Managing GDPR and user data

This section provides all the information you need to manage Send-based personal data. It will be particularly useful to those companies that work with the Send module, but have not adopted the complete Contactlab Marketing Cloud platform.

Recent updates ensure a Data Controller has access to all the functionality that is required to comply with the principles of the GDPR, especially with regard to exercising the Rights of the Interested Party.

For a complete overview of the regulation, please see here.

Figure 1: The User data management page, with the User removal tab selected

You need a profile with specific permissions to be able to access the User data management page. See here for more about the role of the Data Protection Officer. To assign the required permissions, the DPO of the relevant company, or the contractually appointed contact person, must identify the appropriate DPO users, directly to Contactlab Customer Care.

The User data management page can be accessed through Analyse > User management. It consists of three tabs:

  • User search
    Enables you to search for individual contacts.
    If required, you can remove a contact from one or more deliveries, to ensure they do not receive any planned communications that don’t match data or consent changes, which have recently been made.
  • User removal
    Enables you to remove the data belonging to individual contacts, in accordance with the right to be forgotten, and view the history of removed contacts.
  • Request user data
    Enables you to access and manage the relevant data for an individual contact, in accordance with the rights to access and portability, and to view the request history.

Managing the rights of an interested party

Collecting and managing consents

In the sense that Send represents a full or partial copy of data collected and managed elsewhere, no changes are required with regard to the current processes or modes.

It is assumed that consent collection and management, together with the maintenance of the execution log for interested party requests, are undertaken by the Data Controller externally to Send, then reported to it through the normal update flows from the user database.

As a result, the Owner has full autonomy when adding any new fields to the user database, which are related to privacy consent and the management of communications in accordance with the preferences expressed by users (contacts). It is also their responsibility to define delivery filters, to ensure that a communication’s purpose is in line  with the given consents.

Exercising the rights of Opposition, Limitation and Correction

In a similar way to consent management, the data related to exercising the rights of Opposition, Limitation and Correction can and must be mapped in full autonomy by the Owner, using new and specifically created fields in the user database.
It also remains the responsibility of the Owner to define the correct conditions for creating filters or the basic filter, depending on the type of communications expected for each target, ensuring as a result, the consistency of communications and adherence to the operational status of each interested party’s requests, such as their yes or no responses to consent, limitation or opposition choices.

To ensure the Data Subject does not receive previously scheduled deliveries that are no longer consistent with any oppositions, limitations or corrections to data, the Data Controller may in addition retrieve a list, which contains the details of planned deliveries for a specific contact and, if required, decide to remove one or more of them. (This feature will be released shortly).

In addition to GDPR-related activities, the User search tab also enables you to search for one or more contacts and see the scheduled deliveries in which they have been included. This allows you to carry out any required checks and corrective action, before deliveries are sent.

Removing a contact
(Exercising the right to be forgotten)

To remove a contact, do the following:

  1. Click analyse in the main menu, followed by the user management and user data management panels, then select the User removal tab.
    See Figure 1.
  2. Enter the Email address or Phone number of the relevant contact that you want to remove.
  3. If you also want to remove the contact’s data from all associated companies, select Extend effect to sub-companies.
  4. When you are finished, click Remove user data.
    The customer data is deleted from the system.
    Data removal cannot be reversed.

As an alternative to the UI, a contact who has exercised their right to be forgotten can also be removed using the API. A data removal tool is also available on request, which can be used for bulk removal of large groups of contacts.

Requesting user data
(Exercising the rights of access and portability)

To request access to a contact’s data, do the following:

  1. Click analyse in the main menu, followed by the user management and user data management panels, then select the Request user data tab.

Figure 2: The Request user data tab

  1. Enter the Email address or Phone number of the relevant contact to search for their data.
  2. If you also want to request the contact’s data from all associated companies, select Extend effect to sub-companies.
  3. When you are finished, click Request user data.
    The relevant contact data is made available.

The output is a JSON file containing the requested contact data, which is made available in the My Contactlab > Download section, according to the usual Send reporting management mechanisms. The file remains available for two weeks, after which time, it is permanently deleted from the Download section. This enables you to automatically comply with any requests for deletion of the data contained in the file.

The file includes the following types of data:

  • The contact profile retrieved from the user database, including the email addresses that have been used to communicate with the contact.
  • Indication of the emails sent to the user over time
  • Email events related to the contact, such as opens, clicks, and similar.
  • Any appearance of the contact in a blacklist (suppression list).
  • Subscriptions to newsletters.
  • Any email content tracking or sharing related to the contact.

As an alternative to the use of UI, the removal of user data following a request for oblivion can be performed via API and, on request, a data removal function can be made available for large groups of contacts (massive oblivion).