Today 25th May 2018 is the day GDPR goes live! To “celeberate” this important day, and as a contribution from me to the Microsoft Dynamics 365 community, I’m offering my Dynamics 365 GDPR Add-on Solution free to the community both Customers and Partners. You can find a link to download the solution for free at the end of this post.
The solution delivers the following functionality and Data Subject requests:
- Consent Management
- The Right to be Forgotten (anonymising contacts information)
- Personal Identifiable Information (PII) Management
The solution includes the following components:
- “Consent” Custom entity with relationship to Contact entity
- New form for Contact entity called GDPR and few additional fields on Contact
- “Configuration Settings” entity for capturing config information
- A Plugin Assembley for the Anonmisation function
- A Workflow for creating tasks to renew Consent at 30, 7 and 0 days from consent end date.
For the solution to work properly, once you import the solution, you will need to do the following:
- Create a Queue called “GDPR” so that tasks for consent renewal created by the workflow can be added to this queue.
- Create a Configuration Setting record called “GDPR Contact” as the screenshot below. You need to enter names of fields you want to be anonymised separate by semicolons.
The solution takes the approach of anonymising the contact information without actually deleting the contact record. This means everything stays the same, attributed to the same contact record but the record itself will no longer hold any personal identifable information (PII) of the customer.
Here are screenshots on how the “Anonymise” button works:
GDPR Contact Form:
Click on “Anonymise” button:
Anonymised Contact record:
I hope this solution helps many in the Dynamics 365 community. If you find this solution helpful, please review and/or vote on this solution. I’ll be happy to support the solution where I can (and based on its popularity).
N.B. The solution is provided as is with no warranty. It does not guarantee GDPR compliance and your organisation will still need to ensure they are compliant.