Questions? Let us help!


Please enter your inquiry.




Phone (Optional):


Salesforce GDPR

StratoKey is a CASB that is designed to assist organisations in meeting their Salesforce® GDPR compliance requirements. StratoKey directly assists organisations in implementing Privacy by Design, Data Retention/Expiration and Right to be Forgotten when using cloud and SaaS applications. The StratoKey technology is comprised of a full security stack, including Encryption, Tokenization and Data Anonymization (whilst maintaining data format) features. StratoKey provides organisations with complete control over their data security through standards compliant encryption that protects the confidential information in Salesforce, this means the information you store in Salesforce is encrypted and your organisation has sole custody (even on-premise) of the encryption keys.

GDPR Encryption for Salesforce

StratoKey provides organisations with a mechanism to encrypt sensitive data before it leaves their control. This encryption and on-premise encryption key storage ensures that the organisation clearly meets the "kept separately" clause within GDPR (Article 4, (5)).

"the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption." - GDPR Recital (83)

Salesforce encryption, provided through StratoKey has never been more complete and without compromise. StratoKey supports your Salesforce deployment, users, workflow and reporting in its entirety. StratoKey even supports Apex scripts and SOAP & REST integrations. What's more, StratoKey can be deployed with zero endpoint configuration. This means external users can gain the benefits of high strength data protection through encryption, without needing to alter settings on their end computers. StratoKey is the complete CASB that provides organisations with central control over their entire enterprise suite of cloud and SaaS applications.

GDPR Data Expiration in Salesforce

StratoKey implements full data-expiration, de-identification, redaction and anonymization for Salesforce. When data is expired under GDPR, or an individual issues a Right to be Forgotten request, StratoKey can securely overwrite data within Salesforce without creating duplicates or breaking data format within Salesforce. This anonymization interface is lightweight, seamless and provides organizations with appropriate standards compliant data anonymization that meets GDPR data retention requirements. See our Salesforce Anonymization resource for more information.

Salesforce Integration

Field and attachment encryption

Mobile App support applications supported

Encryption of Files (PDF, Word, Excel etc.)

Single Sign On support (SSO)

Security Rule and Policy Enforcement

Data Anonymization of any field data

Apex & Workflow support

GDPR Compliance without Compromise

EMAD™ ensures GDPR compliance requirements are met through a complete set of powerful security controls designed to prevent data breaches and protect the privacy of personal data. StratoKey helps organisations meet encryption and privacy requirements specified within GDPR without limiting application function or interrupting user productivity. When an organisation deploys StratoKey, in addition to field and attachment encryption, organisations immediately gain security monitoring of users, analysis of interactions, detailed audit trails and security rule and policy enforcement. This is all provided in a enterprise scalable, high-throughput, low maintenance deployment.

Salesforce GDPR Guide Salesforce GDPR Encryption


* EMAD™ is a trademark of StratoKey Pty Ltd.