Best practice or process when honoring an EU lead's request to be removed from the database

Highlighted
Level 3

Best practice or process when honoring an EU lead's request to be removed from the database

When an EU lead asks to be erased from the database, is there a best practice to abide by other than simply deleting the person from each system that stores data on the individual (Marketo, CRM)?

4 REPLIES 4
Highlighted
Level 10 - Champion Alumni

Re: Best practice or process when honoring an EU lead's request to be removed from the database

you should discuss this with your legal team. Some issues that come up are:

  • Remove it from all systems.
  • record that you did the deletion
  • confirming with the requestor
  • is the requestor authorized to request this?
  • can you backup the person offline just in case?
Highlighted
Level 3

Re: Best practice or process when honoring an EU lead's request to be removed from the database

Thanks Josh. I'll reach out to my legal team to confirm some of those items/issues.

Highlighted

Re: Best practice or process when honoring an EU lead's request to be removed from the database

Well,

That's roughly what "erase data" means, doesn't it?

You could anonymize it, but you need to know that it's impossible to fully anonymize a lead in Marketo.

Vote here:

-Greg

Highlighted
Champion Moderator

Re: Best practice or process when honoring an EU lead's request to be removed from the database

With the caveat that we have a pretty robust InfoSec team and policy, this is our process:

1. Person emails privacy@, or whoever in the company received the initial request forwards to privacy@

2. Privacy@ triggers a Jira ticket, which is managed by an InfoSec team member

3. Team member verifies the legitimacy of the person/request

4. Person emails alias forgetme@, which has representatives from all business system stakeholders: Marketo, SFDC, Heap Analytics, and our own app

5. Members of forgetme@ each delete the person from their system, and reply-all back to forgetme@

6. Privacy@ confirms deletion with requestor