Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Are the CRM and Outlook Integrations GDPR-Compliant?

            Modified on Wed, 26 Feb at 5:09 PM

            Yes, the integrations are GDPR-compliant.


            Below, we explain why Lemontaps integrations—both for CRM and Outlook—can be used in compliance with GDPR. Key aspects include one-way data transmission, data minimization, and targeted duplicate checks.


            1. One-Way Data Flow


            Only new contacts from Lemontaps are transferred to your CRM/Outlook. Existing records in your CRM/Outlook are neither updated nor sent back to Lemontaps.


            2. Data Minimization


            Lemontaps integrations process only the personal data necessary for their specific purpose:


            • While the full contact details (name, email, phone number, etc.) are transferred, Lemontaps uses only the minimal required data—email address and user ID—for checking if a contact already exists.
            • This targeted duplicate check prevents multiple entries and ensures that access to data is limited to what is strictly necessary.
            • This approach aligns with GDPR’s data minimization principle by ensuring that only the data required for the integration is processed.


            3. Technical and Organizational Measures


            • Secure Data Transmission: All data transfers are encrypted using modern encryption technologies to prevent unauthorized access.
            • Restricted Data Access: During duplicate checks in CRM/Outlook, only a minimal dataset (email and user ID) is queried. This restriction reduces potential risks and ensures that unnecessary data is not accessed.


            4. Responsibility and Legal Framework


            Lemontaps provides the technical interface for data export, while the user is responsible for data protection compliance. This includes:


            • Data Processing Agreement (DPA): Users must establish a DPA with their CRM or Outlook provider to clearly define roles and responsibilities under GDPR.
            • Consent and Transparency: Only contacts who have explicitly consented to data processing (e.g., for marketing purposes) should be transferred to CRM or Outlook. The privacy policy must transparently communicate how these data are stored and processed.
            • GDPR Compliance Obligations: Once data is stored in CRM or Outlook, it is the user's responsibility to handle access and deletion requests, comply with retention periods, and keep records up to date. Lemontaps does not have further access to the data stored in these target systems.


            Summary


            Lemontaps integrations are GDPR-compliant because:


            • The data flow is one-way (push from Lemontaps), transferring only new contacts.
            • Only the minimum required data is transmitted to fulfill the specific purpose (data minimization).
            • Duplicate checks are performed using only email and user ID to avoid redundant entries.
            • Adequate technical and organizational measures ensure secure data transmission.
            • The responsibility for data protection compliance lies with the user, including contract agreements and GDPR obligations.


            With this clear division of responsibilities and targeted data handling, Lemontaps integrations can be used securely and in compliance with GDPR.


            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0