GDPR - What are you doing to prepare? | Community
Skip to main content
This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Peter_Bell

I would as well.  Better yet, would love to see some posts here in the community - direct from Marketo - on how Marketo will be doing what they can from a platform/infrastructure perspective - in ensuring all customers are compliant with GDPR.


Hi Dan,

Noting these comments do not constitute legal advice (that needs to come from your legal team) a couple of comments for you and others in this discussion.

As with all data protection laws compliance requires commitment from both technology providers and their customers, to one of the points in this thread we (Marketo) can't "make you compliant". Specific to the GDPR there are new requirements on “Data Processors” such as Marketo. We will be in compliance with the GDPR by May 25th, 2018 (the date it comes into force) and Marketo’s services already include the functionality necessary for our customers to comply with the GDPR’s requirements on them.  To the latter point I'm in the process of documenting  the functionality that will help with that that but if you know your Marketo then this is about modifying forms to include the correct consent and privacy notices and  having your programs respect the end customer preferences.

There are two key areas of the GDPR that are particularly pertinent to Marketers that I'd draw your attention two and that consequently require careful assessment of past, current and future practices. The first is consent by the individual to collect and use their personal data and the second is accountability, namely being able to demonstrate how they comply with the principles of the GDPR.

As I mention above we will be publishing more on this topic, the deeper content will take a while but we'll have updates coming though via Marketo.com, I can link to those as we publish. For now there is a useful resource we have licensed for our customers here 

Peter

8 replies

Diego_Lineros2
Diego_Lineros2
New Participant
November 17, 2017

I think that everyone should consider "Consent" or "No Consent" as the most important "Interesting Moment". Interesting moments are shown in CRM, can't be deleted or overwritten and can be populated with the subscription centre information provided by the the lead and system tokens. You can also create a smart campaign to alert and ask the lead to renew the "consent" once it has expired. 

    Amanda_Thomas6
    Amanda_Thomas6
    New Participant
    November 17, 2017

    Great advice!

    Aaron_Anzaldua
    Aaron_Anzaldua
    New Participant
    November 3, 2017

    This is a hot topic in the Martech space and something that I am starting to have a lot of conversations around GDPR and there seems to be a lot of companies scratching their heads on what actions need to be taken to be GDPR compliant.  This is something that my company Openprise can help with.

    Before GDPR (General Data Protection Regulation), a couple of simple tweaks to your process, a line of text, a roll of your eyes and congratulations, you just complied with the latest acronym. But, not this time. With GDPR, the things marketing and sales teams do every day can cost you:

    • Hit the magic button inside Salesforce to enrich a lead with an email and phone from a 3rd party provider.
    • Email a spreadsheet of contacts to your trusted agency partner
    • Watch data flow seamlessly from your marketing automation solution another app, exactly like it was designed to do.
    if you've for personally identifiable information (PII) from anyone in the European Union in any of those, and you don't have a DPA (Data Processor Agreement) in place with those companies, your not GDPR compliant, and it could cost your company up to 4% of a company's annual global revenue.

    This is something that Openprise can definitely help with.  We can help you control the flow of ED Data out of your company through find-grained data filters and permission roles.  Identify leads and contacts that fall under GDPR, even without a valid country field value.

    Please do let me know if this is something you would like to chat about further.  :-)

    GDPR Compliance - Accomplish It with Ease via Openprise

    Amanda_Thomas6
    Amanda_Thomas6
    New Participant
    October 27, 2017

    Hi All,

    Just posted some slides and notes I took from a GDPR workshop I attended earlier this week. Link below.

    GDPR Workshop From TrustArc

    Amanda_Thomas6
    Amanda_Thomas6
    New Participant
    September 19, 2017

    Some documentation I've found on this...

    ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf

    GDPR: Ready or Not, Here it Comes

    S
    Simone-Vincent
    New Participant
    September 15, 2017

    We need to collect/monitor/audit etc permissions for other non-digital channels that aren't pushed via Marketo. What systems are you integrating with to support this additional level of permissioning?

    A
    Anonymous
    February 22, 2018

    Hi Simone,

    There are website compliance software solutions that can present the website visitor with the choice to allow or block cookies by type. For example, they scan your website on a regular basis and present the visitor with an update list of cookies. They inform the visitor what the cookie does and allows them to both give and withdraw consent. As long as they give consent to your Marketo tracking cookie - you can use that.

    I am implementing this one: GDPR website compliance software solution - IT Trust

    Best of luck!

    Mihaela B

    Janet_Dulsky
    Janet_Dulsky
    Employee
    February 22, 2018

    @Sanford Whiteman​, I appreciate your reminder to our members about our Community Guidelines. I did reach out to Mihaela Bisnel​ directly.

    Thanks.

    Janet

    Jack_Yusko1
    Jack_Yusko1
    New Participant
    September 15, 2017

    Hi everyone, hope you’re all doing well. I’m with the Privacy team here at Marketo and we are hard at work implementing a comprehensive GDPR compliance program, leveraging resources from across the organization to ensure that Marketo is GDPR compliant and that all Marketo customers have the tools they need to bring their Marketo instances into compliance with all relevant GDPR provisions. While I wish that I could connect with each of you individually, with 5,000+ customers I would quickly run out of time to actually implement our compliance initiatives!

    Our GDPR website is currently in the publishing process and we expect it to go live within the next week or two. We are also putting together guidance on consent (including a number of common scenarios involving obtaining, documenting, and maintaining consent) and the accountability principle (including information on audit trail, activity log, and role-based permissions). If you’d like more information on the compliance initiatives we’re implementing in our organization, ask your CSM for our GDPR summary document.

    Our Sr. Direct of Product Marketing in EMEA wrote the following blog post that I hope you’ll find interesting:

    blog.marketo.com/2017/06/gdpr-opportunity-play-win-engagement-economy.html

    Here’s a how-to guide on implementing a preference center:

    https://nation.marketo.com/blogs/marketowhisperer/2015/11/23/build-an-email-preference-or-email-subscription-center-in-marketo-in-10-steps

    While the GDPR may seem daunting, it is a great opportunity to put ourselves in the data subject’s shoes and position ourselves as leaders in the engagement economy.

    Thank you,

    Jack Yusko

      A
      Anonymous
      January 3, 2018

      Is there any updates on the Marketo GDPR website you are publishing?

      Also i can see Marketo is talking about DNT functionality being already in place however that would disable the tracking not enable the tracking when people are agreeing to be tracked which is GDPR requirement. My understanding of it is to have a tracking switch on by default and only when people are opting in we can enable the tracking.

      Moreover, as it was discussed on other discussion chain opt out parameter on the landing page only works for v152 however our version is 151.



      Also disabling function of the Munchkin tracking code on the website is one thing what its your view on the Marketo landing pages, and how we could possible place pop up window on them?  is there any functionality which can erase tracking from the activity log?

      I would much appreciate your thoughts.

      Gabby

      SanfordWhiteman
      SanfordWhiteman
      New Participant
      January 4, 2018

      See my answers on your other thread GDPR - how to disable munchkin code from Marketo Landing pages

      Also disabling function of the Munchkin tracking code on the website is one thing what its your view on the Marketo landing pages, and how we could possible place pop up window on them?

      Same way you would place a modal on any page -- Marketo templates can load the same JS you're using on your corporate site.

      is there any functionality which can erase tracking from the activity log?

      No, you cannot erase actions from the Activity Log.

      Of course, if you only have one action logged; it was a still-anonymous session (so you would not even see it at the Marketo person level); and you never add any additional other actions, that may not reach the level of "tracking."

      After all, it's not as if Marketo's webserver (or your corporate webserver) will not write a line to its HTTP logfile for that same single hit. Stitching multiple hits together via cookie- or URL-based session information is what commonly constitutes tracking an end-user. Your legal team will make the final call, but they often (or nearly always) have no comprehension of the difference between standard logging and tracking.

        Iryna_Zhuravel4
        Iryna_Zhuravel4
        New Participant
        June 16, 2017

        I spoke with Marketo folks about it at the Summit, they are preparing for GDPR and should share some info in the near future.

        We are hiring a third-party company to do an audit of our process to make sure we are compliant, fines go up to 20 million euros, so we are trying to be extra careful.

          Brittany_Stover
          Brittany_Stover
          New Participant
          September 13, 2017

          Yes the fines are astronomical! Definitely not something you to play around and merely get slapped on the wrist for. We also are having a third party from Europe help us outline our process to confirm we are compliant. I want to tag @Janet Dulsky on this post to see if she can shed any light on this. May is still a ways off but it will be here before we know it.

          Janet_Dulsky
          Janet_Dulsky
          Employee
          September 14, 2017

          @Brittany Stover​, yes, Marketo is absolutely preparing for GDPR and, in fact, my colleague @Jack Yusko​ is leading the charge and can give you more color.

          Thank you, Janet

            Brittany_Stover
            Brittany_Stover
            New Participant
            June 12, 2017

            Katie Pope​​  

            I know that our company also is in the weeds trying to prepare for this. I also know that @Grégoire Michel has included this in an ideas forum. Any update or active project from the Marketo side of things?

              Terms & ConditionsAccessibility statement

              Loading footer...