Discover how Axelor complies with the European GDPR regulation by bringing its solutions in line with the new regulations.
What is GDPR ?
The General Data Protection Regulation is the European reference text on data processing and data protection for individuals within the European Union.
This regulation was adopted by the European authorities in 2016 and its measures will apply from May 25, 2018.
The GDPR has three main objectives :
– Protect individuals’ personal data more effectively and strengthen people rights,
– Make aware the companies that process this data of its responsibilities,
– Give credibility to regulatory by facilitating cooperation between authorities and strengthening penalties for non-compliance.
In the event of non-compliance with the GDPR, the penalties provided may be up to 20 million euros or 4% of global turnover, depending on the category of offense, the highest amount being retained.
The measures put in place by Axelor
Protect personal data
Data from customers, employees and all other sensitive data in the ERP are secure and servers are protected. These are classic security measures that are already implemented natively in the software.
Our solutions also benefit from advanced access rights management.
Full audit of access to ERP and personal data
The solution will guarantee the traceability of all access to the data present in the ERP :
– Who has access to the data ?
– What data does each user have access to ?
– What types of access do users have ?
– When did users have access to the data ?
This gives you access to a history and traceability of all data changes.
The right to portability of personal data
Following the entry into effect of the GDPR, individuals will have the right to ask a company for any personal data that has been transmitted to them and that are in their possession.
You will thus be able to extract all the information held on a person in the ERP by clicking on a single button, allowing you to easily answer such requests.
Right to be forgotten
As stipulated in the regulation, a person has the right to ask the controller to erase all personal data concerning him/her.
In case of request, we integrate a feature that allows you to easily delete all personal data in the software.
If it is data that can not be deleted because you have to keep an archive or they are necessary for the proper functioning of the company (an invoice for example), they will be anonymized.
The benefits of an ERP for processing data under the GDPR :
– Most of the company’s data is centralized within an ERP making it easier to process than if it were in multiple softwares.
– The management of access rights is centralized. Administration and traceability are thus simplified.
– This gives you complete control of your data and you can more easily apply the regulations.
If you use a cloud ERP, protecting your data will be easier. The publisher takes care of the security of your data thanks to servers with a very high level of security and regular and automatic security updates are applied.
If the ERP is hosted on your own servers, Axelor will provide you the technical means to meet all the requirements required under the GDPR.
But the tool can not do all the work, you will also need to know the regulations and to check that your organization meets the standard correctly.