I was reading a thread on the forum and realize consent for the privacy checkbox must be optional for end-user.
My question is, if end-user does not consent, by not ticking the box and submits the form, what do we as Marketo record owners need to do on our end? - Is there a standard or protocol for that?
Are we to purge their submission? Or are we just to recognize we must not use their information for anything else?
Here is a good example, and why would any one bother completing the form in the first place if they do not want the following to occur?
Yes, I consent to having COMPANY NAME collect my contact details. By checking this box and clicking the submit button of this page, I certify that I am a U.S. healthcare professional, and give permission for COMPANY NAME, or parties acting on its behalf, to contact me with information regarding COMPANY NAME products and solutions, invitations to events and seminars, industry updates and other notifications. I understand that the information I provide will not be given to anyone outside COMPANY NAME except for the agents or representatives processing this request.
While there isn't a one-size-fits-all approach, some common practices include refraining from using their information for marketing initiatives such as email campaigns or targeted ads. However, operational emails can still be sent.
Based on the example consent text, here's what you should consider:
As they haven't given consent, refrain from sending them any promotional or marketing emails.
If the form pertains to a one-time download or service request (e.g., requesting a white paper), ensure prompt processing and fulfillment of their need. There's no necessity to purge the data entirely if it remains relevant to fulfilling the initial request.
You can also consider providing an alternative opt-in option on the form itself or on a subsequent post-submission landing page. This alternative allows users to select specific types of communication they're interested in (e.g., industry updates, newsletters, and product promotions).
Also, to answer your last question, they may be interested in the offered content or service but not want to receive marketing communications or might not fully understand the implications of consenting and prefer to err on the side of caution could be a couple of reasons they filled out the form in the first place w/o consenting.
If you have a checkbox asking for consent and someone does not check the box they should be removed from further communication. As a Marketo record owner you should have a consent management program in place to process opt-in/opt/outs.
As a blanket statement, that's not 100% correct (although mostly correct).
For example: In NZ if a person fills in a form requesting information but not consenting to marketing, you are allowed to fulfil the request (i.e. it might be gated content that they can only access from a link in an email). Obviously you cannot market further to them.
I believe this is also true in the EU when operating under GDPR guidelines.
What I quite often suggest to clients (and have built on a few occasions) is a module that is hidden if they've consented to receiving marketing and visible if they haven't that prompts them to sign up (with an explanation of why the marketing, special offers, etc. are so valuable for them).
More broadly and not really anything to do with your comments (and I've passed comment on this at least once before on Nation), I thinking using a checkbox for consent is a terrible idea. It is much better to use a mandatory radio button with no initial state. That way the person filling in their details must make a conscious decision about opting in or out. A checkbox (even unselected) is a valid state when mandatory, so a user can unconsciously skip over it. You do not fall foul of any rules by adopting this approach, as you are not opting them in by default.
Cheers
Jo
☝️