Articles in this section

Help Center

Avatar
Rebecca
  • Updated
Follow

Overview

The General Data Protection Regulation (GDPR) strengthens the rights of the individual over personal data. Enacted in May of 2018, the GDPR is the most comprehensive such regulation yet, so if you are doing any sort of business with anyone based in the European Union (EU), then you will need to ensure you are compliant. Failure to do so can incur a hefty penalty - up to 4% of your global revenue!

As a global market leader, with offices, development centers, and customers on three continents, including the EU, Zift Solutions places great importance on data security compliance, and features that support the need of international businesses. We have reviewed both our data processing procedures and our product features to ensure that we continue to provide the best possible service to you.

Our products support data privacy requirements by design, and most of the requirements for GDPR compliance are already included in the Zift Platform. We’ve also added new features and processes to ensure we’re playing our part to meet GDPR compliance.

In this article, we describe how Zift PRM makes it easy to comply with EU data protection legislation.

Contents

Zift PRM Application

Our products are designed for self-management of personal data by all involved individuals, enabling compliance in this area with no administrative effort. Should an individual partner contact request access to, modification or erasure of any personal data or the restriction of processing under the GDPR regulations, this can easily be performed within the application. Additionally, the application supports the export of personal data records on request – another key data privacy requirement.

During or prior to data capture, individuals can be asked to confirm their acceptance of Terms and Conditions of Use, Data Processing Consent, Marketing Subscriptions, etc. These features are fully configurable and administrators and users can insert their own language as required. A full audit trail of these acceptances is maintained and can be reported.

Zift Solutions’ to-partner marketing features include fully automated opt-in subscription management, to ensure that your marketing team and outreach are in compliance with GDPR and partner subscriptions preferences at all times. This feature is standard for all Marketing customers.

To further support GDPR compliance, Zift PRM includes the following GDPR-specific features:

  • All entry forms for personal data include a mandatory Data Processing Consent Checkbox, to ensure that partners and other contacts are opting into your Data Processing Policy. This includes data entry forms for:
    • Partner Registration
    • Add/Edit new Person
    • Add/Edit new Lead or Opportunity
    • Partner Locator Request Form
    • Web-to-Lead Form
  • Data Processing Consent policy text customization with data entry forms, in multiple languages.
  • An administrative report for Data Controllers to “View Data Processing Consent.” This includes the source, date of consent and exact text that was accepted by each individual.
  • For To-Partner Marketing, Subscription Consent requires all individuals to opt-in to direct marketing.
  • Facilitating the GDPR right to the erasure of data. Zift PRM will execute requests under the GDPR "Right to Erasure" of data on written request from the data controller.

Back To Top

Zift PRM Terms and Conditions of Use

Zift Terms and Conditions were updated in 2018 and 2019 to adhere to GDPR - General Data Protection Regulations.

We made these changes to outline both your company’s, as well as Zift Solutions’ responsibilities and compliance obligations when it comes to maintaining the privacy and security of all customer data. Zift’s updates to its Terms and Conditions cover the following:

2019

  • Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Role of Parties section - Company shall process personal data in compliance with all laws applicable to it as a Processor of Personal Data, including GDPR and the e-Privacy Directive or its successor regulation.
  • Updated: Additional Terms Applicable to Personal Data Subject to GDPR, Processing Scope and Duration section - ...analytics information, such as cookie IDs, internet usage, and engagement with communications;...

2018

  • Use of Data – Your contacts remain under the sole ownership of your company, and will not be shared with any other third party. We’ll only use your data to provide services to you and will only transfer data to a third-party with your permission.
  • International Data Transfer – Your company is classified as the “data controller,” in which case, it is your company’s responsibility to ensure you have the necessary permissions to store each of your contacts’ information. s a “data processor,” Zift ensures the security of your contact data accordingly.

The changes noted above are just the highlights. Be sure to review the full Terms and Conditions here to make sure you understand it. You can request electronically signed copies of the Zift Terms and Conditions for your records by submitting this request form.

Questions? Email us at support@ziftsolutions.com

Back To Top

Privacy Policy

Zift follows Privacy Shield compliant processes to ensure your data is managed as securely as possible. Our Privacy Policy is available for review. 

Additionally, as a Data Processor, we have provided policy information that you can include in your own website's policy statement.

You may stop communications using the opt-out feature included in the messages and prevent the storage of cookies using browser settings.

Back To Top

Frequently Asked Questions

Configuration and Set-Up

Q. How can I update my Portal Terms & Conditions text?

Portal Terms and Conditions are stored in a Phrase with TextID: TermsAndConditionsText To amend the text associated with this phrase view the Translations information.

Q. How can I change my Portal Privacy Policy?

If your Privacy policy is stored as text on a Portal page, follow the instructions for editing a Portal Page.

Q. How can I add my Data Processing Consent text?

Modify the stored translation for the DataConsent_PartnerText phrase under  PRM Admin > Portal and CMS > Translations. Use the phrase TermsAndConitionsText as the Phrase Identifier.

Q. How can I add a Data Processing Consent Checkbox to a Screen?

There are two Profiles that capture Data Processing Consent: Per_PartnerbyUserConsent and Per_PartnerConsent. Per_PartnerbyUserConsent is used when the Partner's consent has been obtained off-line. Per_PartnerConsent is used to capture the Partner's consent status directly from the Partner. These are pre-configured on the My Profile Screen. You should copy and paste the definition of that part of the screen if you wish to move the consent control to another page.

Respond to GDPR Requests from Individuals

Q. How can my partners view and update their personal data?

The My Profile (Portal) page allows a portal user to view and modify their information. This is also where a portal user can unsubscribe from marketing emails.

Q. How can I view and update their personal data?

Supplier users can also access the My Profile page on the Portal. Alternatively, they can access the user data screens through the 3-panel view and modify the information as needed there.

Q. How can I review the data Modification Register for any individual?

You can view the account modification history, on the 3-panel view.

Q. How can I stop processing data related to an individual at their request?

Set the user as inactive to stop processing data.

To-Partner Marketing Consent

Q. How can an individual unsubscribe from Marketing Communications?

The My Profile (Portal) page allows a portal user to view and modify their information. This is also where a Portal user can unsubscribe from marketing emails.

Q. How do I add an Unsubscribe link to Marketing Communication?

Uncheck the appropriate boxes on your My Profile page.

Through-Partner Marketing Consent GDPR Personal Data Management

Q. How can I review my partners’ data processing consent?

This information is listed in the GDPR Data Processing Consent Report. This is accessed by opening the user information in the 3-panel view, clicking More and clicking on Consent Report.

Q. How can I export the personal data relating to an individual?

Use the Export tool to create an export of their data.

Q. How can I request the anonymization of personal data, based on a request from an individual?

Any requests for anonymization of personal data can be made by clicking Control My Data and providing the individual's email information. You will be prompted to select anonymize the information or unsubscribe from being contacted by suppliers.

Q. How can I request data disposal at the end of my contract?

Requests should be submitted in writing to your Customer Success Manager.

Q. How can I request database export at the end of my contract?

Requests should be submitted to the Zift Support team.

Subprocessors

Zift Solutions, Inc., Relayware, Inc., Relayware Ltd., Elastic Digital Pty Ltd. rely on certain subprocessors to provide you with our Services. Pursuant to the European General Data Protection Data Regulation (GDPR), which went into effect on May 25, 2018, has established an online listing http://ref.ziftsolutions.com/subprocessors.html so that you can check it at any time. Subsequent changes to subprocessors will be available via the same link.

Back To Top

Additional Resources

  • Full details about the GDPR on the GDPR portal
  • Our blog post on Channel Chatter, GDPR Made Simple
  • Or if you have specific questions, contact your legal counsel

Back To Top

Related articles

Comments

0 comments

Please sign in to leave a comment.

© 2023 Zift Solutions, Inc.
Powered by Zendesk