GDPR and Privacy: "anonymize person" flow step

GDPR and Privacy: "anonymize person" flow step

As part of the GDPR, we need to get consent from people in order to be able to keep their data. If someone registers to download a white paper but does not opt-in, we are supposed to delete any reference to the person. This means deleting it or anonymize it.

One very big issue with this is that when we delete the person, it is automatically deleted from all reporting.

The work around this is to anonymize the person, since it is accepted that we keep anonymous information in our systems. We can easily replace the first name, last name or email address in the database with "John Doe" or "Anonymous Person". But there are some information that cannot be manipulated from a smart campaign:

  • Cookie IDs attached to the person
  • Inferred and system data such as the IP address
  • Data value changes in the activity logs
  • Fills out form in the activity logs

Furthermore, relying on users to run data value changes is error prone.

It would be very helpful if a new "anonymize Person" flow step was created.

In the field management, we would be able to define which fields should be anonymized, and what would be the anonymous value for each of them (for instance, we would define that the anonymous value for first name would be "Anonymous" and for last name it would be "Person", and NULL for the email address).

Then, when running the "Anonymize person" flow step, Marketo would automatically replace all the fields set in the admin with their anonymous value, cleanse the system fields that could be considered as personal Ids and also cleanse all the DVC activities (either deleting them or replacing all values with their anonymous counterpart).

-Greg

56 Comments

Yes, Sanford is clearly right on this.

Now, you can make the consent to store linked to the submission of the form, meaning you do not necessarily need a specific checkbox on this. But you need to make it clearly explicit. See for instance this form: https://www.salesforce.com/form/events/webinars/form-rss/1662434?d=cta-header-7 ​ that has a check box for receiving emails but a simple mention for the consent to store.

-Greg

Level 1

I agree simply sending out an updated Privacy Policy is NOT compliant in order to continue emailing to them once GDPR has taken effect (unless they've already opted in). The way we're using the Privacy Policy is right at form submission - so before they can submit their data, they need to agree to the Privacy Policy, which means they understand we will store their data in a secure space and they can request us to delete anytime, but they can optionally agree, in a separate checkbox, that they would like to receive future communications from us. So it's 2 separate thing - we're first making sure they understand our Privacy Policy BEFORE they give us any data, and the second is for general email consent.

Greg's Salesforce form example is exactly what I meant - you don't need to gather explicit consent to store the data from a form submission, but it can be held within the privacy policy (which many companies have updated to include GDPR sections) so that when people submit the form they have to agree to the Privacy Policy. Which brings me to my original post's point - that we wouldn't be required to delete or anonymize form submission data just because they didn't consent to future communications.

Hi Elsa,

we wouldn't be required to delete or anonymize form submission data just because they didn't consent to future communications

Agreed as long as the forms are designed to clearly separate the 2 consents.

-Greg

Anonymous
Not applicable

So how is everyone solving for this since Marketo is not providing a solution?

LM

Level 10 - Community Moderator

The only "workaround" is full deletion.

Level 5

There is tool called Talend that seems to offer a solution. here is some additional information: https://www.talend.com/resources/anonymize-data/

If someone has used it, feedback you be welcome.

Hi Axel,

Talend happens to be a Marketo customer.

Nevertheless, they will not be able to update Marketo activities to hide DVC values, since no API enable access to these information. Neither will they be able to remove cookie values from persons, for the same reason.

-Greg

Level 10 - Community Moderator

Like Greg says, Marketo's operation can't be changed via API integration. The internal workings are always the same and do not allow anonymization of existing records.

Offline data warehouses (built using any technology) can have an anonymization feature -- but that's for offline database rows. They still have to delete the lead from Marketo.

Level 5

Thank Greg for the info. that is too bad we cannot do it with Talend.