Salesforce has revealed the steps it’s made to become GDPR compliant, including appointing a data protection officer and putting privacy at the heart of product design.
The company has appointed Lindsey Finch, its current senior vice president of global privacy and product legal as its data protection officer (DPO), overseeing how Salesforce collects, stores and uses customer data.
“The official DPO designation is a natural outgrowth of our existing programme,” Finch said. “My team and I will continue to partner across the company to foster a culture of privacy – designing, implementing, and ensuring compliance with our global privacy programme, including ensuring that privacy is considered throughout the product development lifecycle.”
She explained that Salesforce’s Privacy Working Group, which includes executives from across the company’s privacy, legal, product, engineering, distribution, employee success and security departments, will help make decisions too, ensuring Salesforce remains compliant with the new rules after they come into force on 25 May.
“There is no finish line when it comes to GDPR compliance,” she said. “While Salesforce currently offers the tools for our customers to comply with the GDPR, we will continue to release new innovations that help our customers achieve compliance success.”
Salesforce has launched a GDPR website to help customers become compliant, including the information businesses need to honour data subject access requests, as well as guidance to help customers learn more about GDPR.
The vendor has also developed two new features after reviewing its readiness. A product called Individual Object pulls together a user’s individual privacy preferences across a customer’s entire Salesforce ecosystem, including contacts, leads, personal accounts and custom object records, while Salesforce DMP now features a consumer rights framework, enabling users to track and record consents they’ve received.