SOLVED

Validating a contact

Go to solution
SSallee
Level 2

Validating a contact

We are working on GDPR policy and compliance. We have a Marketo form with GDPR options available, i.e. Data Deletion, Information Request, Object to Processing, etc... Our Data Privacy Officer will be providing the link to contacts via an email. We want to be able to validate the contact is who they say they are using tools we already have inhouse. Our Marketo instance is synced with Salesforce, which is synced with ZoomInfo. Does anyone have any suggestions or thoughts on how we might accomplish this validation with these tools?

 

Sherry Sallee

Marketing Automation Specialist, Televerde

2 ACCEPTED SOLUTIONS

Accepted Solutions
Darshil_Shah1
Level 10 - Community Advisor + Adobe Champion

Re: Validating a contact

I'm not a 100% GDPR and data privacy pro but IMHO, the ideal way is to only allow people to be able to request their data on the email address that they have used on your website or request them to verify their alternate email address before releasing any of their data to a different email address.

 

Following the above, you'd essentially query and send the data of the person with the email address that they have submitted on the IR form. If they use a different email address on the IR form than the one that they used previously on your website, you should not provide them with the data without verifying the email address. To state very clearly, before sending them any data on their secondary email address, you should ask them to verify their secondary email address via their primary email address instead of relying on third-party data enrichment or insights platforms.

 

Happy to hear thoughts about this Q from others in the community as well.

 

View solution in original post

SanfordWhiteman
Level 10 - Community Moderator

Re: Validating a contact

My understanding, from working with many GDPR-subject clients, is that you may not imply any consent. Consent is explicitly provided by the proven owner of an email address.

View solution in original post

2 REPLIES 2
Darshil_Shah1
Level 10 - Community Advisor + Adobe Champion

Re: Validating a contact

I'm not a 100% GDPR and data privacy pro but IMHO, the ideal way is to only allow people to be able to request their data on the email address that they have used on your website or request them to verify their alternate email address before releasing any of their data to a different email address.

 

Following the above, you'd essentially query and send the data of the person with the email address that they have submitted on the IR form. If they use a different email address on the IR form than the one that they used previously on your website, you should not provide them with the data without verifying the email address. To state very clearly, before sending them any data on their secondary email address, you should ask them to verify their secondary email address via their primary email address instead of relying on third-party data enrichment or insights platforms.

 

Happy to hear thoughts about this Q from others in the community as well.

 

SanfordWhiteman
Level 10 - Community Moderator

Re: Validating a contact

My understanding, from working with many GDPR-subject clients, is that you may not imply any consent. Consent is explicitly provided by the proven owner of an email address.