Custom Image

Is Your Accounts Receivable Function GDPR-Compliant?

7 February, 2022
8 min read
Brett Johnson, AVP, Global Enablement
Linkedin profile

What you'll learn

  • What is GDPR?
  • What does GDPR mean for consumers/citizens?
  • How Accounting Softwares Process Data under GDPR?
  • GDPR in Accounts Receivables
  • HighRadius’ commitment to GDPR
  • HighRadius’ services to support GDPR readiness
What is GDPR?
What does GDPR mean for customers?
How Accounting Software Processes Data under GDPR
GDPR in Accounts Receivable function
HighRadius AR automation software is GDPR compliant
Print Bookmark

Organizations today focus on ensuring that their accounts receivables (AR) function is robust and better manage their working capital, customer relations, and reduce bad debts.

AR function deals with very sensitive customer information including identity and financial details of their customers. So organizations need to be aware of and be compliant to the data protection and data privacy regulations to handle, process, and store their customers’ information. Non-compliance in any aspect can lead to major data breaches and heavy penalties as administrative fines.

General Data Protection Regulation

The General Data Protection Regulation (GDPR) by the European Union, enforces privacy by design and privacy by default in the way organizations capture, process, use, and store customer information.

Companies non-compliance

What is GDPR?

It is a data protection law that came into force on 25 May 2018 to regulate EU citizens’ data. Unlike the previous regulation (Data Protection Act 1998), the GDPR applies to any globally operating company with clients or customers in the EU and not just those located in the EU. The new data protection law is intended to standardize data protection practice across Europe. Under the GDPR, organizations may be in scope if:

  1. The organization is established in the EU
  2. The organization is not established in the EU but the data processing activities are concerning EU individuals and relate to the offering of goods and services to them or the monitoring of their behavior and trends.

What does GDPR mean for customers?

The GDPR is one of the strictest and most far-reaching data protection regulations, imposing stringent data protection requirements with heavy penalties for non-compliance.

GDPR provides maximum importance to consumer consent. Companies are expected to get explicit consent about the type of data that they will collect as well as how they will process it. This however does not take into account whether or not the data processing is within the EU or not. As long as the data being collected belongs to EU citizens,  GDPR is applicable.

One may wonder if GDPR applies only to digital processing? The answer is ‘No’. Any manual or paper record that is a part of a relevant filing system or papers stored systematically in a filing cabinet is also included. The accounting team should ensure that they apply the same levels of diligence to paper records as they do to digital records, adhering to the data protection principles and upholding consumer’s (data subjects’) rights including paper records.

How Accounting Software Processes Data under GDPR

Accounting software typically processes two different types of personal data:

  • ‘Client data’ is personal data received from clients in relation to professional engagements and practice
  • ‘Firm data’ is personal data held by a firm in relation to its management, employees and affairs generally, including marketing databases

The GDPR will not change if the data recorded by the software is for carrying out operations like organizing, altering, disclosing (by any means) or removing data from the original record.

GDPR in Accounts Receivable function

One of the most crucial tasks that an accounting team has to deal with is invoice data capture. Now, as businesses continue to embrace automation and data capture tools, invoice data capture solutions take over the entire process and finally store the data.

The GDPR stipulates that before the AR team processes the data they must establish that they have a lawful basis for doing so. The GDPR states that an upfront declaration of the lawful basis is to be made, documenting the reasons and informing the customer (data subject) of it via a privacy notice, engagement letter or contract.

Another important provision is that GDPR provides customers with the ‘right to be forgotten’. This means that if you agree to share certain data today, you are given the choice of retracting it later. For instance, if you share your credit card information with your seller today, you can ask them to delete your credit card information or your entire account data at a later point in time. Your seller can no longer show backdated contracts signed by you. If you want the data to be deleted, the instruction supersedes and your seller is legally bound to delete all the associated data.

But can you use GDPR’s ‘right to be forgotten’ to delete your credit history? The answer is ‘No’. You cannot simply have your credit history deleted. The information or history recorded for credit referencing purposes is not a part of these and is instead subject to strict industry guidelines around data processing and sharing.

HighRadius AR automation software is GDPR compliant

With the advent of the EU GDPR, consumers now have a greater say about how their personal data is used. HighRadius solutions are GDPR compliant and will help you automate your AR processes in a highly secure environment.

highradius commitment to GDPR
  • Right to be forgotten: Buyer-facing solutions enable features for personal data deletion and retention. Solutions also support self-service opt-out, so customers can unsubscribe whenever they wish to. In any case, general customer data deletion is performed upon contract termination.
  • Right to rectification: The solution allows users to edit or correct their personal data in user profiles within the system at any time.
  • Right to transparency: HighRadius solutions provide visibility to a user’s personal data and preferences.

HighRadius privacy policy

Most Popular Resources

All Topics
Accounts Receivable
Talk TO Our Experts

Streamline your order-to-cash operations with HighRadius!

Automate invoicing, collections, deduction, and credit risk management with our AI-powered AR suite and experience enhanced cash flow and lower DSO & bad debt

Talk to our experts

HighRadius Integrated Receivables Software Platform is the world’s only end-to-end accounts receivable software platform to lower DSO and bad-debt, automate cash posting, speed-up collections, and dispute resolution, and improve team productivity. It leverages RivanaTM Artificial Intelligence for Accounts Receivable to convert receivables faster and more effectively by using machine learning for accurate decision making across both credit and receivable processes and also enables suppliers to digitally connect with buyers via the radiusOneTM network, closing the loop from the supplier accounts receivable process to the buyer accounts payable process. Integrated Receivables have been divided into 6 distinct applications: Credit Software, EIPP Software, Cash Application Software, Deductions Software, Collections Software, and ERP Payment Gateway – covering the entire gamut of credit-to-cash.

Thank you for signing up! Stay tuned :)