AnsweredAssumed Answered


Question asked by Vineela Maram on Apr 17, 2018
Latest reply on Apr 23, 2018 by Michelle Miles

Hi All,


As part of our GDPR prep, I have come up with few scenarios on how we obtain and  could process our data in compliance with GDPR. I would really appreciate your inputs and correct me if I am doing something wrong.

Below are the fields that I have created for this purpose.


GDPR Consent

GDPR  Consent date and time

GDPR Consent  purpose



Online Lead: Web forms and Marketo forms

Offline Lead: Manual uploads


All our Marketo and web forms will have a Checkbox and we will update the above field values if the checkbox is marked. However, I stumbled on few scenarios that I have listed below:


  1. Our CMS that hosts web forms will still pass the information into Marketo even though the checkbox is not marked(if they don’t opt-in) as it is  not a required field and the user will be able to submit the form. Can we have user information who have not opted-in as part of our marketo db?
  2. If I have a returning or existing lead that previously have/have not provided consent, as part of form fill or a manual upload, could we override GDPR values with the new Consent value, date and purpose or should we maintain history?

Ex: I have a lead who filled out our Marketo form and provided consent and the GDPR values were updated as True etc. In future, if I get the same lead as part of a tradeshow upload or if they fill out our web form, system would override previous value with the new one. Is this ok or should we maintain history by creating additional fields and append all the data for auditing purposes.