As GDPR approaches, we want to support your GDPR rights while working with your marketing platform from our role as a Processor. (Article 28 GDPR) This includes ensuring that you have consent for the personal details you work with, that your right to edit the personal details of others are limited to the minimum, and that you and your organization have the right to terminate invalid users.
If you have any concerns about your data and GDPR compliance, please reach out to us via your preferred customer support channel.
Updated User Management with consent field, new user password and termination
Why would this interest me?
We now enable you to record the active consent to use the personal data of others, such as their email address, when creating new users on the platform.
How does it look now?
When creating new users via your admin UI, you will now be reminded to ensure that these people have given their active consent to use their personal data, which will be stored on this platform. This checkbox needs to be ticked in order for you to proceed. (Article 7 GDPR)
On the same create users page, several fields have been removed, such as title, skype ID, country of promotion, language and currency. From our platform analyses, these information were not used for any business critical processes. (Article 5 GDPR)
Additionally, the temporary password that you are setting for the new user will only be valid for the creation. Upon the first login, the new user will be prompted to create a new password.
Once the user has been created, users will not be able to edit the personal information of another user on their behalf, apart from reassigning the role and type of user.
All users now have the right to terminate their own access, and admin users can terminate users on their behalf. Upon clicking on “terminate”, the email address of this user will be deleted instantly. (Article 17 GDPR) The first and last name, ID and last type and role allocated to the user will be kept strictly for auditing purposes.
Redesigned user profile page with opt in and termination options
This was mentioned in the previous newsletter, which also falls within the concept of ensuring GDPR compliance within your organization.
Why would this interest me?
Enforced by GDPR, every user should have the right to choose what data they are providing and to know what their data is being used for. That’s why we have updated the platform user profile to give every user the autonomy to decide on the storage and usage of their own private data.
It is important to note that by continuing to use your accounts, you consent to the storage of your user data, such as your name and email address, as well as behavioural tracking used for product improvement purposes. This tracking is anonymous and cannot be used to identify individuals. The tracking is used to monitor the usage frequency of our features, so that we can understand our customers and their needs better. If you do not agree to the data storage and anonymous tracking, you can now terminate your user account to revoke your consent.
How does it look now?
When creating a platform user or updating your platform user information, the amount of personal data stored has been reduced. You can also choose to opt in or out of the newsletters directly from your user interface or terminate the user. (Article 7 GDPR)
Upon termination, the user’s name is kept to ensure full transparency on the historical actions as well as for internal accounting purposes. All other data concerning this user, such as the email address which is stored for communication purposes, will be deleted. (Article 17 GDPR)