How to comply with FZ-152 “On personal data” with “Bitrix24” and “1C-Bitrix”
From July 1, 2017, administrative liability for violations when dealing with personal data of individuals will be severely tightened. This also applies to site owners who collect such information about visitors. What about those users of Bitrix24 who collected personal data automatically, using CRM forms or Open Lines ? We decided to help our customers comply with the law and avoid penalties. Automate and this!
We prepared a universal “Consent to the processing of personal data” for and placed it in CRM forms and Open Lines.
What should be done:
')
What you get:
As a result, the agreement will look like this:
First, in the settings of the open line, you need to enable sending a warning about the collection of personal data.
When the conversation begins with the client, two messages will appear at once, warning of the need to consent to the processing of personal data.
If a person continues to write in an open line, this will be considered as consent. And if he keeps silent or directly answers that he does not agree, then his data should be deleted.
We prepared a universal “Consent to the processing of personal data” for and placed it in CRM forms and Open Lines.
In CRM forms
What should be done:
')
- Fill in your company details in the CRM settings. You can also do this when setting up a consent in a CRM form.
- Specify an e-mail to which customers will be able to send requests to delete personal information. According to the law, it is necessary to respond to such requests. Now only an example of an e-mail address is indicated, you can leave it or change it in the form settings.
- Check in the settings of the active forms that the consent is connected and correctly displayed for the client.
What you get:
- Two confirmation options:
- under the form there is a check mark - corresponds to the agreement “By pressing the“ Send ”button, I give my consent ...”
- There is no check mark under the form - you will need to put it before sending the completed form.
- under the form there is a check mark - corresponds to the agreement “By pressing the“ Send ”button, I give my consent ...”
- CRM form fields will be automatically included in the consent text as relating to personal data, even if it is just a comment.
- In the default settings of the form there is a tick on the consent of the transfer of personal data to third parties. There you can specify these persons (for example, Pochta Rossii LLC or courier service) - they will also be included in the consent text.
- You can choose or add your own use cases and retention periods for personal data.
- The consent text also includes the specified e-mail for deleting data. If the portal has less than 20 users, the portal administrator’s e-mail address will be automatically entered.
As a result, the agreement will look like this:
In Open Lines
First, in the settings of the open line, you need to enable sending a warning about the collection of personal data.
When the conversation begins with the client, two messages will appear at once, warning of the need to consent to the processing of personal data.
If a person continues to write in an open line, this will be considered as consent. And if he keeps silent or directly answers that he does not agree, then his data should be deleted.
Source: https://habr.com/ru/post/331748/
All Articles