Skip to main content Skip to footer

Is your Exchange system GDPR compliant?

The GDPR or General Data Protection Regulation is the new European framework for the processing and circulation of personal data, the information on which companies rely to offer services and products. 

The Exchange messaging system is directly concerned by this regulation and Promodag Reports can prove particularly valuable in this respect. In this post I will try to shed some lights on how to produce Exchange-related reports on four different aspects of GDPR.

The right of prior consent

You can easily extract to CSV the list of recipients of the last newsletter using Promodag Reports so that you can compare it with your own list of those who have informed you of their prior consent to receive such messages (opt-in). The Find Specific Messages report will be used for this purpose.

Right of Prior Consent

Export report as CSV file

The right to data portability

The compliance of your tools and databases to the GPDR requires you to be able to return to an exiting employee all of his personal emails; this is called the right to data portability. The Find Specific Messages report allows you, once again, to inventory the messages identified as personal, if this is stipulated in your charter of good practices, by means of a search by subject.

Right to Data Portability

The protection of personal data against data leaks

Access to the mailbox of an employee is possible to the extent that the continuity of the company requires it. However, the list of persons authorized to consult this mailbox and possibly some of its files must be periodically revised to avoid abuse. The Mailbox Permissions and Permissions on Mailbox Folders reports give you the ability to periodically check who has access to them and thus also prevent data leakage.

Protection of personal data against data leaks

The right to be forgotten

The General Mailbox Content report dynamically retrieves a list of Outlook items based on filters that can be combined. In this way, you can isolate messages containing personal identifiable data (PID) falling within the scope of the right to be forgotten, for example the curriculum vitae or the identity document number of an applicant or a departing employee.

Right to be forgotten

If you have reached this point, you are probably interested in checking whether your Exchange messaging system is GDPR compliant. Promodag Reports can help you do precisely that.

To find out more about our award-winning reporting tool on Exchange Server, visit our homepage.

About the author


Our flagship reporting tool, Promodag Reports, is an innovative and constantly improving email reporting product that brings together all the key elements from Office 365, hybrid and on-premise Exchange messaging environments.

Try Promodag Reports Free for 45 Days

Cookie Notice

Find out more about how this website uses cookies to enhance your browsing experience.