CRM & Co.

Leaving consent where it is, in the company’s existing applications, or worse, centralising it in a CRM is never a good idea.

No tool that is not specifically designed for Cyber Data Protection can really protect the company (and often causes irreparable damage!).

CRM is designed to exploit personal data,
not to protect it.

And like CRM, all other tools that are designed for business cannot play a ‘double game’ in full conflict of interest: exploiting and protecting personal data at the same time (in case of inspection, how can they be credible in the secondary role of ‘Data Protector’?).

Even though at a superficial analysis this shortcut may seem harmless, with CRM, and in general with all other applications, the protection of the company may be compromised without it being possible to realise it, at least until the “moment of truth”, during the inspection, when the evidence and information necessary for one’s defence prove to be inadequate or absent and the CIO finds himself having to justify the contested Data Protection rules to the Authorities (and to the company).

Considering also that every time the CRM is updated, the company runs the risk of having to revise or lose all customisation altogether, leaving it uncovered and wiping out the investment made,

Using CRM & similar software alternatives to manage consents is not a good idea.

9+1 critical issues when using CRM
to manage your customers’ privacy

Using CRM & similar software alternatives to manage consents is not a good idea.
What can you do?

Why keep the criticality of Consent management in-house
when it is better to outsource it to PrivacyOS?