 
NEW - FEES STRUCTURES (01-july-2024).pdf
priyansubarmanwork
 
NISM Series V-A MFD Workbook v December 2024.khhhjtgvwevoypdnew one must use ...
RoopaSherkar
 
Charisse Litchman: A Maverick Making Neurological Care More Accessible
The lifescience magaizne
 
Negotiation and Persuasion Skills: A Shrewd Person's Perspective
smartanimesh2710
 

Salesforce & GDPR: What happens next?

  • 1. FORCEWEST BREAKFAST 18 JULY 2018 SALESFORCE & GDPR WHAT HAPPENS NEXT?
  • 3. Introduction Stephan Chandler-Garcia Salesforce Practice Lead & Architect - Methods Founder - GDPR Superheroes @SGarcia421 @GDPRSuperheroes /in/stephanwgarcia UK Public Sector User Group
  • 4. GDPR & Personal Data Data Processor Data Controller Data Subject
  • 5. GDPR & Personal Data Personal Data any information relating to an identified or identifiable natural person; Online Identifiers IP Address Cookies RFID Tags Direct Identifiers Name Contact Details ID Number Location Data Indirect Identifiers Physical Physiological Genetic Mental Economic Cultural Social Identity
  • 6. GDPR & Personal Data Processing Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • 7. GDPR & Personal Data Profiling Any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
  • 8. GDPR & Personal Data The Right to Rectification The Right of Access The Right to Erasure The Right to be Informed The Right to Restrict Processing The Right to Object The Right to Data Portability The Rights In relation to Automated Decision Making and Processing
  • 9. GDPR & Personal Data Article 6 Lawfulness of Processing
  • 10. GDPR & Personal Data Requirements 1. Consent 2. A Contract 3. Vital Interests 4. Legal Obligation 5. A Public Task 6. Legitimate Interest Article 6 Lawfulness of Processing
  • 11. GDPR & Personal Data Principles 1. Purpose Limitations 2. Storage Limitations 3. Data Minimisation 4. Accuracy 5. Right to Erasure
  • 12. GDPR & Personal Data The Right to Erasure Individuals have a right to have personal data erased in specific circumstances: 1. It is no longer necessary in relation to the purpose for which it was originally collected/processed; 2. when the individual withdraws consent; 3. when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing; 4. when the personal data was unlawfully processed; 5. when the personal data has to be erased in order to comply with a legal obligation; or 6. when the personal data is processed in relation to the offer of information society services to a child.
  • 13. How has this played out? The calm before the storm 1. The media ‘frenzy’ was very short lived 2. Enhanced awareness 3. Temporary Solutions
  • 14. Results Companies spent months scrambling to prepare for this, what has been the result? 1. Some acted on bad legal advice 2. Lots of lost data 3. Wait and see
  • 15. Lawsuits There have been a few big-name lawsuits filed already. What do they actually mean? 1. The are mostly PR 2. Individuals do not have the right to press charges
  • 16. Salesforce Changes Platform Changes Salesforce have made changes to their platform to aid compliance 1. The Individual Object… more on that shortly! 2. Internal Logging 3. Apex Method for User Deletion & more to come
  • 17. Salesforce Changes The Individual Object A New Standard Object! 1. Must be Enabled 2. No Storage Limits 3. Related to Contact, Lead, Person Account, & User by Default
  • 18. Post-GDPR Whats Next? 1. Emerging Regulations a. E Privacy Regulation b. California Consumer Privacy Act 2. the GDPR ‘rebrand'
  • 19. Resources Where can I find more information? GDPR Superheroes - GDPRSuperheroes.com Information Commissioner's Office - ico.org.uk Data Privacy Manager - elements.cloud/dpm