Odoo is no stranger to the obstacles of adapting to pandemics, moving online, strengthening security, and helping with legal compliance such as the GDPR. Because regardless if you are a big, small or medium entity, the collection and use of personal data of the people you dealt with -being customers, suppliers, employees, agents or others- have to be done legally.
Though Odoo cannot make you compliant, it can help you achieve it, ease your data mapping, reduce data redundancy, implement granular access rights and security controls. Let's dive in!
Establish what type of data your organisation collects, uses, stores, deletes, transfers within and outside the entity; it's not an easy task. But with Odoo, an entity naturally centralises most of its data; thus, by reviewing all your apps, you can straightforwardly assess where your data is and what you are doing with it, which will make everything else easier down the road.
DATA SUBJECT REQUESTS
LOCATION OF DATA
With Odoo, this is not a nightmare; you can immediately start from the Odoo Contact Screen and check all the personal data you are holding about someone and satisfy the requests of access, deletion, portability, etc.
DATA SUBJECTS RIGHTS
Finally, you can enable the portal by using Odoo browser built-in menu and let data subjects make effective use of their rights on self-service mode, e.g., get their data exported.
CONSENT WITH EVIDENCE
SECURITY AND PRIVACY BY DESIGN
Already built-in on Odoo’s software.
WHAT ELSE CAN YOU DO WITH ODOO?
With the right partner, you can do whatever is needed for your entity to operate competitively, legally and securely. For instance,
- Mark fields that will contain personal data identifiers: Name, SSN, email.
- Global search tool on these fields for handling data subject's requests.
- A policy of deletion/anonymisation.
Odoo cannot make you compliant but can certainly help you to achieve it in various ways. Need to know more, feel free to reach out.
*Disclaimer this post is provided for informational purposes only. Reach out to your legal counsel to determine precisely how EU data protection rules apply to you.