GDPR: The Elephant in the Room — Key Considerations for Compliance in Marketo
“The elephant in the room is not the problem, never. It is the people, ignoring it is.”
Let’s not be those people and procrastinate our way into May 25th, 2018, which is the enforcement date for GDPR. The European Union General Data Protection Regulations have been giving controllers and processors sleepless nights as they swither around their GDPR compliance strategy. This pervasive regulation applies to all the companies that collect and process data that belongs to European Union citizens.
Well, fret not! We’re here to elucidate it for you and also assist you with the key considerations for GDPR compliance in Marketo. Read on!
Understanding the major attributes in GDPR and their impact on businesses:
The key changes to consider are consent, territorial scope and penalties. Under GDPR, the level of ease of withdrawing consent should be the same as giving it and in an explicit, clear and plain language to receive an informed one. The territorial scope has been widened. Controllers and processors cannot steer clear of the GDPR obligations almost anywhere, due to this international reach, it’s plausibly the biggest change to the regulatory landscape of data privacy. As for penalties, the maximum that an organization can be fined for non-compliance of GDPR is 4% of the annual turnover or €20 million – whichever is higher.
Comprehending the Data Subject Rights to ensure GDPR Compliance:
Although Data Subject Rights are never downright undiluted, it’s essential to keep them in mind. These rights include breach notification to the controllers and their customers within 72 hours of becoming aware of the breach, right to access wherein individuals can access their personal data and supplementary information and right to be forgotten (also referred to as data erasure) gives the data subject the liberty to have the data controller erase their personal data, cease further dissemination of the data and potentially have third parties terminate processing of their data. There are other data subject rights as well but if you devise your GDPR strategy around these rights, you’d be in a safe-zone.
Utilizing Marketo to your advantage for GDPR Compliance:
Companies would need to get a GDPR-Specific Audit to determine the impact of GDPR on them. Let us give you a few crisp pointers for GDPR Compliance within the scope of Marketo:
- Update your forms/Landing Pages to comply with Opt-In functionality
- Create Double Opt-In for consent for maximum concurrence
- Account for scenarios to manage consent
- Create a Subscription Preference Center
- Enable Cookie Notices
- Document Processes (Lead flow and Third-Party Integrations)
- Assess and understand the access level for users in Marketo
- Run a Whitelisting Campaign for leads with no documentation of consent
Come May 25th, 2018, all organizations would need to be GDPR compliant to ensure that they don’t risk falling foul of the new directives, or regulations, that they are going to become. The game of dealing with the European Union citizens’ data is surely on. Let’s get strategizing!
