Customer Consent Dynamics 365 Can We Stay In Touch? Managing Customer Consent In Dynamics 365

Compliance is an essential aspect of data management. Since CRM systems contain large amounts of customer information, they have to be well secured.  Sometimes legislation can introduce new requirements that require a change to your systems. Here, a simple custom-built solution can help. This article examines such a case, specifically built for managing customer consent. 

In 2018, the European Union issued a regulation called GDPR. The new rules forced organizations to review how they store use customer data. In many cases, it was necessary to add additional security for customer data, access and procedures.  

The new regulations require that organizations define how to collect and use communication consent in order to provide customers with services and special offers. Organizations must enable their systems to securely collect and disseminate consent throughout the enterprise, ideally without having to add costly and complex third-party solutions

Project objectives 

Our client was a perfect case of a company that required an easy way to collect and process communication consents.  

They wanted to ensure their compliance with GDPR. Because they already have Dynamics 365, we recommended building a custom set of add-ons. A few key functions of the solutions include the following: 

• Handling customer consent
• Managing customer master data 
• Exposing a customer API in order to connect with external partners and systems. 

The piece of the module responsible for consent management had the following requirements:

• Needed to allow consent versioning. Our client has to know the version of terms and conditions (or other documents/services) that was accepted by the customer;
• Had to manage consent requirements in order to control which customer data is being processed and how; 
• Needed to share information about the given consents with other systems. 

How does it work? 

The template allows us to only have one version of a document or service to approve available for customers in an external source, such as an e-commerce store.  Whenever you publish some changes within, e.g., consent to the processing of personal data the client is automatically informed about these changes. 

Thanks to this feature, we can manage communication consents in one place. 

Consent document card (click to view full size)

Regardless of the source, we always end up with new or updated customer data. By using the template, we can easily determine the version of the document or service that the customer has agreed to. 

The customer card lists the consents, including document version, that the customer has granted or rejected. 

Customer consent record (click to view full size)

Because the CRM shares details of consents granted by customers in other systems, all departments, such as operations, finance or marketing, have this information and can use customer data as per their agreements.

Updating customer agreements 

I think the function of updating customer agreements deserves some attention because it helps to better manage consent updates.  At times we need to change the terms and conditions or documents without asking customer beforehand (e.g., if the wording changes).  The simplest way to manage this is to update the template version and publish a new one.  The system will then notify all customers about the changes to terms and conditions, and mark them as “agreed” by default. Once notified, the customers can review the new terms and possibly revoke their consent.

The right to be forgotten 

A specific request among customer consents is the right to be forgotten. If a customer submits a request to be forgotten, we need to anonymize their data in all systems.  While some systems may be integrated, others may be independent and may not share data. In these cases, we created a function that notifies the systems administrator. They can manually anonymize contact data and on completion, confirm this in CRM. 

This approach ensures that we anonymize all customer data. We can also confirm this automatically in the CRM. 

Data anonymization request (click to view full size)

The contact card also shows us when the information was anonymized. 

Data anonymization record (click to view full size)

Summary

A simple custom add-on integrated with your CRM will ensure that your organization complies with the current legislation. Additionally, it facilitates automation across your systems, thus simplifying data management.  

The above example is just a short description of what you can do to introduce new compliance-oriented features to your CRM. Do you need a solution for handling your customer data? Contact us, and we can help you design one!