100% GDPR Conformity with odoo Enterprise
The General Data Protection Regulation is a great achievement of European legislation in restoring rights of individuals to their personal information in the information age. This GDPR introduces strict rules that regulate the collection, storage and use of personal user data. The aim of this regulation is to ensure consistent and high level of data protection that your company controls and processes.
This briefing gives odoo users an overview of the Regulation and it’s impact on managing the data in your own corporation.
Provisions of GDPR
Strengthen and unify data-protection for all individuals living in the European Union.
Regulates the export of personal data outside the EU.
Granting rights to personal data to the individual to whom it belonged anyways.
Final Date to Attain Compliance
Companies doing business in the European Union must ensure GDPR-compliance by 25.05.2018.
Companies That Must Comply to GDPR
All companies that store or process personal information about EU citizens have an obligation to comply to this regulation. This includes data about every person stored in the Contacts app of your odoo installation.
Companies that are headquartered and run their business in some of the EU countries;
Companies that are not physically located in the EU but run a business that involves storing and processing personal data of EU citizens.
Companies that offer products and services on the EU market, even though they are not located on its territory.
Choice of Software Service Providers
Every company is dependent on Information Technology. Hence it very important to choose IT service-providers who comply with the GDPR. It is particularly important that customer/users data is:
Stored physically on servers within the EU;
Not transferred without the consent of the user/customer outside the EU.
odoo Compliance with GDPR
odoo Enterprise, the most used edition in commercial enterprises, is GDPR-compliant as long as it is hosted at data centers (Rechenzentrum) within the European Union. It is thereby important that as a technology-user, your company (as the soc. data controller and data-processor), takes the protection of your customers’ and users’ data particularly serious. Data in the Contacts app and the Recruitment app are particularly sensitive.
Above holds for companies using odoo Community Edition just the same.
Please ensure that backup data-centers you use (ex. Google Cloud or Amazon Webservices, AWS) guarantee compliance as well.
For GDPR compliance of odoo Online, please consult odoo S. A. directly.
E-Commerce Merchants should take particular care about the GDPR since online-customers are exactly the private-citizens whose data this European Union legislation aims to protect.
Legal Framework for Online-Merchants in Germany
Do you wish to understand your obligations as an online-merchant closer. These are the laws you must comply with:
GDPR – General Data Protection Regulation
BDSG - Federal Data Protection Act