SOLVED

GDPR - What are you doing to prepare?

Go to solution
Anonymous
Not applicable

GDPR - What are you doing to prepare?

Curious to hear how others are preparing for General Data Protection Regulation (GDPR)?

1 ACCEPTED SOLUTION

Accepted Solutions
Peter_Bell
Level 2

Re: GDPR - What are you doing to prepare?

Hi Dan,

Noting these comments do not constitute legal advice (that needs to come from your legal team) a couple of comments for you and others in this discussion.

As with all data protection laws compliance requires commitment from both technology providers and their customers, to one of the points in this thread we (Marketo) can't "make you compliant". Specific to the GDPR there are new requirements on “Data Processors” such as Marketo. We will be in compliance with the GDPR by May 25th, 2018 (the date it comes into force) and Marketo’s services already include the functionality necessary for our customers to comply with the GDPR’s requirements on them.  To the latter point I'm in the process of documenting  the functionality that will help with that that but if you know your Marketo then this is about modifying forms to include the correct consent and privacy notices and  having your programs respect the end customer preferences.

There are two key areas of the GDPR that are particularly pertinent to Marketers that I'd draw your attention two and that consequently require careful assessment of past, current and future practices. The first is consent by the individual to collect and use their personal data and the second is accountability, namely being able to demonstrate how they comply with the principles of the GDPR.

As I mention above we will be publishing more on this topic, the deeper content will take a while but we'll have updates coming though via Marketo.com, I can link to those as we publish. For now there is a useful resource we have licensed for our customers here 

Peter

View solution in original post

35 REPLIES 35
Brittany_Stover
Level 5 - Champion Alumni

Re: GDPR - What are you doing to prepare?

Katie Pope​​  

I know that our company also is in the weeds trying to prepare for this. I also know that Grégoire Michel has included this in an ideas forum. Any update or active project from the Marketo side of things?

Iryna_Zhuravel4
Level 8 - Champion Alumni

Re: GDPR - What are you doing to prepare?

I spoke with Marketo folks about it at the Summit, they are preparing for GDPR and should share some info in the near future.

We are hiring a third-party company to do an audit of our process to make sure we are compliant, fines go up to 20 million euros, so we are trying to be extra careful.

Brittany_Stover
Level 5 - Champion Alumni

Re: GDPR - What are you doing to prepare?

Yes the fines are astronomical! Definitely not something you to play around and merely get slapped on the wrist for. We also are having a third party from Europe help us outline our process to confirm we are compliant. I want to tag Janet Dulsky on this post to see if she can shed any light on this. May is still a ways off but it will be here before we know it.

Janet_Dulsky
Marketo Employee

Re: GDPR - What are you doing to prepare?

Brittany Stover​, yes, Marketo is absolutely preparing for GDPR and, in fact, my colleague Jack Yusko​ is leading the charge and can give you more color.

Thank you, Janet

Brittany_Stover
Level 5 - Champion Alumni

Re: GDPR - What are you doing to prepare?

Jack Yusko I would love to connect with you and discuss this further if possible.

- Brittany

Dan_Stevens_
Level 10 - Champion Alumni

Re: GDPR - What are you doing to prepare?

I would as well.  Better yet, would love to see some posts here in the community - direct from Marketo - on how Marketo will be doing what they can from a platform/infrastructure perspective - in ensuring all customers are compliant with GDPR.

Anonymous
Not applicable

Re: GDPR - What are you doing to prepare?

I second that!

Peter_Bell
Level 2

Re: GDPR - What are you doing to prepare?

Hi Dan,

Noting these comments do not constitute legal advice (that needs to come from your legal team) a couple of comments for you and others in this discussion.

As with all data protection laws compliance requires commitment from both technology providers and their customers, to one of the points in this thread we (Marketo) can't "make you compliant". Specific to the GDPR there are new requirements on “Data Processors” such as Marketo. We will be in compliance with the GDPR by May 25th, 2018 (the date it comes into force) and Marketo’s services already include the functionality necessary for our customers to comply with the GDPR’s requirements on them.  To the latter point I'm in the process of documenting  the functionality that will help with that that but if you know your Marketo then this is about modifying forms to include the correct consent and privacy notices and  having your programs respect the end customer preferences.

There are two key areas of the GDPR that are particularly pertinent to Marketers that I'd draw your attention two and that consequently require careful assessment of past, current and future practices. The first is consent by the individual to collect and use their personal data and the second is accountability, namely being able to demonstrate how they comply with the principles of the GDPR.

As I mention above we will be publishing more on this topic, the deeper content will take a while but we'll have updates coming though via Marketo.com, I can link to those as we publish. For now there is a useful resource we have licensed for our customers here 

Peter

Dan_Stevens_
Level 10 - Champion Alumni

Re: GDPR - What are you doing to prepare?

Appreciate your input Peter, totally agree.  Not only do we have a well-staffed legal team working with us on this, but a formal steering committee consisting of functional leads from around the world and recruiting data privacy officers for our various regions.  But as Marketo is the "data processor" we're glad to finally get some perspective on this from Marketo (and glad that Marketo will be fully compliant).

I guess what's most concerning (not from Marketo) is some of the uncertainties that still exist (some of the final legislation may not be complete until early May 2018).  Most specifically around "legitimate interest".  Google it and you'll find so many interpretations of what this means.  Again, why it's so important that every company have the proper resources in place (legal, data privacy officers, consultants, etc.).  For example, I found this as one of the various interpretations of LI by a certain company (which I will not disclose).  Something tells me this will not hold up under GDPR - but we'll see.

XYZ Company processes only non-sensitive personal data that is aggregated from publicly available sources and relates to only what the PECR refers to as corporate subscribers. Under both the current PECR and the new PECR, opt-in consent will not be required for B2B email marketing so long as recipients can easily unsubscribe/opt-out. This will be honored by ensuring very clear opt-out / unsubscribe options are available to them in all communications sent to them. XYZ Company will be conducting an impact assessment to further underline and support its position of legitimate interests such as under GDPR Recital 47, which states that the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest.