The Paribus Interactive Service and its GDPR Compliance

For customers using the Paribus Interactive service, where GDPR compliance is a consideration, this article covers the key questions you may have.

What data does the service have access to?

The data set that we synchronise to our Paribus Interactive service is restricted to the Account, Contact, Lead and Address entities within Microsoft Dynamics 365.  Within these entities there is a subset of the attributes. Only Active records are synced across so anything that has been deactivated will not be synchronised by our service. A record that becomes deactivated will be removed automatically.

Clearly, any data that is in these entities should be already in line with whatever your companies GDPR policies are, in terms of storing name, address etc. or any particular attribute of an individual.

Is there any other person-related data held like emails, orders, activities, etc.

No, there is no other “transactional” or related data held within Paribus Interactive.

What happens to historical backups/archived data within Paribus Interactive?

There are no backups taken of the data.  When a record is added, updated, deleted these changes are reflected in the synced data within the time period set in your configuration, normally an hour or less.

For example, the GDPR requirements are for a person to request to be “forgotten”, deleting this record in CRM will directly lead to the deletion in the Paribus Interactive service.

Should the data need to be recovered for the service, it is a simple action of running a resync.

How is my data secured?

The service is secured via various methods and technologies.  Details of the security applied to the service is available here.

See the Paribus Help Center User Guidelines for important considerations of use.