When an EU lead asks to be erased from the database, is there a best practice to abide by other than simply deleting the person from each system that stores data on the individual (Marketo, CRM)?
you should discuss this with your legal team. Some issues that come up are:
Thanks Josh. I'll reach out to my legal team to confirm some of those items/issues.
That's roughly what "erase data" means, doesn't it?
You could anonymize it, but you need to know that it's impossible to fully anonymize a lead in Marketo.
Vote here: GDPR and Privacy: "anonymize person" flow step
With the caveat that we have a pretty robust InfoSec team and policy, this is our process:
1. Person emails privacy@, or whoever in the company received the initial request forwards to privacy@
2. Privacy@ triggers a Jira ticket, which is managed by an InfoSec team member
3. Team member verifies the legitimacy of the person/request
4. Person emails alias forgetme@, which has representatives from all business system stakeholders: Marketo, SFDC, Heap Analytics, and our own app
5. Members of forgetme@ each delete the person from their system, and reply-all back to forgetme@
6. Privacy@ confirms deletion with requestor
Retrieving data ...