The customer is a digital bank for business owners. Its mission is to help businesses thrive by providing intelligent, simple, and speedy finance solutions - designed from the ground up. They have answers to support business owners, offer loans for entrepreneurs, and introduce lending partners. Since the client is a financial institution operating in the EU, it must comply with the GDPR requirements.The primary goal of imposing GDPR was to enhance individuals' control and rights over their data and simplify the international business regulatory environment.Besides, one of the significant obligations of the institutions imposed by the GDPR at banks and financial institutions is to implement a database of personal data processing activities. At any time, the customer has the right to withdraw their consent to use their data, which must be put on the record by banks. The customer should also have an easy way to do so.
The customer requested to aid them in assuring GDPR compliance. They were transitioning to Salesforce; therefore, all the customer data was being migrated to Salesforce from the old CRM system. In their case, Salesforce was meant to become a master repository of customer data; thus, it was essential to have appropriate processes that would allow them to protect the personal data to the greatest extent and process it by the guidelines of the regulation. In addition, each change of customer data within the system should be tracked and retrieved/reported if needed.
Our team was involved from the beginning and participated in the company's Solution Design for the GDPR process. During this stage, we were focused on implementing as many standard features for this case as possible. In addition, the solution had to be easily maintainable so that any admin could change the retention period or other settings reasonably quickly and without significant efforts from the developer’s side.Thus the team used the Platform Shield Encryption to secure sensitive customer data, meaning that data was safely stored. Even if anybody were to steal it, it would become encrypted. To track any changes in customer data, the team has implemented the standard Salesforce Field Tracking History, which ensures full compliance with the requirements.
After the job, the company felt they were in good shape in fighting data breaches. Even if a data breach were to happen, the company has enforced substantial data privacy protocols and will be better positioned to respond appropriately, retain customers and recover from the negative consequences.Other bank departments have reviewed the solution and were satisfied with the results since the overarching goal was to ensure customer data privacy, which was achieved. They have assessed the security measures to protect customer information and marked them as outstanding.
Financial Services Cloud
Shield Platform Encryption
Apex, Platform Events, Flows