GDPR
Discover how Axelor complies with the European GDPR regulation by aligning its solutions with the new regulations.
What is GDPR?
The General Data Protection Regulation is the European reference text regarding the processing and protection of individuals’ data within the European Union. This regulation was adopted by European authorities in 2016, and its provisions have been applicable since May 25, 2018. As summarized by the CNIL, GDPR has three main objectives:
– More effectively protect individuals’ personal data and strengthen their rights,
– Make companies processing this data more responsible,
– Enhance the credibility of regulation by facilitating cooperation between authorities and strengthening sanctions for non-compliance.
In case of GDPR non-compliance, the prescribed sanctions can range, depending on the category of the offense, up to 20 million euros or 4% of the global turnover, with the higher amount being retained.
Measures implemented by Axelor
Protecting personal data
Customer, employee, and all other sensitive data in the Cloud ERP are secured, and the servers are protected. These are standard security measures already built into the software. Our solutions also benefit from advanced access rights management.
Comprehensive audit of ERP and personal data access
The solution ensures traceability of all accesses to data in the Open Source ERP:
– Who has access to the data?
– What data does each user have access to?
– What types of access do users have?
– When did users access the data? This provides you with a history and traceability of all data modifications.
Vous avez ainsi accès à un historique et une traçabilité de toutes les modifications de données.
Right to data portability
Following the GDPR enforcement, individuals have the right to request from a company all the personal data transmitted to it and in its possession. With the ERP, you can extract all information held about a person with a single click, making it easy to respond to such requests.
Right to be forgotten
As stipulated in the regulation, an individual has the right to request the erasure of all personal data concerning them.
In case of a request, we integrate a feature that allows you to easily delete all personal data in the software.
If it’s data that cannot be deleted because you need to keep an archive or they are necessary for the company’s proper functioning (such as an invoice), they are anonymized.
Advantages of an ERP for data processing under GDPR:
– Most of the company’s data is centralized within an ERP, making processing easier than if spread across multiple software.
– Access rights management is centralized. Administration and traceability are thus simplified.
– You have full control of your data and can more easily enforce regulations. If you use a Cloud ERP, data protection is facilitated.
The editor takes care of your data’s security with highly secure servers, and regular automatic security updates are applied. The editor takes care of your data’s security with highly secure servers, and regular automatic security updates are applied.
If the ERP is hosted on your own servers, Axelor provides you with the technical means to meet all requirements within the GDPR framework.
But the tool cannot do all the work; you also need to be familiar with the regulations and ensure that your organization complies with the standard.