AnsweredAssumed Answered

GDPR consent to processing for support contacts created via email

Question asked by Amy Goldfine Champion on Apr 4, 2018
Latest reply on Apr 16, 2018 by Grégoire Michel

For GDPR, I'm reviewing all the ways that records are created in our systems and how we request and record consent to processing. I've come up with an edge case that I can't figure out! If someone emails support@[my company's domain], it creates a support case, and if the person is not in Salesforce, it will automatically create a Contact. We use Salesforce Communities as our support platform, but this is similar in Zendesk, etc.


There's no way to check if the person is in the EU and if so to obtain consent to processing before we actually process them! The majority of these people are trial or paid users, so are covered under their organization's MSA, but it's possible for someone who is not a user to contact support this way and have a Contact created. What do we do in this case!?!