GDPR and Privacy: "anonymize person" flow step

GDPR and Privacy: "anonymize person" flow step

As part of the GDPR, we need to get consent from people in order to be able to keep their data. If someone registers to download a white paper but does not opt-in, we are supposed to delete any reference to the person. This means deleting it or anonymize it.

One very big issue with this is that when we delete the person, it is automatically deleted from all reporting.

The work around this is to anonymize the person, since it is accepted that we keep anonymous information in our systems. We can easily replace the first name, last name or email address in the database with "John Doe" or "Anonymous Person". But there are some information that cannot be manipulated from a smart campaign:

  • Cookie IDs attached to the person
  • Inferred and system data such as the IP address
  • Data value changes in the activity logs
  • Fills out form in the activity logs

Furthermore, relying on users to run data value changes is error prone.

It would be very helpful if a new "anonymize Person" flow step was created.

In the field management, we would be able to define which fields should be anonymized, and what would be the anonymous value for each of them (for instance, we would define that the anonymous value for first name would be "Anonymous" and for last name it would be "Person", and NULL for the email address).

Then, when running the "Anonymize person" flow step, Marketo would automatically replace all the fields set in the admin with their anonymous value, cleanse the system fields that could be considered as personal Ids and also cleanse all the DVC activities (either deleting them or replacing all values with their anonymous counterpart).



A system-maintained checkbox field should also be added so that we can easily filter all anonymized persons.

These persons would also be added to the non marketable stats of the database, and would automatically be excluded from email sends, as blacklisted ones are.

Level 6 - Champion Alumni

Great idea!!

Not applicable

Seems to me that this suggestion is not merely QoL, but essentially a requirement for continued use of this platform. To Grégoire's point regarding content downloads and users who don't opt-in - many of us will be deleting quite a few records regularly since double opt-in will become the norm while opt-out goes the way of the buffalo. This could greatly skew reporting, and thus our ability as marketers to back up our value with concrete data.

It reminds me of (not set) in Google Analytics and the scramble that took place as we implemented workarounds so that we could continue to leverage GA data in support of our marketing programs.

Please don't force us to eliminate the data that helps us to demonstrate our value!

time to summon users to the community and have them vote for it

Christina Fuentealba​,

If you are still in charge of reviewing the ideas from the community, this one is probably worth a look and might even be a game changer.


Level 10 - Champion Alumni

Here's some more detail around anonymization/pseudonymization - which is the basis for Greg's idea (and a piece of core functionality that's needed in Marketo to help us marketers continue to report accurately and prove our value to the business):

Looking to comply with GDPR? Here's a primer on anonymization and pseudonymization

Data masking: Anonymisation or pseudonymisation? - GDPR.Report

The new data retention policy will solve partitally the issue with regards to DVC, since these will be erased after 90 days....


Level 10 - Champion Alumni

I think we may be underestimating the impact GDPR will have on our marketing database:

In a February 2018 survey of 1,050 UK internet users conducted by The7stars, nearly 60% of respondents said GDPR is making them question how much data companies have on them. And about a third of those polled plan to exercise their right to be forgotten after GDPR goes live.

Level 6 - Champion Alumni

Wow, that's the highest report I've seen. Interesting.

Hi Dan,

The point is not about how many will expressly exerce the right to be forgotten, but how many will not even take the time to answer the campaigns everyone is launching to convert non-opt-out's into opt-in's. By default, if you interpret the GDPR strictly, any records that is still non-opt-out on May 25th will be non-opt-in and therefore will have to be switched to opt-out... And so far, the response rates to the "are you interested in out content" campaigns is below 10%...