Obligatory "I am not a lawyer, blah blah blah"
My general approach to these types of things is that your system response should be as reflective as possible of the intent of the customer. In order for you to get a good sense of the intent of the customer, you need to make sure that the process is very clear and transparent to them.
So a process that just says "opt out of our company" is a hard one to really gain a transparent view of intent on - what this means is a bit up to interpretation - they could just mean "I just don't want promotional emails anymore", or they could mean "delete all my data and don't come within 50ft of me for the rest of my life".
A process that says unsubscribe me from marketing emails from this company is much clearer - if you tick that box, you are withdrawing consent to marketing emails, not other forms of marketing and not requesting data removal, so we will unsubscribe you, but not delete your data.
That's not to say we prevent you from opting out/requesting removal from other features, but rather that we have separate clear processes around how those things are done, make those processes readily accessible with links to our privacy centre in comms/on website, and a dedicated contact form for more complex/comprehensive requests like that.
I think of it kind of like the opt in process inverted - just as we should be very transparent about what people are opting into, we should do the same in opting out.
But again - I am not a lawyer...
Thanks for your insight. Also based on what you said you should be careful, because if you specify that they can only be removed from email; you will need to specify if and how they can be removed from the phone list and if you go that far you will need to specify how the data erasure should happen.
My question wasn't so much about the removal of the individual as much as the business tracking data for campaign history to make decisions on future trade shows and events.The individual is attached to campaigns. We can't really track that person if they request to not be tracked, but data for historical research of event effectiveness should be safe, based on lawyer and articles found online, I was just curious how people managed this concept.
If a person asked to be removed, do you remove that historical data on events? What the impact has been for those who have. What process do you use? do you create a separate list with in the system that you can use to cross-reference the data?
Oh yes absolutely - you're right abut ensuring that it's clear how they can opt out to other forms of marketing. My intention is more to make the point that those opt out points should avoid being vague
To your point on the data removal - this has been a topic of quite a lot of conversation in the community. If the advice that you've received is that historical data is safe as long as it's not attached to personally identifiable information, that'd be consistent with my understanding. The current problem is how to detach the PII. At this point - again, I'm not a lawyer, but this is my understanding - if a person requests explicitly to have their data removed, then your two options are either a) destroy everything or b) anonymise everything. Unfortunately, Marketo doesn't currently support anonymisation - there is a highly upvoted idea for it though: GDPR and Privacy: "anonymize person" flow step.
Since there's no real way of achieving (b) right now, (a) is really the only solution right now for most people - which means you will lose that historical data. So it kind of loops you back to making sure that the process for data removal requests is clearly separated from unsubscribes, etc, because while we should be making sure people can request it (as is their right), we want to ensure that we can present other solutions first so that we can keep those requests to a reasonable minimum.
If anyone's found a simple means of achieving (b) currently I'd be super keen to hear it