GDPR is a regulation that requires businesses to protect the personal data and privacy of European citizens for transactions that occur within European Union member states.
If you currently collect personal customer data using your Ascend system, rest assured that you are equipped to easily comply with any deletion, correction, production, or copy request.
What does GDPR stand for?
General Data Protection Regulation
What types of personal data does the GDPR protect?
The GDPR protects a wide range of personal data. It also grants individuals "the right to be forgotten" and the ability to request a copy of their personal data from organizations that have collected it.
Note: If a customer owes money or local law requires accounting record retention, you likely should not delete most data. Please consult your attorney. Once changes are made to the Customer Record, they cannot be undone.
Complying with a request from a customer to provide them with a copy of their personal data
All personally identifiable information for individual customers can be found on their Customer Record in Database Explorer.
To provide customers with a physical copy:
- First, verify the customer's identity by asking for a valid form of identification. For example, ask to see a government issued ID card.
- Navigate to View > Customers from the Ascend Desktop.
- Search for the Customer Record using the dropdown menu to narrow down your results by fields like first name, email address, or phone number.
- Highlight the Customer Record you'd like to view and click Preview to generate a PDF copy.
- Click Print to print a copy to your default report printer.
To provide customers with a digital copy:
- First, verify the customer's identity by asking for a valid form of identification. For example, ask to see a government issued ID card.
- Navigate to View > Customers from the Ascend Desktop.
- Search for the Customer Record using the dropdown menu to narrow down your results by fields like first name, email address, or phone number.
- Double-click the Customer Record you'd like to view and make note of the customer's Account Number or Email address.
- From the SQL Query window, run the GDPR Individual Customer Record Fields export query and enter the customer's unique Account Number or Email address when prompted.
- Click Email to send a XLSX copy directly from Ascend. Or click Export to select between CSV or XLSX file types and save it to a local folder or removable drive.
Note: Custom queries can be saved in Ascend for easy access from Reports after running them for the first time. To learn more about using and saving custom queries, check out the Additional Resources link below.
Complying with a request from a customer to remove their personal data from your database
If you've used Ascend to collect customer data, it's really easy to remove or edit personal details to honor a customer's request.
Warning: If a customer owes money or local law requires accounting record retention, you likely should not delete most data. Please consult your attorney. Once changes are made to the Customer Record, they cannot be undone. If would still like to proceed, simply:
- Verify the customer's identity by asking for a valid form of identification. For example, ask to see a government issued ID card.
- Navigate to View > Customers from the Ascend Desktop.
- Search for the Customer Record using the dropdown menu to narrow down your results by fields like first name, email address, or phone number.
- Double-click on the Customer Record you'd like to edit and replace all identifying information with anonymous data by typing random alphanumeric characters.
- Click Save to record your changes.
Note: Any Customer Record can be hidden in Ascend by clicking the Remove icon in Database Explorer after selecting the desired customer. Customer Records can be unhidden at anytime. While hiding a Customer Record removes them from your search results, this method does not delete the data and would not comply with a request to be forgotten.
For your consideration
We'd love to tell you that you should just delete customer data anytime you get a request to do so, but unfortunately it's not that easy. For example, you may be required by local law to keep a record of a transaction. Please check all applicable local and state laws to verify what your business needs to do to remain compliant.
Here are a few other things to keep in mind:
- Ascend customer data is directly tied to sales made with your system. Altering Customer Records may prevent you from identifying customers should you need to contact them in the future, even for recalls.
- You might be putting yourself at risk of violating other, possibly conflicting local laws or accounting record requirements.
- Altering customer data might limit the information you can access within certain transaction records.
Need more help? Click here to contact our support team by submitting a ticket.
Additional Resources
Website: GDPR from European Commission
Please note that the information contained on this page does not constitute legal advice. Any person or business who might be affected by GDPR should verify the information and obtain independent professional advice if required.
KB22-068