blogs & Things

How Business Central Can Keep You GDPR Compliant

Easily Classify Your Data With Microsoft D365 BC

Learn how to stay compliant with the awesome tools provided by D365 Business Central


We recently wrote an article on the importance of classifying your data and the benefit’s it can bring to an organisation.

However, depending on the amount of data you have, classifying it may seem a bit of a daunting task! Fortunately, Microsoft’s Dynamics 365 Business Central is here to help.

Many different territories operate different data standard regulations. One of the best known is the EU’s GDPR or General Data Protection Regulations.


GDPR states there are different reasons for holding data and an organisation needs to classify why they hold each piece…


  • Consent – Under consent, an organisation can process an individual’s data if that person has consented to it.
  • Contractual Necessity – An individual doesn’t need to consent to their data being processed by an organisation if that data is needed for a contractual necessity. This also applies to the Right To Be Forgotten – Some information may need to be retained if required as part of a pre-existing contract.
  • Compliance With Legal Obligations – As with contractual necessity, it’s entirely inline with GDPR requirements to process an individuals data if the organisation is required to do so to fulfil a separate legal obligation.
  • Vital Interest – This is one of the rarest reasons to process an individual’s data but in life and death scenarios (and life and death doesn’t mean they just have to get your latest sales email) it’s entirely withing the remit of GDPR to do so.
  • Public Interest – Another form of data processing that’s compliant with GDPR but that most organisations won’t see (it’s more common for instance in news outlets for example) is the processing of an individual’s data when acting in the public interest.
  • Legitimate Interest – Legitimate Interest is by far the broadest category of classification for processing data and is defined as if an organisation has a legitimate interest in doing so.


As you can see, with so many different ways to classify data, it’s important to have a reliable way to do it… like D365 Business central.


1. The first thing you’ll need to do if you’re hoping to classify data in your system for GDPR is to make sure you’re signed in correctly. If you don’t sign is as an Administrator of Users in the User Groups and Permissions role centre, you wont be able to access any of the awesome GDPR tools D365 BC has as standard.

It’s been set up that way as it’s a legal requirement for only authorised users (such as a Data Protection Officer) to access the privacy features within.



2. After you’ve logged in with the correct profile you’ll find Business Central has added a Data Privacy activity pane that lists all of the handy GDPR features you can use.

3. Clicking on Data Privacy will show you these options…



4. Data Classification, will, as you’d expect, open up a Data Classification work sheet that will enable you to set the correct level of data sensitivity for all of your tables (both standard and custom).



5. If you click the Set Up Data Classification button you’ll be presented with a wizard (a Data Classification Assisted Setup… not a graduate of Hogwarts). From here BC will let you import and export data from Excel which will massively help if you need to ever change classifications.



6. Next you can go back to the Data Subjects Page. You’ll now see all the physical entities with their assigned classification attached. Once that’s done you can create a Data Privacy Utility so that, going forward, you’ll be able to see logs for every Data Privacy Activity.



7. Clicking on Data Privacy Utility will open up another wizard; this one will let you either export all of the data you hold on an individuals in your systems (incredibly handy for Subject Access Requests) or create a complete data privacy configuration package.



8. Exporting data for a subject access request will export either all the data you hold or just the data you request based on a sensitivity level.  You’ll be able to preview the export before it generates to make sure it all looks right and then generate an Excel spreadsheet which will be added to your role centres report inbox. If you instead create a data privacy configuration package, a data package for the subject will be created which you can then view and edit.




9. Once you’re done, you’ll be able to see a log in the Data Privacy Activity as this is required by GDPR for all activities related to data manipulation.


These features in Dynamics 365 Business Central any organisation should easily be able to handle the vast majority of GDPR issues that come their way.

More blogs & Things

More blogs & Things

James Crossland in NonProfit

AI + Automation: Reducing Donor Churn & Maintaining Sponsor Interest

Churn management is a vital element of any marketing strategy, and the NonProfit sector is no exception. Knowing what to track and having a joined up view of all your donations data is vital for getting this right, and also opens the door to building innovative data-driven campaigns.   At our recent DataScience and Transformation in Charities […]

James Crossland in NonProfit

Dynamics 365 In NonProfit’s

Charities have unique funding concerns, and an obligation to spend as much as possible on their chosen cause. However, an investment in technology can offer ROI in the form of more than just improved fundraising. Dynamics 365 can help rework complex business processes, ensure compliance with stringent safeguarding and financial regulations, as well as consolidate […]

James Crossland in Tech

8 Ways Your Business Can Increase Turnover With Big Data

Understand how Big Data and Data Science can transform your business…   Big Data is the phrase that’s used to categorise any data that’s too large, complex, cumbersome or complicated to be managed and processed by conventional technology. To put that into a relatable context; being able to recommend your customers content, products or offers based […]

James Crossland in NonProfit

How To Reduce Donor Churn In NonProfits

Reducing Donor Churn doesn’t have to be a big task but does need to be a fundamental part of a NonProfit’s day to day processes   What Is Donor Churn? Donor Churn is the likelihood of an individual stopping their donations to a charitable cause for a variety of different reasons resulting in the non-profit organisation […]

James Crossland in Tech

Agile: Cutting Costs, Improving Quality & Accessing Talent

After using Agile to develop software products for several years, we thought we’d share the challenges we encountered at the start, what we did to change and the results we saw (which were ultimately uplifts in quality and efficiency)…   My development team has been using Agile to develop software product since 2007. Personally, I’ve seen many […]

James Crossland in Tech


What’s the difference between UI and UX?   Simply put UI (or User Interface) are the pages, screens, buttons, icons and any other visual aspects of a website or App that let you interact with it… or to expand on that into the non-virtual world… UI is how you experience using something – For instance in opening a fridge, […]