EDA Product Information for GDPR

Product Information for GDPR

Details about European Union (E.U.) General Data Protection Regulation (GDPR) compliance for Salesforce and Salesforce.org products including Education Data Architecture.

The European Union (E.U.) General Data Protection Regulation (GDPR) was passed in 2016 with the intent of harmonizing European data protection laws into a single set of rules, while setting a new global gold standard for data protection and privacy. In effect on May 25, 2018, the GDPR is one of the most comprehensive and strictest regulations of its kind in the world.

At its core, the GDPR boils down to three key pillars:

• Security: Keep data safe and secure, and prevent unauthorized access or processing.
• Accountability: Require companies to be accountable and transparent in how they collect, process, and protect personal data.
• Individual Rights: Put control back into the hands of the individual to determine how their data is collected and used, such that companies are expected to process personal data on the individual’s terms.

If you process personal data related to your organization’s establishment within the European Union (E.U.), from or about persons within the E.U. or outside of the E.U. but where E.U. law applies, you may be subject to the GDPR. We advise you to consult with legal professionals to determine whether your company falls under GDPR requirements.

Salesforce has provided extensive information on its website with guidance to help accelerate your GDPR compliance journey within Salesforce, including for the Salesforce Platform, Sales Cloud, Service Cloud, Community Cloud, Marketing Cloud, Commerce Cloud, and Pardot.

Salesforce.org has similarly analyzed our products built on the Salesforce Platform against GDPR requirements, identified and deployed enhancements, and generated documentation to help our customers meet their compliance objectives. As such, the following documentation is intended to supplement the guidance provided by Salesforce with use cases, examples, tips, and other considerations specific to our applications, including the Nonprofit Success Pack (NPSP), Volunteers for Salesforce (V4S), Education Data Architecture (EDA), and Student Success Hub (SSH).

As an important reminder, while the information provided here and from Salesforce is intended to help you navigate possible ways to meet your compliance needs, these are only guides and not determinative or guarantees of satisfying any legal rule. It is up to you to determine whether your use of the Salesforce Services or Salesforce.org applications is covered by, or compliant with, a law or regulation. We suggest you consult with a legal professional regarding your legal obligations.