The GDPR Compliance Function
What is the GDPR Compliance function?
It is currently an optional and additional toggle as a part of the Compliance - Opt-In Form. If it is Enabled it will make the Guest Login Page (aka. Splash Page / Access Page / Campaign), and the data that is collected as part of the Guest Login process GDPR Compliant.
It ensures GDPR Compliance by:
- Performing tokenization of the Guest data collected as the Guest performs the Login Process (according the Terms of Service attached to that Campaign)
- If the Guest does not complete the Login Process, this tokenized data is discarded within 48hours, during which time it is not accessible by any other systems
- When the Guest successfully completes the Login Process they are presented the Opt-In Form which allows them to confirm their consent (Opt-In)
- If the Guest confirms consent (Opt-In), the processes to run Automations on their data are activated and performed
- If the Guest does NOT grant consent (Opt-Out) then we save a pseudonymized representation of the sensitive Guest data points [E-Mail and/or Phone Number]
- The pseudonymized Guest data allows us to continue to perform functionality such as "One Click Welcome Back" and generate appropriate reports and data aggregations, but without being able to retrieve the actual Guest data, it cannot be used for any personally identifiable means or for further communication
- No Automations or Integrations will be processed on Guests who have indicated that they wish to Opt-Out
Social Profiles collected from Guest Logins, that are GDPR Compliant will have the following GDPR Compliant badge displayed:
Will the Opt-In Form or GDPR Compliance be mandatory?
GDPR Compliance and usage of the Opt-In Form will be mandatory from May 25th 2018 for Channel Partners that operate within the EU or that process EU citizens’ data.
Any organizations outside of that scope do not have to Enable the Opt-In Form or GDPR Compliance. We encourage you to use the Opt-In Form if you do any kind of Post-Login Guest communication, as a way of establishing a clear record of Guest consent.