Introduction to Compliance Records

The Compliance record has been created in Workbooks to help you achieve and maintain compliance with data protection legislations such as General Data Protection Regulations (GDPR) and the EU ePrivacy Directive.

Under Article 6 of the European Union’s GDPR there is now an obligation to ensure that you have lawful grounds to process personal data.  The regulations define six legal grounds for processing personal data, these are:

• Consent given freely and unambiguously by the data subject
• Processing is necessary for the performance of a contract to which the data subject is a party
• Processing is necessary for compliance with a legal obligation of the data controller
• Processing is necessary to protect the vital interests of the data subject
• Processing is necessary for the performance of a task carried out in the public interest
• Processing is necessary for the purpose of legitimate interests pursued by the data controller

 The above descriptions have been shortened for brevity. We would recommend that you review Article 6 itself for more details. 
 
The Compliance record in Workbooks has been designed to enable you to record the legal grounds under which you are processing personal data, if you want to use Workbooks to record your GDPR Compliance. 

What are Compliance Records?

Compliance records are simply another Record Type in Workbooks which are related to People & Lead records.From a Compliance record you can:

• Record the legal grounds e.g. Consent.
• Record the start and expiry date of Consent.  Best practice when using consent is to expire it after a reasonable period – the ICO in the UK recommend 2 years.
• Record what the purpose of consent was. E.g. Consent to process the data to receive details of a specific product or service. 
• Record the method by which consent was obtained. E.g. Webform, phone, etc.
• Add attachments so you can store additional information or upload screenshots or images if appropriate. 

They can be created directly from the respective Person or Lead record, via a Bulk Action on People or Lead Landing Pages, or can be found in the Marketing area from the Start Menu. 

Compliance records have been given statuses of True or False: True for when their compliance is active and False for when inactive. For example, if you have a Compliance record that shows that consent was given, but it has since expired or was revoked by a User, then the status of the Compliance would change from True to False.

It is possible to have multiple Compliance records against a Person or Lead Record. This records a history of compliance you have been given, with the most recent record taking precedence. 

The Status of these can be seen on the Form Layout of the Person or Lead Record as well as on their respective Landing Pages:

You can report on the information stored here, which then allows you to build Dynamic Mailing Lists within Workbooks that contain only the People or Leads that you are able to demonstrate compliance for.

You can also tailor the Compliance record to your processes by adding Custom Fields and using Form Layouts.