If you are using a SAP CRM system and its email marketing system with prospects and customers from the European Union, then the GDPR legislation is very important for you and your organization. You will need explicit permission to store records and email addresses of prospects and customers to follow GDPR compliance requirements. Pseudonymization can reduce the risk with these data protection processes.
This new Data Privacy Framework replaces the EU Safe Harbor program but did not however embed protections against US law and policy on government surveillance. However, the GDPR and Privacy Shield and are now fully confirmed and enacted, transferring data across the Atlantic is still a challenging and complex legal procedure.