Re: GDPR - What are you doing to prepare?

Anonymous · ‎03-01-2017

Curious to hear how others are preparing for General Data Protection Regulation (GDPR)?

Peter_Bell · ‎09-14-2017

Hi Dan,

Noting these comments do not constitute legal advice (that needs to come from your legal team) a couple of comments for you and others in this discussion.

As with all data protection laws compliance requires commitment from both technology providers and their customers, to one of the points in this thread we (Marketo) can't "make you compliant". Specific to the GDPR there are new requirements on “Data Processors” such as Marketo. We will be in compliance with the GDPR by May 25th, 2018 (the date it comes into force) and Marketo’s services already include the functionality necessary for our customers to comply with the GDPR’s requirements on them. To the latter point I'm in the process of documenting the functionality that will help with that that but if you know your Marketo then this is about modifying forms to include the correct consent and privacy notices and having your programs respect the end customer preferences.

There are two key areas of the GDPR that are particularly pertinent to Marketers that I'd draw your attention two and that consequently require careful assessment of past, current and future practices. The first is consent by the individual to collect and use their personal data and the second is accountability, namely being able to demonstrate how they comply with the principles of the GDPR.

As I mention above we will be publishing more on this topic, the deeper content will take a while but we'll have updates coming though via Marketo.com, I can link to those as we publish. For now there is a useful resource we have licensed for our customers here

Peter

View solution in original post

Diego_Lineros2 · ‎11-17-2017

I think that everyone should consider "Consent" or "No Consent" as the most important "Interesting Moment". Interesting moments are shown in CRM, can't be deleted or overwritten and can be populated with the subscription centre information provided by the the lead and system tokens. You can also create a smart campaign to alert and ask the lead to renew the "consent" once it has expired.

Amanda_Thomas6 · ‎11-17-2017

Great advice!

Aaron_Anzaldua · ‎11-03-2017

This is a hot topic in the Martech space and something that I am starting to have a lot of conversations around GDPR and there seems to be a lot of companies scratching their heads on what actions need to be taken to be GDPR compliant. This is something that my company Openprise can help with.

Before GDPR (General Data Protection Regulation), a couple of simple tweaks to your process, a line of text, a roll of your eyes and congratulations, you just complied with the latest acronym. But, not this time. With GDPR, the things marketing and sales teams do every day can cost you:

Hit the magic button inside Salesforce to enrich a lead with an email and phone from a 3rd party provider.

Email a spreadsheet of contacts to your trusted agency partner

Watch data flow seamlessly from your marketing automation solution another app, exactly like it was designed to do.

if you've for personally identifiable information (PII) from anyone in the European Union in any of those, and you don't have a DPA (Data Processor Agreement) in place with those companies, your not GDPR compliant, and it could cost your company up to 4% of a company's annual global revenue.

This is something that Openprise can definitely help with. We can help you control the flow of ED Data out of your company through find-grained data filters and permission roles. Identify leads and contacts that fall under GDPR, even without a valid country field value.

Please do let me know if this is something you would like to chat about further. 🙂

GDPR Compliance - Accomplish It with Ease via Openprise

Amanda_Thomas6 · ‎10-27-2017

Hi All,

Just posted some slides and notes I took from a GDPR workshop I attended earlier this week. Link below.

GDPR Workshop From TrustArc

Amanda_Thomas6 · ‎09-19-2017

Some documentation I've found on this...

https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf

GDPR: Ready or Not, Here it Comes

Simone_Vincent · ‎09-15-2017

We need to collect/monitor/audit etc permissions for other non-digital channels that aren't pushed via Marketo. What systems are you integrating with to support this additional level of permissioning?

Anonymous · ‎02-22-2018

Hi Simone,

There are website compliance software solutions that can present the website visitor with the choice to allow or block cookies by type. For example, they scan your website on a regular basis and present the visitor with an update list of cookies. They inform the visitor what the cookie does and allows them to both give and withdraw consent. As long as they give consent to your Marketo tracking cookie - you can use that.

I am implementing this one: GDPR website compliance software solution - IT Trust

Best of luck!

Mihaela B

Janet_Dulsky · ‎02-22-2018

Sanford Whiteman, I appreciate your reminder to our members about our Community Guidelines. I did reach out to Mihaela Bisnel directly.

Thanks.

Janet

Jack_Yusko1 · ‎09-14-2017

Hi everyone, hope you’re all doing well. I’m with the Privacy team here at Marketo and we are hard at work implementing a comprehensive GDPR compliance program, leveraging resources from across the organization to ensure that Marketo is GDPR compliant and that all Marketo customers have the tools they need to bring their Marketo instances into compliance with all relevant GDPR provisions. While I wish that I could connect with each of you individually, with 5,000+ customers I would quickly run out of time to actually implement our compliance initiatives!

Our GDPR website is currently in the publishing process and we expect it to go live within the next week or two. We are also putting together guidance on consent (including a number of common scenarios involving obtaining, documenting, and maintaining consent) and the accountability principle (including information on audit trail, activity log, and role-based permissions). If you’d like more information on the compliance initiatives we’re implementing in our organization, ask your CSM for our GDPR summary document.

Our Sr. Direct of Product Marketing in EMEA wrote the following blog post that I hope you’ll find interesting:

https://blog.marketo.com/2017/06/gdpr-opportunity-play-win-engagement-economy.html

Here’s a how-to guide on implementing a preference center:

https://nation.marketo.com/blogs/marketowhisperer/2015/11/23/build-an-email-preference-or-email-subs...

While the GDPR may seem daunting, it is a great opportunity to put ourselves in the data subject’s shoes and position ourselves as leaders in the engagement economy.

Thank you,

Jack Yusko

Anonymous · ‎01-03-2018

Is there any updates on the Marketo GDPR website you are publishing?

Also i can see Marketo is talking about DNT functionality being already in place however that would disable the tracking not enable the tracking when people are agreeing to be tracked which is GDPR requirement. My understanding of it is to have a tracking switch on by default and only when people are opting in we can enable the tracking.

Moreover, as it was discussed on other discussion chain opt out parameter on the landing page only works for v152 however our version is 151.

Also disabling function of the Munchkin tracking code on the website is one thing what its your view on the Marketo landing pages, and how we could possible place pop up window on them? is there any functionality which can erase tracking from the activity log?

I would much appreciate your thoughts.

Gabby

SanfordWhiteman · ‎01-03-2018

See my answers on your other thread GDPR - how to disable munchkin code from Marketo Landing pages

Also disabling function of the Munchkin tracking code on the website is one thing what its your view on the Marketo landing pages, and how we could possible place pop up window on them?

Same way you would place a modal on any page -- Marketo templates can load the same JS you're using on your corporate site.

is there any functionality which can erase tracking from the activity log?

No, you cannot erase actions from the Activity Log.

Of course, if you only have one action logged; it was a still-anonymous session (so you would not even see it at the Marketo person level); and you never add any additional other actions, that may not reach the level of "tracking."

After all, it's not as if Marketo's webserver (or your corporate webserver) will not write a line to its HTTP logfile for that same single hit. Stitching multiple hits together via cookie- or URL-based session information is what commonly constitutes tracking an end-user. Your legal team will make the final call, but they often (or nearly always) have no comprehension of the difference between standard logging and tracking.

Anonymous · ‎01-04-2018

Thank you Sanford Whiteman. That leaves me with a question if there is a way to have a munchkin switched of by default and enabling munchkin as and when people opt in to being tracked ?

Regards

Gabby

SanfordWhiteman · ‎01-04-2018

Let's switch this to your other thread GDPR - how to disable munchkin code from Marketo Landing pages. Working on old threads ends up being bad for future searches (and only the OP can mark one answer as Correct).

(Also, you don't really have to @ me as I'm always checking the Community!)

Iryna_Zhuravel4 · ‎06-16-2017

I spoke with Marketo folks about it at the Summit, they are preparing for GDPR and should share some info in the near future.

We are hiring a third-party company to do an audit of our process to make sure we are compliant, fines go up to 20 million euros, so we are trying to be extra careful.

Brittany_Stover · ‎09-13-2017

Yes the fines are astronomical! Definitely not something you to play around and merely get slapped on the wrist for. We also are having a third party from Europe help us outline our process to confirm we are compliant. I want to tag Janet Dulsky on this post to see if she can shed any light on this. May is still a ways off but it will be here before we know it.

Janet_Dulsky · ‎09-13-2017

Brittany Stover, yes, Marketo is absolutely preparing for GDPR and, in fact, my colleague Jack Yusko is leading the charge and can give you more color.

Thank you, Janet

Brittany_Stover · ‎09-14-2017

Jack Yusko I would love to connect with you and discuss this further if possible.

- Brittany

Stacy_Nawrocki1 · ‎09-14-2017

Me too. We are behind in these preparations and it's nearly upon us.

Dan_Stevens_ · ‎09-14-2017

I'd have to think GDPR will impact a large percentage of Marketo's customers given how many of us operate in the global economy (even if we don't have physical locations outside of the US (we have 23, btw). I think this survey proves it thus far:

Brittany_Stover · ‎09-14-2017

I think come May a LOT of companies are going to be having an OH NO moment!