Only persons can be data subjects, not companies. However, a company may have representatives — and the information of those representatives is also personal information that needs protection.
A customer card in Erply does not classify as personal data if all personally identifiable information has been removed. In this case, the customer card cannot be associated with any actual person.
In Erply point of sale, data processing activities may include:
- Creation of a new customer.
- Opening and viewing customer's profile.
- Editing customer's profile.
- Looking up a loyal customer.
- Processing a sale.
- Entering customer's information on the sales document manually (into the notes, for example).
Collected information must have a purpose, and you must not ask more information than the particular purpose requires. Each purpose must be presented separately.
An example purpose might be "sales to a loyal customer" (who in turn gets respective benefits: loyal customer's discounts).
For marketing purposes, the customer must give consent separately for each marketing channel.
When the purpose (for which the data was collected) changes, consent must be acquired again.
Before asking for consent, the customer must be informed of what the information will be used for, and what are their rights (right to update or revoke their data, to get an electronic copy of their information, to object to processing, to withdraw their consent etc.). The consent must be documented so that it could be proven later that the customer has agreed to processing.
If the product or service that you are selling does not directly require the information you want to collect (eg. if customer can consume the service or make the transaction anonymously, too), then the request for additional information (and the consent to process it) must be clearly separated.
To collect and process data of children, a parent's or guardian's consent is required. The minimum age at which a person can themselves give consent varies by country; check your local legislation.
Processing these kinds of data can cause a lot of harm. Biometric information can be used for surveillance and tracking. Analyzing religious or political views or ethnicity can segregate the data subject into unfavourable target groups. Trade union membership can be used maliciously by employers. Storing sensitive information in Erply is prohibited.
Data which is created during processing (e.g. logs, invoices, payments) can also be personal data, if they contain a copy of personal data (names, phone numbers, addresses).
A car registration number can be linked to the owner of the car. Usernames can refer to a person (it might contain their full name, for example) and even in a password, a person might have used information about themselves. Addresses and IP addresses can be used to locate the person and a loyalty card is typically linked to specific person.
Before collecting the consent, the customer must also be informed of their rights, purposes of processing and other details, so that the customer would be fully aware of what they are agreeing to.
The customer has the right to ask for a copy of their personal data, including data that has been created about them (their customer group, for example).
Customer can withdraw their consent fully or partially — for selected processing purposes or for all purposes at once. If customer takes back their consent, you also need to remove information that is no longer needed (as stored information must be minimal and purposeful).
If customer's requests are not fulfilled, they have the right to report to the local supervisory authority or to go to court.
Under normal circumstances, customer must be able to get the data extract free of charge. If the customer issues repeated requests or abuses their rights, a reasonable fee may be collected to cover the costs.
All invalid information must be updated. This is not necessary if the information is historical or statistical by nature (eg. customer's payment history). If the customer has unpaid invoices, you do not need to comply with their request to change or erase their data; the customer will have to settle their balance first.
If customer has agreed to weekly offers by email, this does not give the right to ask for their phone number. On the other hand, requiring the phone number is justified if customer has asked to be notified when their ordered item will be in stock.
Data must not be kept forever. There must be a deadline or a condition that specifies how long the information will be stored. A loyal customer's information, for example, should be deleted if they have not made any purchases in a certain time period.
Data processing in POS should be done with the customer present and only if the customer has been identified.
To get an overview of unpaid invoices, we recommend to use the Unpaid Invoices report, Overdue Invoices report or Balance report instead. Open customer form only if the report indicates that the customer indeed has a due balance.