Long time since I last compiled a list of ideas. At this point in time, as GDPR is now less than 3 months away and since everybody recognises that this is not just a EU issue, here is a list of existing ideas that we would really need to see implemented in order to make Marketo a tool that really helps marketers to be and remain compliantStarting with information capture:Admins should be able to force users to add an opt-in field to a form. Vote for Also, reordering the fields freely even when we use progressive profiling should not require Javascript. Vote for (Thx Margaux Lepine )Capturing opt-in information should also be feasible in the event app. Vote (Thx @Gunjan Batra )Capturing cookie value should not require JS: Vote We also need to make email click detection more reliable than it is, due to link scanners, since we rely on these events to validate double-opt-in. See We also need to securely be able to process the double-optin, and therefore see removed the flaw inherent to the usage of triggers + filters in "person is created" smart campaign. See Continuing with information storage compliance:It should be possible to anonymize data entries so that we can remain compliant when someone does not agree to be in our database and still get accurate reporting. Vote Furthermore, since Marketo email system controls strictly the opt-out, synchronizing our optin field and the unsubscribe one should be a no-brainer. Vote When we update some's email address and this perso is unsubscribed, Marketo should not automatically re-subscribe the person. This is a serious compliance breach. See (Thx @Courtney Grimes )We also need more flexibility and control on how we can arrange forms:It should be possible to move fields below the progressive profiling, especially the opt-in field: (Thx @Edward Masson ), and And it should be possible to add a text area after the submit button with some legal wording: Last but not least, GDPR drives to generalize preference center.The hard point is enforcing user preferences when running campaigns. This is very error prone and the source of potential huge liabilities. Vote Any key point I have missed ? please feel free to comment, I'll add them.-Greg

Level 10

Question

Marketo GDPR Compliance-a summary of key ideas

Forum|Forum|7 years ago
March 10, 2018
11 replies
25017 views

Long time since I last compiled a list of ideas. At this point in time, as GDPR is now less than 3 months away and since everybody recognises that this is not just a EU issue, here is a list of existing ideas that we would really need to see implemented in order to make Marketo a tool that really helps marketers to be and remain compliant

Starting with information capture:

Admins should be able to force users to add an opt-in field to a form. Vote for
Also, reordering the fields freely even when we use progressive profiling should not require Javascript. Vote for (Thx Margaux Lepine )
Capturing opt-in information should also be feasible in the event app. Vote (Thx @Gunjan Batra )
Capturing cookie value should not require JS: Vote
We also need to make email click detection more reliable than it is, due to link scanners, since we rely on these events to validate double-opt-in. See

We also need to securely be able to process the double-optin, and therefore see removed the flaw inherent to the usage of triggers + filters in "person is created" smart campaign. See

Continuing with information storage compliance:

It should be possible to anonymize data entries so that we can remain compliant when someone does not agree to be in our database and still get accurate reporting. Vote
Furthermore, since Marketo email system controls strictly the opt-out, synchronizing our optin field and the unsubscribe one should be a no-brainer. Vote
When we update some's email address and this perso is unsubscribed, Marketo should not automatically re-subscribe the person. This is a serious compliance breach. See (Thx @Courtney Grimes )

We also need more flexibility and control on how we can arrange forms:

It should be possible to move fields below the progressive profiling, especially the opt-in field: (Thx @Edward Masson ), and
And it should be possible to add a text area after the submit button with some legal wording:

Last but not least, GDPR drives to generalize preference center.

The hard point is enforcing user preferences when running campaigns. This is very error prone and the source of potential huge liabilities. Vote

Any key point I have missed ? please feel free to comment, I'll add them.

-Greg

Marketo

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

M

matjazz

Level 6

Don't know if someone said it before, but a huge thanks to Grégoire and also @Dan Stevens for your insights, opinions and debates on GDPR here. Very helpful!

A

Anonymous

Hi Gregoire,

These are great!

Related to key GDPR points, it would also be nice for Marketo to provide some simple standard solutions to be able to:

- Start/stop tracking people through Munchkin when they opt-in/out of cookie tracking

- Start/stop scoring people when they opt-in/out of profiling

- Have a general best practice GDPR friendly form that can be imported from the Marketo Library or in Marketo documents as a guide, with those fields that are a must (e.g. Consent Request, Consent Notes, Consent Date, only email address and country and mandatory fields, etc.)

Thanks!

Grégoire_Miche2Author

Level 10

Hi Macarena,

The scoring one is under Marketer's responsibility. Just add a filter to your scoring program on the opt-in field.

On the GDPR program, my experiences is that there is a true diversity on how it has to be implemented, depending on the business organization and geographies.

-Greg

Dan_Stevens_

Level 10

Not only the various interpretations of the law, but also the level of risk that an organization is willing to accept. We‘re now seeing many organizations stating they will be “GDPR-ready” by May 25 (vs. GDPR-compliant), primarily due to the lack of what it means to be fully compliant at this time. Not to mention the ePrivacy Regulation (which won’t be revised by May 25) which includes many of the important guidelines/laws - beyond data protection - that us marketers must adopt.

Grégoire_Miche2Author

Level 10

added this one:

-Greg

Gerard_Donnell4

Level 9

Hi @Grégoire Michel,

This is a simple suggestion and one that may well exist already, but it bugs the hell out of me.

The ability to choose the position of the Check Box without having to write CSS rules.

I don't understand why there is not a dropdown to pick where you would like the check box positioned (Left of label).

Thanks,

Gerard

Dan_Stevens_

Level 10

Hi Gerard - you can do this today using the following attributes:

Gerard_Donnell4

Level 9

Hi @Dan Stevens,

Thanks so much for the tip.

When I tried this and made the field required the asterix is floating way up above it. You don't know the css used to target that asterix? I have tried a few different combinations and the style doesn't seem to take effect; and as its a form, I don't have the ability to add the style inline.

Thanks,

Gerard

Grace_Brebner3

Level 10

This is fantastic, @Grégoire Michel.

Secondary to the required fields in forms, I'd love to see a mechanism for handling subscription preferences for multiple brands in multiple workspaces under a single partition. It'd be great to have the security of the default unsubscribe field functionality without forcing people to opt out of everything.

Grégoire_Miche2Author

Level 10

Hi Grace,

This what is about. With this idea, you could define a "brand" tag for programs and automatically assign to each tag value a smart list that would exclude people specifically for this brand.

-Greg

Grégoire_Miche2Author

Level 10

Added this one:

-Greg

Amanda_Thomas6

Level 8

This is great! Thanks, @Grégoire Michel!@Grégoire Michel

Grégoire_Miche2Author

Level 10

Added:

Grégoire_Miche2Author

Level 10

Added this one: , that is needed to secure the opt-in / double opt-in process.

-Greg

Suzy_Lee

Level 2

Hi Gregoire,

We set up our Preference Center, and my question is when someone "unsubscribes", does it mean that person should no longer receive marketing email, and/or salesperson personal email?

My second question is in the backend, do you have a similar data folder breakdown like the CASL one (screenshot below), any best practice? In GDPR, do we need to capture why this person consent (event, opt-in email, form opt-in, etc)?

Grégoire_Miche2Author

Level 10

Hi Suzy,

Please open a new thread. You will get more visibility and more/quicker answers

-Greg

Show more replies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded