Are cloud apps able to delete personal data?

Can customers, suppliers and staff be deleted from the cloud apps you use?

Didn't find your answer?

As accounting data will include personal data, once the period for retention has passed, the business should be able to instruct the cloud app provider to delete the data.

I've been having "discussions" with one of my providers over this as they can't currently do it, meaning the business would have to go through every customer, supplier or employee record and manually change the personal data so that it's not identfiable to any one person.

Anyone else had similar discussions or confirmed that their providers can do it?

 

Replies (8)

Please login or register to join the discussion.

blue
By mg200
25th May 2018 07:03

I haven't seen the need to have these discussions as all the data we hold ourselves are for legitimate, contractual and legal purposes.

Have you got a scenario that a practice may encounter where personal data needs to be deleted?

Thanks (0)
Replying to mg200:
Teignmouth
By Paul Scholes
25th May 2018 10:17

Hi mg200 - I (or my client) invoiced a personal customer in 2011. The person is no longer a client and so there is no reason for me now to keep their personal data and so I should delete it.

Depending on what software you use (mine are all Cloud) I've not seen any that provide this feature. They allow archival, which takes the name off lists but the full data is retained meaning I'd have to go in and change the names, and delete address, email address etc etc and, in some cases, if the software has kept a PDF on any invoices, these also have to be tracked down and deleted, so that the person could not be identified.

Same for suppliers.

2011 may be a long time ago but that's when I started using cloud accounting.

Thanks (1)
Replying to Paul Scholes:
blue
By mg200
25th May 2018 17:52

I see your point. Whether cloud or hosted, our financial software keeps transactions and therefore personal data going way back. However I am keeping that financial data from 2011 and earlier as it forms part of my accounts and my sales ledger which goes back to day one. There are legitimate reasons to have that data and HMRC can go back as far as they like in certain circumstances.

As I have kept this data secure and not used it as part of any marketing then I won't have an issue.

Thanks (1)
avatar
By Maslins
25th May 2018 11:33

I'm not aware of the ability, at least with the main products I/we use.

FreeAgent only recently added the ability to "hide" old users (eg so when adding a new business expense paid personally I can't inadvertently allocate it to a staff member who left a few years ago!). However I think their general rule is that all the data is always there under the bonnet.

You're right though, for older data where any arguments of needing for HMRC/AML purposes are gone, we should be able to delete it completely.

I'm sure this will be one of many things where full compatibility with GDPR will only come gradually over the next few years, as even those businesses that think they're fully compliant probably have multiple scenarios they haven't yet thought of where they're not.

Thanks (1)
avatar
By kevbrownuk
28th May 2018 20:00

SageBusinessCloud accounting and payroll both provide this exact functionality for its users... see below link.

https://uk.sageone.com/accounting-updates/

Thanks (1)
Replying to kevbrownuk:
Teignmouth
By Paul Scholes
26th May 2018 10:17

Thanks Kev - if anything is going to spur the others it’s the thought there is something that sage can do that they can’t. :)

Thanks (3)
Teignmouth
By Paul Scholes
30th May 2018 12:51

Out of interest Pandle have just sent their privacy notice and address this precise issue"

"we will soon be adding the ability for users to remove all personal data they hold for customers/supplier without affecting transactions, effectively the personal data will become anonymous"

Thanks (1)
avatar
By ShayaG
31st May 2018 14:23

It's a very salient point.

Best short terms solution I can think of is to change customer name to "Oldcustomer_1", delete address and contact fields, and leave it for sixty days or something like that to work through the backup cycle.

Thanks (0)