Microsoft seems to be bringing GDPR required features to NAV with quick speed.
CU03 brought us a client with a new property on fields "DataClassification". We also got a bunch of table changes that have this property set. That caused the CU03 update being one of the largest CU I have personally ever seen.You can see this property set on Table 91 User Setup field User ID in the screenshot below.
I do not write more about CU03 now, you can always read more from Dynamics NAV team blog:https://blogs.msdn.microsoft.com/nav/2018/03/08/classifying-data-in-dynamics-nav/
In CU04, a number of tables have gained a new field; 150 Privacy Blocked. This is undocumented on the CU04 info page https://support.microsoft.com/en-us/help/4100770/cumulative-update-04-for-microsoft-dynamics-nav-2018-build-21441
This field seems to be doing two things. Being set, tt prevents adding the Customer, Vendor, Resource, Salesperson/Purchaser, Contact or Employee to documents, and adds Blocked::All to Customer and Vendor cards. An example of error message can be seen below.
So far this functionality is a good start for GDPR requirements, but I expect to see more changes related to this in following CU's. For example functionality to prevent a non authorized user from opening a Privacy Blocked card is something I would like to see. Also I am looking forward to see a report or functionality that quickly collects or deletes all data that is related to any single privacy protected entity. This is, after all, one of the main requirements in GDPR.