I have worked on getting our subscription center in Marketo GDPR compliant and I think I've come quite a long way. I created fields to keep track of Consent, and I'm logging the actions the user takes when subscribing / unsubscribing. However, there are more sources where leads can come from, entering Marketo.
The one I'm struggling with at the moment (process-wise) is Salesforce. In our case we have a filter between Marketo and Salesforce, so only leads with 'Sync with Marketo' set to True, will actually be synced.
What if there's a lead or contact in Salesforce, and a sales rep switches on the 'Sync with Marketo' checkbox...
The leads enters Marketo and I can see that by the fact that a Person is Created (previously called Lead) and 'People Source is set to 'salesforce.com'.
Now what if in Salesforce the person has opted-in for email (Email Optout = FALSE)? I cannot prove that this person has opted in (Consent) so I cannot email this person from Marketo.
Now I'm wondering - instead of solving the problem on the Marketo side, should I solve the issue in Salesforce, by doing a batch update for all leads that are not yet synced, and set Email optout to TRUE? Did anyone bump into this question and have some ideas or best practices?
It could get a bit more complicated when the newly created lead in Marketo already exists etc, but maybe first get the basics working...
Any insights are much appreciated.