our legal council in the data protection office (DPO) considers our community (hilfe.o2online.de) as not compliant with regards to Private Conversations (Private messages). As I think you might have the same issues, I put forward the need/idea for the ability to manage private conversations in accordance with GDPR.
Please do chime in as I think this affects all of the (European) customers.
Florian
---
The reasoning of our legal council is as follows:
1. Article 5 of GDPR specifies the principles of data processing
1. Personal data shall be:
[…]
(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
b…]
(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; c…] (‘storage limitation’);
2. Private Conversations and GDPR:
When a customer is asking “My invoice has the wrong” in the community, this triggers a private service-conversation between the customer and a company moderator. This is necessary as only moderators have the backend access to solve customer inquiries that concern their customer accounts, tariffs, etc..In order to be able to resolve the query, our moderators then use the private conversations to:
- identify the customer, e.g. through exchange of Customer ID, address data, emails etc (the community & customer databases are not synched)
- exchange of sensitive files e.g. invoices, screenshots of user accounts etc.
With the above private service-conversation it is established that
- personal data is exchanged via the private conversations, therefore they need to comply to data protection regulations (e.g. GDPR)
- with the solution of the customer inquiry, the purpose of the conversation is fulfilled.
- with the purpose fulfilled (case close), the necessity to keep the data ceases to exist.
3. Request/idea
The request is to delete/anonymize/make unavailable the private conversations that contain personal data after a reasonable amount of time.4. Considerations regarding current private conversations
- cannot block the exchange of personal data via the private conversations
- cannot distinguish between service-conversations and non-service conversations
- no option to "close" a case, i.e. a private conversation
- private conversations are a non-ending thread, there is no option to delete/anonymize/hide only a “closed case”, i.e. only all of the private conversations can be deleted.
5. Potential consequences
- without a timely solution, we would need to stop service via our private conversations
- This is one of the key ROIs of the community and would therefore severely impact the community's value to the customers and the company.