How SAP C4C helps you comply with the new European General Data Protection Regulation (GDPR)
Data privacy – currently more in the worldwide spotlight than ever before. The new and more rigorous regulations governing Europe’s data privacy rights have far-reaching consequences for companies. What used to be “gray areas” are now in dire need of end-to-end processes that have to be designed and implemented to ensure data privacy compliance. The astronomical penalties for non-compliance alone make it imperative to take swift action.
To accommodate the multifaceted requirements of the regulation, companies need to go beyond defining new processes and review and adapt their IT systems or even implement new solutions. Particularly the handling of sensitive data throughout a company’s operations, transparency for customers on how their data is used, and securing data against unauthorized access are of critical importance here. In the following, we will explain to you the different SAP C4C functionalities that help ensure proper data use, access controls, the handling of opt-ins, and technical data security.
Proper data use
In the solution portfolio of SAP Hybris* Cloud for Customer (SAP C4C), you will find a host of features that make it easy for you to comply with relevant data privacy regulations. The system, for example, allows you to anonymize data, delete them permanently, and accommodate disclosure obligations regarding your customers’ data. When it comes to meeting legal data retention obligations, SAP C4C enables you to strike the perfect balance between the right to be forgotten and legal retention periods by giving you the option to implement a process that meets all regulatory requirements.
Data access control
It comes with a built-in role and authorization concept that lets you control access to your customer data, allowing you to limit your employees’ access to only what they need to fulfill their tasks. What’s more, the change history lets you track changes to your data, giving you full visibility across the system. The access history feature gives you detailed insight into who had access to particularly sensitive data, delivering complete audit trails to demonstrate that privacy requirements have been sufficiently addressed.
Handling of opt-ins
To ensure compliance with data protection regulations for your outgoing communications as well, the system has mechanisms in place that allow you to capture and manage marketing opt-ins and subscriptions.
Technical data security
In addition to the proper use of data, data security is another major aspect of the new privacy legislation. This is yet another area where the cloud solution meets all legal requirements.
Its interfaces supply the different features with data from external systems such as SAP S/4HANA and even third-party systems in your system landscape, paving the way for the development and implementation of a cross-system data protection strategy.
We will be happy to assist you in leveraging SAP C4C to make the most of your strategy.
*Note: The name of the SAP Hybris suite was changed to SAP C/4HANA in June 2018. For further information please visit the SAP website.