GDPR Features in Administration

Introduction

Easy Software takes personal data protection seriously. The European regulation known as the General Data Protection Regulation (GDPR) presents compliance challenges for all organizations. Easy8 provides tools that help clients fulfill their duties as data processors effectively. Easy8 is fully GDPR-ready and includes built-in features for anonymization, visibility control, authentication policies, and data access auditing.

Target audience

• Administrator

Overview of GDPR Features

Account and User Anonymization

This feature allows sensitive personal data in user and account records to be hidden or erased without deleting the entire record.

• Affected entities: Personal accounts, company accounts, user profiles, stakeholders, leads.
• Custom fields can be marked with the setting Clear when anonymize.
• Required fields are replaced with generic strings like "Anonymized", "Anonymized account", or "Anonymized User".
• Anonymization cannot be reversed and should be used with caution.

How to use:

1. Go to Administration → Custom fields
2. Choose category: Accounts or Users
3. Edit a field and enable Clear when anonymize
4. Select the records to anonymize → Right-click → Anonymize
5. Alternatively, use the Anonymize button in a user profile or stakeholder detail view

Password Policy

Password strength and expiration rules are managed in the Authentication Settings.

• Set minimum length and expiration interval
• Require character types (upper, lower, number, symbol)

Two-Factor Authentication (2FA)

2FA can be enforced for all users to enhance login security. This is also managed in the Authentication Settings.

Special Visibility for Custom Fields and Account Fields

You can limit visibility of sensitive fields to selected users, groups, or user types.

• For custom fields:
  • Go to Administration → Custom fields
  • Edit field → Enable Special visibility
  • Set visibility by user, group, or user type
• For default account fields:
  • Go to CRM → Accounts → More → Settings → Field settings

Note: Only visible data will appear in exports.

Request and Download Logs

All data download and export events are logged for audit purposes.

1. Go to Administration → Easy logs
2. Locate the log and use the Download button

Session Expiration

To reduce risk of unauthorized access, configure session timeouts:

1. Go to Administration → Settings → Authentication
2. Set:
   • Session maximum lifetime
   • Session inactivity timeout

Account and Contact Visibility

Visibility settings control who can view account and contact data:

• Go to Administration → Roles and permissions
• Set Account visibility for each role:
  • All accounts
  • Created by/assigned to the user
  • Created by user
  • Assigned to the user
• Set which roles can anonymize accounts, leads, stakeholders

For personal contacts:

• Go to Administration → User types
• Set Visible personal contact types (All or specific types)

Summary

Easy8 includes a comprehensive suite of GDPR compliance tools. From anonymizing personal data and enforcing secure authentication to managing visibility and logging data access, the platform supports responsible data handling across all levels. These tools are easily accessible to administrators and can be tailored to your internal policies.

Further reading

• User Management in Administration (Explanation)
• Authentication Settings in Administration (Explanation)
• LDAP Authentication (Explanation)