 
					
				
		
Hi guys,
I've been asked by our legal team at the company about how Marketo technically complies to the GDPR
Regards,
Raúl
Solved! Go to Solution.
Hi Raul,
answers below
Access Control: Who is accessing the data and it is from the office or at home? Should it be allowed only at the office?
Admin cannot be restricted. All other users can through IP filtering (see admin->login settings)
Who can access and export the data depends on how your roles are set. Look there, there is no standard answer to this, you will have look into the roles and see who can access to the database, and export data. Standard roles have been documented a year ago here: Roles Documentation
Logs: For how long can we keep the logs of a record?
Look at Marketo Activities Data Retention Policy - Overview & FAQ
Is the data being encrypted when saved or it can be stolen as plain text for being in the cloud
Marketo offers a Database encryption option. Pretty expensive, though. Otherwise, all traffic between the UI and the servers are HTTPS encrypted and you should consider also getting the HTTPS option for your landing pages, if you have not done so yet
Deletion of inactive leads after certain time is a must?
Yes, but this is your responsibility as a marketer, not Marketo's 
-Greg
Hi Raul,
answers below
Access Control: Who is accessing the data and it is from the office or at home? Should it be allowed only at the office?
Admin cannot be restricted. All other users can through IP filtering (see admin->login settings)
Who can access and export the data depends on how your roles are set. Look there, there is no standard answer to this, you will have look into the roles and see who can access to the database, and export data. Standard roles have been documented a year ago here: Roles Documentation
Logs: For how long can we keep the logs of a record?
Look at Marketo Activities Data Retention Policy - Overview & FAQ
Is the data being encrypted when saved or it can be stolen as plain text for being in the cloud
Marketo offers a Database encryption option. Pretty expensive, though. Otherwise, all traffic between the UI and the servers are HTTPS encrypted and you should consider also getting the HTTPS option for your landing pages, if you have not done so yet
Deletion of inactive leads after certain time is a must?
Yes, but this is your responsibility as a marketer, not Marketo's 
-Greg
 
					
				
		
Hi Greg,
Thanks a lot!
