We are pleased to announce the arrival of some new data protection tools that aim to help Solomon customers stay compliant with the General Data Protection Regulation.

Solomon users can now set the lawful basis for storing any personal data in the People table:

Screen Capture on 2018-06-04 at 15-43-35.gif

Under GDPR, there are six lawful bases for processing personal data. We have only included the four most relevant to our customers: legal obligation, contract, legitimate interest, and consent.

If consent is the basis, we have added a simple wizard to help you record key informaton and to get the subject to opt-in as required. If the data subject is with you - for example, you get consent during a visit to see them - you can let them review the policy and set their preferences themselves, after which a confirmation email is sent to their inbox:

Screen Capture on 2018-06-04 at 16-04-46.gif

If consent is given in another way - over the phone, for example - there is an alternative workflow. Here you record the consent but an opt-in email is sent to the subject. Only after they have clicked on the confirmation link will their consent be registered:

Screen Capture on 2018-06-04 at 16-06-19.gif

If you are seeking consent, or you have it but you are unsure of the individual's data processing preferences, there is a final workflow that generates a consent request email. This will allow the data subject to create their own consent online. Warning: you must have their permissions to send the request email or you will be in breach of GDPR.

Under GDRP, subjects have the right to withdraw consent at any time. We have created a public web page where data subjects can manage their processing preferences, and withdraw their consent. They enter their email address first:

Screen Capture on 2018-06-04 at 16-21-17.gif

This will generate an email containing a link to a secure page where they can update their consent:

Screen Capture on 2018-06-04 at 16-24-25.gif

And there you have it!

Last week we updated our own data protection documentation. This is now available for review on the data protection pages of this site. As a result of these new policies, we have introduced some "technical measures". For example, all users are now required to review and accept a Privacy Policy before they can access the software. Each acceptance is stored in the user's account, along with a copy of the policy at that time.

We've been working on getting GDPR ready for over a year. We hope these new tools and policies will help our customers with their own data protection agenda. We've tried to take pain out of the process by making things simple and fast. We look forward to hearing feedback from our users, and to continuing to make Solomon best-in-class for data protection.