Introduction

  • In order to help data controllers meet their obligations under the new data protection legislation (GDPR) due to come into effect on the 25th May, Team Cubic has added a new tab to the Contacts module which is specifically aimed at Data Privacy considerations.
  • Companies have an obligation to record the purpose and justification for storing and using individuals' personal data (even if it is only their name and email address). If the only justification is because the individual consented to their data being processed (i.e. by signing up for a newsletter), there is more onus on recording how and when this consent was given. Then is a need to track if and when consent is withdrawn, either partially or completely.
  • In a business context, the most applicable justification (legal basis) is likely to be that a person’s data is needed for the performance of a contract. If a contract is yet to be or is no longer in force, then the next appropriate legal basis is likely to be Legitimate Interests. You should keep a record of a legitimate interests assessment to help you demonstrate compliance if required, you should also include details of your legitimate interests in your privacy notice. Other legal basis may be appropriate depending on specific circumstances.
  • Of all the fields on the data privacy tab, only the Legal Basis field is mandatory, since according to GDPR if you cannot justify why you are processing this person’s data, then you should not be processing it.
  • The fields that help you record exactly how the data was provided (allowing for more detail than the existing ‘source’ field on the marketing tab), may be useful to help you determine whether the data is GDPR compliant or whether steps should be taken to validate the data.
  • The fields that help you record how consent was given are only applicable if the legal basis of processing is consent. If there is any other justification, then consent does not apply and the rights of the individual may be overridden by other considerations.

Using the Data Privacy Tab

  • The Data Privacy tab is located within the Contacts module. It is intended to help data controllers meet some of their obligations under the GDPR. It is not designed to be a fully-fledged data privacy management system, as the majority of data privacy activity (e.g., data collection, publishing privacy policies, complying with data subjects’ rights) is conducted outside of Rapport. However, if Rapport is the primary source of contact records within your business, then it may be useful to track certain information alongside each contact’s record.
  • The fields on this tab will not be relevant to all Rapport users but should be sufficient for many companies that use Rapport for their primary list of contacts. Below is an explanation of each field and some guidelines for how they may be used. 
Field LabelField TypePurpose and usageNotes
Is this contact a Sole Trader?Yes / NoSole Traders are treated as individuals under PECR, so you may wish to record this
How were these contact details obtained?

Single Select Dropdown

- Provided directly by the data subject
- From a GDPR compliant source Provided for performance of a contract
- Marketing from the data subject

This field may be useful to help filter out contact records that are not GDPR compliant.
There may be some overlap with the ‘Source’ field on the Marketing tab, but this field is specifically for data privacy considerations.		The appropriate list of choices is dependent on your business processes and so the list should be customised as required.
Purposes of processing

Multi-Select Dropdown

- Newsletter
- Christmas Cards
- Existing Customer
- Summer BBQ
- Marketing via Email
- Contractual Updates
- Telemarketing
- Marketing via Post

Choosing the relevant option(s) on this list may help you identify which is the appropriate legal basis.

It can also be used to record preferred communication methods, and hence the types of processing relevant to this contact.

The appropriate list of choices is dependent on your business processes and so the list should be customised as required.
It may be useful to filter on this field for certain reports.
Legal basis for processing this contact

Multi-Select Dropdown

- Performance of Contract
- Legitimate Interests
- Legal Obligation
- Public Task Vital Interests
- Consent

In most circumstances only the most appropriate legal basis should be selected.The list of choices is locked down to those specified within the GDPR legislation.
Some options are only relevant to certain sectors. See the ICO website for more details.
If the only applicable legal basis is “Consent” then the following fields should be populated to ensure compliance with the GDPR
Date that Consent was given of confirmedDate pickerYou should record when Consent was given. Consent should be periodically confirmed, and this date updated each time.Keep consent under review and refresh it if anything changes.
In what ways was consent given?Multi-Select DropdownRecord evidence of consent. You may need to show how consent was given if someone queries it.The appropriate list of choices is dependent on your business processes and so the list should be customised as required.
Employee / Agent who received the consentFree Text (short)In case of queries by the data subject, you may wish to record who captured the consent.This could be a linked field if required but is left as free text by default to allow flexibility.
Notes regarding consent confirmationFree Text (long)Supplementary notes fieldThis field could also be useful for recording justification for the legal basis choice.
These fields relate to the actionable requests that individuals have under the GDPR and may be useful in tracking when requests have been received.
Subject Access Request Received?Yes / NoThis field can be used to report how many contacts have formally requested a copy of their personal data.The actions required for dealing with a SAR are outside of Rapport, but it may be useful to record the events here for reporting purposes
Subject Access Request DateDate pickerThis date defines when the legal clock starts for responding to a SAR within the prescribed time.In practice, this may be later than when the request was first received due to delays in confirming who they are and what type of data they want.
Subject Access Request Actioned DateDate pickerThis can be used to record when the legal clock stops because the SAR has been responded to.Useful for reporting purposes
Request for Erasure Received?Yes / NoThis field can be used to log that a contact wishes to have their personal data erasedDepending on the circumstances, this request may be denied. The record could be manually anonymised or deleted completely.
Request for Erasure DateDate pickerThis field can be used for reporting to clean or delete records after the appropriate amount of time has passed. There is no need for an actioned date since once the erasure has been actioned, the contact would not be identifiable.If a request is going to be accepted, it should be done within a reasonable amount of time.
Request to Restrict Processing Received?Yes / NoThis field can be used to log that a contact has requested a restriction in the processing of their data. This could mean they are happy for their data to be stored, but do not wish to receive certain communications.Depending on the circumstances, this request may be denied
in part, e.g. if the processing is necessary in the performance of a contract.
Request to Restrict Processing DateDate pickerThis field can be used to record when the request to restrict processing was received.If a request is going to be accepted, it should be done within a reasonable amount of time.

Report

  • Alongside the Data Privacy tab on the Contacts module, a new grid report has been provided (“Data Privacy Report”). This report provides a list of all the data privacy records alongside the Contact Name and the ‘Source’ field from the Market Info tab.
  • In conjunction with the existing filtering controls, this report should provide visibility of data privacy compliance for all contacts stored within Rapport.

Contact Retention

  • This panel on the Contacts dashboard allows you to review and capture the retention status of your contacts. Clicking an option saves it automatically. Please note that the ‘Mark for Deletion’ option will only set the status as such, and the contact will still need to be deleted manually or anonymised using the tool described later.
  • You can use the retention status in the existing filter to review contacts, or run reports:

Control Panel Tools

  • There are two new control panel tools to allow you to anonymise Contact and HR data:
  • These tools allow you to anonymise fields that you have designated as containing Personally Identifiable Information (PII). The internal id of the record is retained in Rapport, but there will no longer be any way to identify who the record relates to. This allows job costing and data integrity to be preserved – for example, when a member of staff is anonymised their timesheet values will be retained but it will not be possible to identify the individual.


*Please note: you will need to identify and configure the fields which contain PII before running these tools:

see the “Identifying Personally Identifiable Information” section at the end of this document.


Anonymise Contacts

  • This tool allows you to select a shortlist of contacts to bulk anonymise:
  • Example: you could search for contacts where ‘Retain Contact Details’ has been set to Delete, or where a request for erasure has been received.
  • Once you have identified the shortlist of contacts to update and can update them 25 at a time. On the right-hand panel in Step 2.


*Please Note: the data is anonymised immediately and will no longer be accessible on the system. This action cannot be undone. If you make a mistake, please contact the support team as a matter of urgency. For a very limited time, we retain a backup which can be restored by the support team in the event of an accidental erasure.


Anonymise Staff

  • This tool works in the same way as the Anonymise Contacts tool. In this case, the existing filter allows you to filter the staff list, for example by final leaving date.

*Please Note: the data is anonymised immediately and will no longer be accessible on the system. This action cannot be undone. If you make a mistake, please contact the support team as a matter of urgency. For a very limited time, we retain a backup that can be restored by the support team in the event of accidental erasure.


Identify Personally Identifiable Information

  • To use the anonymisation tools, you must identify the fields in your system which you believe to contain Personally Identifiable Information (PII). This is a two-step process:
    • Flag the field as containing PII
    • Provide a string that will replace the field value (eg “Anon First Name”)
  • It is important that you have full control of this process: these tools are provided to help you, but the decisions about the data are yours.
  • This task needs to be completed by a user with Administrator rights. First, click on the spanner in the top right. You can then review the Contact and HR tabs, clicking the spanner next to the fields which you want to flag as containing PII:
  • On some pages (eg Contacts, Business Development), the spanner will be on the top right of the tab:
  • There are two new fields to complete on the field edit screen:
  • This applies to fields in the following tabs:
    • Contacts: Detail
    • Contacts: Business Development
    • Contacts: Marketing Info
    • Contacts: Data Privacy
    • HR: Detail
    • HR: Career History
    • HR: Benefits
    • HR: Project Rates
    • HR: Personal
    • HR: Skill Base
    • HR: CPD
    • HR: Documents
    • HR: Performance Review
    • HR: Employee Relations


This is an administrator’s tool and should be used with caution.


*Please note: only text fields should be set up as containing PII. If the date, numeric, or dropdown fields are selected, then this will not cause any problems for regular users of the system, but the anonymisation tools will error. In addition, it is not possible to anonymise the contents of any uploaded documents or to automatically remove them. This is not generally an issue for Contacts, but when anonymising staff, you may need to complete a manual check and delete uploaded documents in the HR section.


Necessary Further Reading

Please note that none of this release note should be construed as legal advice and is no substitute for professional legal advice. Team Cubic recommendsthe  that users of Rapport conduct further research from sources such as the ICO website to help determine what is appropriate for their circumstances and seek specialist advice if necessary.