The Data Privacy Manager managed package enables you to store and manage Privacy Permissions (consents) for a contact or lead (Person Account is coming) so that you are able to comply with GDPR. It works in both Classic and Lightning and all editions of Salesforce.

There are number of different marketing and sales situations where you collect the Privacy Permissions: contract signature; website subscription; met at a conference. You set each of these up Privacy Sources. For each Privacy Source, you then define how you can communicate with the person and for how long; product update by email, event invitation by email, event invitation by SMS. 

Then you can start adding Privacy Permissions for each contact and lead.  For each Privacy Permission, you choose a Privacy Source which then defines the allowed Communication Rule. You can contact the person until they unsubscribe from the Communication Rule or the Privacy Permission expires. 

This works with all editions of Salesforce except Personal and Group Edition.

It works for both Lighting and Classic.

You need to have enabled the individual object, but you do not need to use it. This needs to be enabled because the managed package can look up to the individual object as well as contact and lead. You navigate to Setup > Company Information > Data Protection & Privacy to activate it.  

This is required because the managed package references the Individual object on installation. 

If it is not enabled then you will see the following screen:

You need MyDomain established so that the Data Privacy Lightning components can be installed onto the Contact and Lead pages. From Setup, search for MyDomain in Quick Find box.  There is a step-by-step guide. It can take a number of minutes for the new domain to be available.

If MyDomain is not enabled and the Lightning UI is used, errors will be shown when Communication Rules and Privacy Sources are added.

The app is installed from the Appexchange.  

https://appexchange.salesforce.com/appxListingDetail?listingId=a0N3A00000FALyMUAX

You will get a seven day trial. At any time, or at the end of the trial, you can purchase by going to https://appexchange.salesforce.com/myaccount.

Log in to the Org with Administrator credentials.

Select "Install for Admins Only" option.

When the installation is complete, the following screen is shown:

When installed, a new app is available. The app is called "Data Privacy".

The application adds a number of tabs as shown in the image below:

Access to the Application is controlled by Permission Sets.  There are two Permission Sets provided with the App. These are:

The Admin Permission Set is required to be able to create and manage Communication Rules and Privacy Sources - the configuration of the system.

The User Permission Set is required for all users who access Leads or Contacts.  All users should be automatically added to this permission set when the package is installed. When new users are added, or existing users made active, they will be automatically added to this Permission Set.
​
​Lightning user permission error message

If they do NOT have this permission and they have a page layout that has the components in Lightning on it then they will be shown the following error on page load: 

Classic users permission error message

In Classic, the components will show a message that the user does not have sufficient privileges to access the page.
​

The package adds the following custom objects:

The following objects are used to set up the configuration and are only modifiable by a user with the package Data Privacy Admin permission set.

A Privacy Source is how an organization touches a contact or lead. The Privacy Source is where you define the rules for the marketing expiry, data retention and which Communication Rule will be used.

e.g. scanned at an event, subscribed to blog, exchanged business cards, downloaded white paper.  

A Communication Rule defines how the organization engages with a contact or lead. This object captures the content type and channel for that content.  

e.g. Product Update via email, Product Update via post, Product Update via SMS, News, User Event Invite via email.   

The following objects are used to manage the permissions that the organization has to retain, process, and communicate with the contact or lead.

To access and use these objects, the user has to have the Data Privacy User permissions set.

This object is used to store the evidence of engagement with a contact or lead. It will always be based on a specific Privacy Source. 

The Privacy Optin is created when a Privacy Permission is added. It is based on which Communication Rule the Privacy Source is linked to. This record is created automatically.

This object is used to capture the history of changes made to the Privacy Permission, such as an extension to the retention and marketing period.
​

The Data Privacy Admin Tab (Lightning), Data Privacy Admin - Classic (Classic) provides an overview of the application and access to useful information, help and guides.

There are two setup activities before you can start adding data permission (consent) data: