They fail because people stop trusting the data.

Old contacts stay in the system for years, emails bounce, job titles change, and eventually, users stop relying on the CRM altogether. Once confidence drops, adoption usually follows.

That’s why our Hunter Email Verifier addon for SugarAI delivers far more value than its small price tag suggests.

Why stale CRM data is dangerous

Outdated contact data creates problems across the business:

• Sales teams waste time chasing dead leads
• Marketing campaigns suffer from poor deliverability
• Users stop trusting the CRM
• Reporting becomes unreliable
• CRM adoption slowly declines

A CRM is only useful when people believe the information inside it is accurate.

A bounced email can actually create opportunity

This is the part many businesses overlook.

When an email becomes invalid, it often means someone has left the company.

That could be:

• A new Head of Sales
• A replacement Operations Manager
• A newly appointed Finance Director

And new people often bring new opportunities.

Fresh decision makers regularly review suppliers, reassess systems, and introduce different buying preferences. Spotting those changes early gives your team a natural reason to reconnect with an account that may have gone quiet.

Instead of thinking:

“That contact no longer works there.”

You start asking:

“Who replaced them?”

That’s a much more valuable conversation.

Why we built the Hunter integration

We wanted something simple, affordable, and genuinely useful.

The Hunter Email Verifier integration helps teams:

• Validate email addresses directly inside SugarAI
• Identify risky or outdated records
• Improve trust in CRM data
• Keep databases healthier over time
• Spot account changes earlier

No complicated setup, no bloated process, just practical value.

Small addon, big impact

For a relatively tiny investment, businesses can protect the much larger investment they’ve already made in their CRM project.

Because when users trust the data, they actually use the system properly.

And that’s when CRM starts delivering real value.

You can buy the Hunter Integration here

The post The tiny CRM investment that protects your entire project appeared first on Sugabyte.

That’s why we see data privacy in general, and GDPR in particular, as an opportunity. It’s not just about meeting regulatory compliance. It’s an opportunity to help the organizations around the world that rely on Sugar implement best practices for data privacy into how they do business. It’s an opportunity for SugarCRM customers to build a relationship based on trust and transparency with their own customers.

The video below is a demonstration of how businesses using SugarCRM can manage:

• Data Subject Requests
• Right To Erasure
• Right To Access
• Consent
• Opt-In Policy

Our goal is to help our customers build productive, trustworthy relationships with their customers.

If you have questions, please send an email to dataprivacy@sugarcrm.com.

The post VIDEO: GDPR Functionality in SugarCRM appeared first on Sugabyte.

What is the Data Privacy Module?

The Data Privacy module allows users to record and action Data Privacy requests in Sugar, just one part of a feature set to support your Organisations ability to comply with GDPR.

The Data Privacy module will not be automatically enabled, therefore if your Organisation wants to make use of this great new feature it will need to be enabled by a System Administrator user via Admin -> Display Modules and Subpanels.

The Data Privacy module will allow end users to log Data Privacy requests which will then be actioned as appropriate.
Within the module there is a “Type” field which displays various different types of data privacy requests that may be made by an individual, such as

• request to erase information
• give consent to process information
• withdraw consent
• and more.

This Type field ensures that end users can log all data privacy requests accurately in one place and at the same time ensures that the DPM knows all details in order to action the request accurately.

How to Create a Data Privacy record

All users that have access to the Data Privacy module will be able to create a Data Privacy record against the individuals’ Contact/Lead/Target record for the request to then later be actioned by either a user that has the Role of Data Privacy Manager or by a System Administrator user.

To create a Data Privacy record, navigate to the “Data Privacy” subpanel -> create a new record, fill out all data necessary -> select save. 

Once the Data Privacy record is created it is a manual task for the DPM (Data Privacy Manager) or System Administrator to action the records.
See the below images as examples of how the DPM can mark which fields need to be erased as per the request and then go ahead and complete the erasure.

Once the value is erased, a “Value Erased” pill will display as below. This is a placeholder for where the value previously appeared. Users will still have the ability to overwrite the “Value Erased” pill in the future if required.

It is important to remember that erasure can only be performed if the “Type” has been set to “Request to Erase Information” and the “Status” of the Data Privacy record is set to “Open”.

Why create a Data Privacy record and not just delete?

In order to comply with the data privacy policies that were implemented with GDPR, the release of Sugar 8.0 has the functionality that allows fields marked as Personal Information to be erased immediately and permanently. Deleting a record in Sugar does not immediately remove this from your Sugar database. The record will be marked as deleted in the database so that it no longer appears in the Sugar instance and visible for end users (= soft delete), however, it will not actually be removed from the database until the scheduler runs next (= hard delete, scheduler interval is set to once a month and is inactive by default but can be amended per instance).

Fields can be marked as Personal Information via Admin -> Studio:

Please Note

In List View of a module a name value is usually displayed as a clickable blue link, if however, it is a name value that has been erased but the record still exists, then an icon (see below) will display next to the “Value Erased” pill and by clicking this icon the record will display in Record View.

If you have any further questions on how to use the new Data Privacy module in Sugar please contact us using the below link.

The post Data Privacy Module in Sugar appeared first on Sugabyte.

Global Data Protection Regulation (GDPR) comes into effect on 25 May 2018. The regulation is designed to provide individuals that are EU residents with higher protection of their personal and private data. All companies that interact with individuals that reside in the EU (regardless of whether the company is based within the EU) are impacted by this regulation and therefore must comply as of the effective date.

What does GDPR relate to?

GDPR relates to personal information about individuals; personal information can include the individuals’ name, email address, mailing address, picture, social links and IP addresses. There are further rules for sensitive information such as medical data, childrens’ data, political, racial and religious data etc. Generally, company related data does not apply to GDPR.

In the context of SugarCRM, customers (End Users) are the data controllers meaning they determine what information is captured and how the data is processed and Sugar is the software through which the data controllers manage their information. SugarCRM is the data processor as Sugar only processes data on its service that the controller wants to process.

SugarCRM today allows end users to fulfil their regulatory requirements of GDPR, however going forward with the release of Sugar 8 there will be further implementations to support users in fully complying with GDPR regulations for the end users role as a data controller.

In order to adopt a privacy by design principle, Sugar has planned features to be released in Sugar 8 (planned release date end of April 2018) that will take privacy into account throughout the whole customer lifecycle. See below some of SugarCRMs’ planned features:

Please Note: This information is not definitive and could be subject to change.

Managing Consent

Consent related custom fields will be added to Leads, Contacts and Targets modules. The fields will be hidden but admin users will have the ability to add these fields to record view via studio.

Opt-in Policy

A new global setting will be added where admin users can specify if new email addresses default to be automatically opted in or opted out. Customers who need to comply with the opt-in policy should set this default to opt-out. If an email is opted out there will be a visually clear indicator of this on the Sugar record.

Recording Data Subject Requests

Sugar will create a new module ‘Data Privacy’ in which users will be able to log items such as data subject requests or consent details. The module will by default be related to Leads, Contacts and Targets but will be configurable like any other Sugar module.

Right to Erase

Data subjects will be able to make requests for permanent erasure of some or all of their data, this request can be logged in the Data Privacy module. Sugar will create a new role called ‘Data Privacy Manager (DPM)’. Any user with this role will be able to review erasure requests and mark the relevant records for erasure. If fields are erased then they will be flagged with a “Value Erased” placeholder.

The DPM role will have an extra function called erasure. Erasure will act differently to the existing delete function whereby it will remove the data from the database in such a way that it will no longer be retrievable. Because of this, it is important that users are only given this role if they have the correct authority/responsibility to perform the erasure requests.

Right to Access

Sugar will introduce a new ‘Personal Information View’. In this view you will be able to see all related personal data and its source which you can then forward to the person requesting access to their personal data kept in Sugar. Admins can define in Studio which fields contain personal information and should therefore be included in the Personal Information View.

To learn more about Data Privacy and GDPR in Sugar, read the full blog post from SugarCRM showing you in more detail the introduced changes coming in Sugar 8 this Spring!

The post Data Privacy and GDPR in Sugar 8 appeared first on Sugabyte.

The post Watch Recorded Webinar: GDPR – The Clock is Ticking appeared first on Sugabyte.

In a quick answer… No.

With constant news surrounding GDPR taking over, there is a lot of uncertainty being created about data protection and consent, the most common myth that is being circulated is that consent is the only way that data can be processed.

Under the new GDPR law, coming into effect on 25th May 2018, one of the biggest law changes states that individuals must give organisations a positive opt-in to receive emails, this means that pre-checked boxes are not valid consent. In line with this, GDPR places a lot of emphasis on that once the organisation has gained a positive opt-in from an individual they then need to give them a clear and easy way to withdraw their consent if they wish to.

As the above law change is likely to have a big impact on many organisations, it has been the focus of many discussions and created the false conception that data can only be processed if an organisation has the consent to do so. This is not true, consent is one legal ground on which data can be processed but not the only one.

For processing under GDPR rules, organisations need to be able to identify that they are processing data based on one of the SIX legal grounds (as identified by the UK’s Data Authority: ICO)

• Consent of the data subject
• Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
• Processing is necessary for compliance with a legal obligation
• Processing is necessary to protect the vital interests of a data subject or another person
• Processing is necessary for the performance of legitimated interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject

(Note that this condition is not available to processing carried out by public authorities in the performance of their tasks)

Keep in mind that the burden of proof for consent lies with the organisation. Therefore, it is down to the organisation to ensure that the legal ground on which the data is being processed is fully documented so that proof of compliance with the GDPR can be demonstrated to the ICO.

The post Is consent the only way to process data with GDPR? appeared first on Sugabyte.

a CRM is only as good as the data inside it”

For many businesses, the CRM is the central hub of customer and prospect data.  The hub that drives marketing automation, and influences business decisions.  So are your business decisions, sales and marketing efforts being driven by poor quality data?

Data can become out of shape for the following reasons:

A CRM migration from an old system

We’ve seen this with previous implementations.  Perhaps a move from a previous CRM system, where the culture of good data quality was not a priority.  If the data comes across in this condition, the emphasis to adopt good practices is hard to promote.

Shared logins with shared (aka: No) responsibility for the data quality.

One of the key definitions of the “Assigned User” field in SugarCRM is to pass the responsibility of data quality and completeness to a single person.  Often, when users access SugarCRM through a shared login, there is no audit trail of who did what and no responsibility for the quality.

Poor enforcement for lazy data entries

For some businesses, their CRM is an opt-in, ‘use-if-you-wish’, system – destined for failure.  For most, it’s a mission-critical tool that’s helping drive real business growth and impressive customer experiences.  Regardless of the aforementioned, top-down enforcement and motivation needs to be deployed to prevent repeat offenders and promote guidelines which address data quality and missing data.

Here are our 5 ways to improve data quality in your SugarCRM system:

1 – Make sure the data is assigned to real people

And distribute the records fairly.  You might be experiencing a scenario where a ‘holding’ or ‘group’ user is assigned 80% of the Account records.  Since the group user is not a real person, there is no responsibility.  Similarly, if ‘Rick’ is the assigned user of 80% of the accounts and the rest shared between 20 other users, consider re-assigning a fair number to the rest of the team.

2 – Make use of Required fields

In an ideal world, we would not require, required fields.  But certain fields either drive processes for automation, enable the segmentation for marketing to create targeted lists, or drive reports.  When data is NULL in these fields, the effectiveness is reduced dramatically.  And even worse is a situation where the reporting cannot be trusted.

3 – Run a cleanup initiative

You may want to consider an active drive to ‘fill in the missing blanks’, de-dupe records, and update information.  This could involve exporting the data (either from a report or directly from List View) and distribute responsibilities for these tasks internally.  Data providers such as Dun & Bradstreet offer services similar to this, as well as data enrichment by providing more data-points that could be useful for your operations.  A tip in respect to missing email addresses is if you have a few contacts with email addresses and some without, you can identify the naming convention such as firstname.lastname@company.com to anticipate the missing email addresses.

5 – Standardisation

The standardisation of certain fields (such as job title, city, country) which are typically free-text fields, could be changed to drop-down/multi-select type fields which will increase the accuracy of the data.  This is essential when you are using these fields to report on, or use a marketing automation solution such as Act-On – to be able to create your segmentation lists.

Here are a few more things to consider when working with SugarCRM and cleaning data:

Never delete fields, always hide them in the layout.  You never know when you might need that legacy data in the future.

Consult with marketing before removing fields or drop-down values.  They may be essential to how the marketing users control their lists or personalisation fields in emails.

Amend your dependant reports after changing fields, or they won’t run correctly.

Beware of integrating CRM with systems known to have dirty data – this is a mistake that is soon after regrettable and very difficult to undo.

“Lets just migrate the CRM first and clean it afterwards” – this is a mistake and often famous last words.  Always clean data before migrating to Sugar.

If you need any help and assistance with cleaning your data – please speak to us.  We have several years experience helping SugarCRM customers clean their data and structure the system optimally.

The post 5 ways to improve data quality in SugarCRM appeared first on Sugabyte.

GDPR (General Data Protection Regulation) was approved on April 14, 2016, and will come into play on May 25, 2018. It will be directly applied in each country, EU or non-EU (which stores European Citizens personal data), and is intended to strengthen and unify data protection for all individuals within the EU.

GDPR rules apply to ‘Controllers’ and ‘Processors’ of data:

• “Data Controller” is a single person or group of people, which determine the purposes and means of processing personal data.
• “Data Processor” is any person who processes data on behalf of the data controller.

“Processing” in this sense means obtaining, recording or holding the information or data or carrying out any operation or set of operations on the information or data. Knowing the difference between who the data controller and processor are will be paramount if there was ever a data breach situation as it would need to be determined where the responsibility lies, therefore it is best practice to have a clear view of what each role should be doing.

The Data Controller has the primary responsibility for ensuring that processing activities are compliant with the law. As stated in Article 5 of the EU GDPR “personal data shall be: processed lawfully, fairly and in a transparent manner in relation to the data subject” and in accordance with Article 24 of the EU GDPR “taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the controller shall implement appropriate technical and organisational measures to ensure and be able to demonstrate that processing is performed in accordance with this regulation”.

The Data Processor according to Article 28 of the EU GDPR, has the responsibility to provide “guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation”.
“The processor shall not engage another processor without prior specific or general written authorisation of the controller. In the case of general written authorisation, the processor shall inform the controller of any intended changes concerning the addition or replacement of other processors, thereby giving the controller the opportunity to object to such changes. Data processing by a processor shall be governed by a contract or other legal act under Union or Member State law, that is binding on the processor with regard to the controller and that sets out the subject-matter and duration of the processing, nature, and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller”.

To determine whether you are a data controller or data processor you need to confirm which steps you take:

The Data Controller must decide:

• To collect the data in the first place and the legal basis to do so,
• Which items of personal data will be collected (content of the data)
• The purpose(s) that the data is to be used for
• Which individuals you will collect data about
• Whether the data will be disclosed, if yes then who to
• How long to retain the data.

The Data Processor must decide:

• What system/method is used to collect the data
• How to store the data
• Security of the data
• Means used to transfer data from one organisation to another
• Means used to retrieve personal data about certain individuals
• Ensuring the method behind the retention schedule is adhered to
• Means used to delete/dispose of data

The processor has the freedom to use technical knowledge to decide how to carry out certain activities on behalf of the data controller, however the data processor, cannot make any of the decisions on what is done with the data, these decisions must be made by the data controller.

All of the above in turn means that if any EU or non-EU company wants to stay in business as a controller or processor of data, it will have to implement the necessary controls to ensure that they comply with the EU GDPR. If there is non-compliance then fines showing in Article 83 of the EU GDPR shall be imposed regarding “the degree of responsibility of the controller or processor taking into account technical and organizational measures implemented by them.”

The post Who is the Controller and Processor for GDPR? appeared first on Sugabyte.