Your Achievements
Level 1
0% to
Level 2
Next /
to gain points, level up, and earn exciting badges like the new Applaud 5 BadgeLearn more!
View All BadgesSign in to view all badges
Open Alert Bar
SOLVED

Marketo technical GDPR questions

Go to solution
Anonymous
Not applicable
‎03-14-2018 09:18 AM
‎03-14-2018 09:18 AM

Marketo technical GDPR questions

Hi guys,

I've been asked by our legal team at the company about how Marketo technically complies to the GDPR

  • Access Control: Who is accessing the data and it is from the office or at home? Should it be allowed only at the office?
  • Logs: For how long can we keep the logs of a record?
  • Is the data being encrypted when saved or it can be stolen as plain text for being in the cloud?
  • Deletion of inactive leads after certain time is a must?

Regards,

Raúl

0 Likes
1,652
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Grégoire_Miche2
Level 10
Level 10
‎03-14-2018 09:25 AM
‎03-14-2018 09:25 AM

Re: Marketo technical GDPR questions

Hi Raul,

answers below

Access Control: Who is accessing the data and it is from the office or at home? Should it be allowed only at the office?

Admin cannot be restricted. All other users can through IP filtering (see admin->login settings)

Who can access and export the data depends on how your roles are set. Look there, there is no standard answer to this, you will have look into the roles and see who can access to the database, and export data. Standard roles have been documented a year ago here: Roles Documentation

Logs: For how long can we keep the logs of a record?

Look at Marketo Activities Data Retention Policy - Overview & FAQ

Is the data being encrypted when saved or it can be stolen as plain text for being in the cloud

Marketo offers a Database encryption option. Pretty expensive, though. Otherwise, all traffic between the UI and the servers are HTTPS encrypted and you should consider also getting the HTTPS option for your landing pages, if you have not done so yet

Deletion of inactive leads after certain time is a must?

Yes, but this is your responsibility as a marketer, not Marketo's

-Greg

View solution in original post

1,448
Reply
2 REPLIES 2
Grégoire_Miche2
Level 10
Level 10
‎03-14-2018 09:25 AM
‎03-14-2018 09:25 AM

Re: Marketo technical GDPR questions

Hi Raul,

answers below

Access Control: Who is accessing the data and it is from the office or at home? Should it be allowed only at the office?

Admin cannot be restricted. All other users can through IP filtering (see admin->login settings)

Who can access and export the data depends on how your roles are set. Look there, there is no standard answer to this, you will have look into the roles and see who can access to the database, and export data. Standard roles have been documented a year ago here: Roles Documentation

Logs: For how long can we keep the logs of a record?

Look at Marketo Activities Data Retention Policy - Overview & FAQ

Is the data being encrypted when saved or it can be stolen as plain text for being in the cloud

Marketo offers a Database encryption option. Pretty expensive, though. Otherwise, all traffic between the UI and the servers are HTTPS encrypted and you should consider also getting the HTTPS option for your landing pages, if you have not done so yet

Deletion of inactive leads after certain time is a must?

Yes, but this is your responsibility as a marketer, not Marketo's

-Greg

1,449
Reply
Anonymous
Not applicable
‎03-14-2018 12:07 PM
‎03-14-2018 12:07 PM

Re: Marketo technical GDPR questions

Hi Greg,

Thanks a lot!

0 Likes
1,448
Reply
Home