A checklist was implemented in the Cases module which guides you through the necessary steps and allows you to log the actionss taken so that you have an extensive documentation over the handling of requests. By default, checklists are provided for the following requests:
The steps of these requests are visible in a separate tab in the Cases module.
A GDPR ticket can be called up in the record of the respective data subject and can be viewed as a chronological log. Privacy relevant fields of the record are also logged in the protocol itself.
SuiteCRM, like most CRM systems, does not delete the data immediately, but sets a 'Deleted Flag' which causes the system to treat the dataset as deleted. The actual data are still stored in the database. The deletion request of a data subject not only affects the data record in the contact module but also prospective data records as well as personal data in linked modules. For this purpose, the KINAMU DSGVO module has a tool with which it is possible to completely overwrite data in the record of the contact and lead.
The anonymization tool takes you to a list of similar sounding contacts and leads that you can select to delete.
Records that are not highlighted as links are records which were already deleted the CRM but still exist in the database. These also can be anonymized. Once you have selected the records you want to anonymize, you will get to a list of records, calls, emails, notes, etc., associated with the selected persons.
These can either be deleted or, if they are still relevant, be assigned to the contacts Account. The personal record itself is not deleted but fields with personal data are overwritten (e-mail address, telephone number, address, etc.)