Hi, curious to hear what sort of Data Retention Policy/Schedule you might have for community content written by B2B users that do no longer work for the company they worked for when they posted?
Thanks for sharing this question, Anita. Here how we look at this topic:
Acessibility of your community
If your community is available to all, also former customers, then no real change would be necessary. You could build a flow (e.g. article guide) for users to contact you via email to update user records (email address) to allow notfications to be received in the future. This could also be triggered by internal flows (e.g. adding the community email address to customer offboarding processes).
If your community is not visible / available for non-customers, then you should continue with the step below.
Login / User management
If your users are logging in only via SSO, customer records could be updated automatically (updating email and potentially profile information), same for permissions (denying access by changing role after not being a customer / employee at a customer any more). This is then managed by your CRM / identity provider and will work automatically. E.g. if an ex-customer cannot log in anymore via SSO, access will be denied automatically.
If that is not the case, then you need to make sure that you have processes in place to manually monitor offobarding, as described above.
Erasing users is not advised, unless the user requests so in the context of GDPR, simply as it would make content increasingly unreadable.
Content
Now in general the focus should be to remove as little content (topics, replies) as possible - for reasons mentioned above. You just need to make sure that no personal data is being stored after a customer has been offboarded as a customer.
Of course, should your users discuss any private / confidential information which is company-specific, I would recommend to sccramble such information by manual edits. Each community has to review how strict they want to enforce this policy, as the nature and quality of conversations differs a lot between individual communities.
Hope this helps!
Hi, I believe the recent EU GDPR rules require us to not keep customer specific data forever, even when users do not actively contact us for this. Can you please share Gainsight’s policy of handling GDPR?
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679
Reply
Sign up
If you ever had a profile with us, there's no need to create another one.
Don't worry if your email address has since changed, or you can't remember your login, just let us know at community@gainsight.com and we'll help you get started from where you left.
Else, please continue with the registration below.
Welcome to the Gainsight Community
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.