Legacy Privacy Center: Satisfy Customer Requests and Data Privacy Laws

Legacy Privacy Center is a managed package that uses Heroku for retention. Starting in Winter ‘24 a version of Privacy Center on the Salesforce platform is available. For more information, see Privacy Center: Satisfy Customer Requests and Data Privacy Laws.

Data protection and data management are key contributors to improved customer trust. In a data-driven world, customers are increasingly privacy conscious. They want to buy from companies that keep their personal information safe and secure, and they’re loyal to businesses that prioritize privacy management. Proper data management helps ensure that businesses comply with legal regulations and avoid penalties.

There’s a lot to consider when it comes to data management, but Privacy Center is up to the challenge. As a secure data management program, Privacy Center helps you maintain customer privacy through every stage of the data lifecycle. Create policies that satisfy your customer’s right to be forgotten with the Right to Be Forgotten Policies feature. Or retain and de-identify a customer’s personally identifiable information (PII) using the Retention Policies feature. You can even create Portability Policies that compile and deliver PII to customers in response to data subject access requests. With Privacy Center, prioritizing data privacy is just a click away.

• Privacy Center Definitions
  Keep these terms in mind when working with Privacy Center.
• Privacy Center and Data Governance Laws
  Data protection and privacy guidelines change depending on where your customers are located. Privacy Center helps you comply with data governance laws such as the General Data Protection Regulation (GDPR) in Europe and the California Consumer Privacy Act (CPPA) in the United States.
• Set Up Privacy Center and Connect to Heroku
  Use Heroku to securely store your Salesforce data. Get started by installing Salesforce Privacy Center and setting up an archive for data retention.
• Manage How Customer Data Is Retained
  Under data privacy law, your customers have a right to be forgotten from your org or for data to be restricted from processing. This means that you must delete, archive, or de-identify the data subject’s PII in your org within 30 days of their request. Always work with your legal team to ensure that you collaborate on policy creations and meet requirements set by your company. With Privacy Center, you can obfuscate a customer's PII, move it to storage, or delete it.
• Setting Up Heroku External Objects with Salesforce Connect
  Integrate data from a Heroku Postgres database into Salesforce by using Heroku External Objects and Salesforce Connect. While the data remains in Heroku Postgres, this integration allows the data to be read from within Salesforce. Also, the data can often be written to within Salesforce.
• Delete Data with Right to Be Forgotten Policies
  For data subjects who want their data removed, create Right to Be Forgotten policies to run on individual customer records. Create policies that capture the objects you want to delete, then manually run the policy on a specific record at any time.
• Satisfy Data Subject Access Requests
  The Data Subject Access Request feature in Privacy Center addresses your customers’ right to obtain a copy of their personally identifiable information (PII).