The EU General Data Protection Regulation (GDPR) will set a new standard for how companies use and protect EU citizens’ data. It will take effect from May 2018.
At inSided, we are working hard to prepare for GDPR, to ensure that we fulfil its obligations and maintain our transparency about data protection, i.e. information privacy citizen rights.
Our first step towards GDPR compliance was to create a new role for Rens van Dongen as Privacy Officer, in addition to his responsibilities as Information Security Officer.
I am working closely with Rens to figure out how to convert GDPR legal provisions into tangible actions. We’ve been asking lots of questions, and our customers have been asking us questions.
These tangible actions will first be focussed mainly on the right to erasure, also referred to as the right to be forgotten.
The Regulation describes erasure as the process by which information is rendered inaccessible and unusable for all relevant parties. Personal data can be erased in a number of ways, including by masking the relevant personal information, so long as the erasure is irreversible, even by the institution carrying out the erasure process. That is also known as anonymization of personal data records.
Erasing posts from a specific user from a community, so removing his profile and posts, would drastically affect the integrity and consistency of community conversations and render them unusable to transfer knowledge and help other customers. To avoid this, we will be using true anonymization to make sure we don’t have to remove public community content, while ensuring that personal data in fact will be removed where needed.
Here’s an overview of the two initiatives we we are planning to provide in our platform by May 25, 2018, the moment the regulation will be enforced by the supervising authorities.
First, we will provide the ability to ‘erase’ a user from your community. This feature will become available for moderators and community managers in Control, and will be available as a REST API. The feature will fully anonymize the user profile, by replacing the username with a random text and delete all other profile data, such as email address, avatar and custom fields that have been set by yourself. While any posts from this user will still be available, it won’t possible able to link them back to the identity of the user. We will make sure that we will anonymize this user in all the data stores of our platform that can contain personal data.
Second, we have a process in place, that will assure the removal of all community and personal data from inSided customers, within 30 days after their contract has ended and we stopped providing our services.
If you have any questions or remarks on how GDPR will impact our platform, please don’t hesitate to comment below or reach out to me. For other questions related to our Data Protection program, you can always get in touch with Rens, our Privacy Officer, by mailing privacy@insided.com.
How we are preparing for GDPR
I think it's important to enable and simplify opting in and out from forum communication. For community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail.
Jurgen wrote:
I think it's important to enable and simplify opting in and out from forum communication. For community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail.
Hi Jurgen, while there is no doubt for me such improvements would add value to the user experience, by making it easier for, or even enable, users to unsubscribe, I'm not so sure how this would relate to compliance with the GDPR.
While the GDPR has very strict and specific guidelines regarding direct marketing communications, these notification emails serve a functional purpose which is tied directly to specific past user behavior, and are therefore sent for activation and reminder purposes in the user's interest, rather than promoting a service for which the user has not yet subscribed.
What is your view on this?
Unfortunately, direct marketing is not defined in GDPR. According to one definition, direct marketing “covers any messages that contain marketing elements”. Following this definition and supposing that a combination of styling, branding, and a slogan or tagline should be considered marketing elements, it would mean communities would have to eliminate these elements from their notifications unless Insided would enable users to (easily) opt out from e-mail notifications across the board.
Jurgen wrote:
and supposing that a combination of styling, branding, and a slogan or tagline should be considered marketing elements
These can be marketing elements, but that doesn't make their use exclusively tied to marketing. The dictionaries talk of marketing as "the action or business of promoting and selling products or services", which makes more sense to me. And that's not the purpose or function for our notification emails.
Again, I'm not at all saying that improving our notification emails in this regard isn't a good idea, quite the contrary, I am in favor as I believe we have a clear shot at quick UX improvements to serve the customer. I just don't think that in this case, the GDPR has an opinion about this matter.
After some more reading, I tend to agree :)
I'm going to let our consultants investigate this and get in touch if necessary.
I'm going to let our consultants investigate this and get in touch if necessary.
1 person likes this
Please do, as I believe the GDPR is a brand new legal challenge for companies and privacy professionals; I also have a lot to learn. So sharing our insights will help!
How about private 1-to-1 messages? At least in our community these are the discussions that may actually include pretty private information from the customer especially if the discussion was between a customer and our moderator. I didn't see mention of these above, but I suggest that the private discussion of deleted users be erased.
Hello,
After reading the conversation between@Rens and @Jurgen , I still have some doubts regarding this issue. In fact, I will have a meeting with our Legal Department to clarify if an "informative" newsletter isn´t considered as marketing. I can share with you the results of our meeting if you would like.
Meanwhile,@Jurgen , did your consultants reach any conclusions? I strongly agree with you on this "community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail."
After reading the conversation between
Meanwhile,
tomasmouton wrote:
Meanwhile, @Jurgen , did your consultants reach any conclusions? I strongly agree with you on this "community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail."
The discussion is ongoing on a higher level ... I'm interested what your legal department has to say as well 🙂
We're also starting to get questions from higher up.
Specifically around processes on how we are going to deal with users that have requested to be forgotten, what that means, and how it will look in our databases, the users profile, and toward 3rd parties on the community.
Specifically around processes on how we are going to deal with users that have requested to be forgotten, what that means, and how it will look in our databases, the users profile, and toward 3rd parties on the community.
Currently rocking the Sonos Communities
Regards, Tomás Mouton
1 person likes this
Hello :)
I had the meeting with our Legal Department. Let me share with you the main conclusions so far:
@Jurgen and @Ditte , do you have any updates on your side?
@Rens , are you considering having an additional field to do the opt-in/opt-out ?
I had the meeting with our Legal Department. Let me share with you the main conclusions so far:
- our terms and conditions must be update considering the GDPR;
- if the newsletter could be seen from the platform itself, none of this would be necessary;
- once we are using the email to send a communication, we need to ask permission or tell the purpose during the sign in;
- an opt-in/opt-out box would be ideal for the user to check or uncheck that box
Thanks for following up with us Tomas, and sharing your insights!
I think there must be made a clear distinction between two activities:
I hope this will help to streamline our discussions regarding email communications and GDPR, so we can properly distinguish between legal needs (this topic) and functional needs (ideation topics).
If you haven't already done so, I'd also recommend for you to vote for these two ideation topics (here and here) so we can help the product team prioritize and deliver the most value. After all, we all want to see the community grow more and more towards the center of your customer communications, so for me there's no doubt that maturing these functional possibilities, aligned with privacy law, makes a lot of sense.
I think there must be made a clear distinction between two activities:
- the community platform automatically sends notification emails to alert community users about activity which relates to them. Improving the opt-out functionality in this regard is discussed above and is requested for in this topic. In my opinion, that functionality could indeed be improved from an UX perspective, however, it's GDPR compliant already as it does not relate to marketing.
- the community database might be exported (manually as CSV, or through the API) and used by community managers as a source of customers' contact details to send marketing newsletters, using another system, such as Mailchimp. This activity still is outside of the community platform's technical scope of supported functionality. Indeed, the user needs to provide his or her consent for wanting to receive such newsletters, in order to be compliant with the GDPR. However, asking for this consent already is possible in the community platform by setting custom registration/profile fields as radio buttons. But again, to further improve UX, a request has been made to allow for checkboxes and a more flexible registration form UI. I can absolutely see and support the functional added value in this request. But from a legal -GDPR- point of view, it's not absolutely necessary in the context of our community platform service, as Christoph explained in the ideation topic.
I hope this will help to streamline our discussions regarding email communications and GDPR, so we can properly distinguish between legal needs (this topic) and functional needs (ideation topics).
If you haven't already done so, I'd also recommend for you to vote for these two ideation topics (here and here) so we can help the product team prioritize and deliver the most value. After all, we all want to see the community grow more and more towards the center of your customer communications, so for me there's no doubt that maturing these functional possibilities, aligned with privacy law, makes a lot of sense.
This could have been your ad.
1 person likes this
Rens wrote:
Thanks for following up with us Tomas, and sharing your insights!
I think there must be made a clear distinction between two activities:
I think there must be made a clear distinction between two activities:
- the community platform automatically sends notification emails to alert community users about activity which relates to them. Improving the opt-out functionality in this regard is discussed above and is requested for in this topic. In my opinion, that functionality could indeed be improved from an UX perspective, however, it's GDPR compliant already as it does not relate to marketing.
In this point I totally agree with you 🙂 Indeed, users can choose not to receive further notifications from the paltform.
Regarding the second point, what you are saying is that we can ask the user´s permission to receive the newsletter using this profile fields?
Already voted on those topics
tomasmouton wrote:
Regarding the second point, what you are saying is that we can ask the user´s permission to receive the newsletter using this profile fields?
That's right, by adding a new profile field that's "shown on registration", you can make them choose between two radio boxes and thus actively provide consent.
tomasmouton wrote:
Just one final question (at least for now):
- users can change this anytime?
Yes, such field values can be changed at any time by the users through their "my profile settings".
Any information on how SSO and SAML enabled communities will be able to handle this without too much hassle?
For instance someone contacts us through phone or email, but also have a community profile that the agent will need to erase.
Cheers,
Ditte
Related question: are any stored IP addresses related to anonimized accounts also removed from Control?
1 person likes this
And also private messages sent by the user to a moderator that may contain personal information.
Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.
Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.
Jurgen wrote:
And also private messages sent by the user to a moderator that may contain personal information.
Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.
Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.
Private messages will be deleted. So the moderator will also not be able to see these messages anymore. So the moderator should not be able based on the private messages be able to identify the user.
1 person likes this
Jurgen wrote:
Related question: are any stored IP addresses related to anonimized accounts also removed from Control?
IP addresses are also removed from our system, if possible immediately. There are a few use cases where we remove the IP addresses not immediately but within a specific period. For example, we store IP addresses in our log files for defect and threat detection. We need to be able to trace back what happened in the community in case of misbehaviour. We will keep these log files for 180 days.
Ditte wrote:
Any information on how SSO and SAML enabled communities will be able to handle this without too much hassle?
For instance someone contacts us through phone or email, but also have a community profile that the agent will need to erase.
Cheers,
Ditte
We will provide both an API and an option in Control to remove a user.
When you are using SSO, it probably makes most sense to use our API to remove a user.
Hi guys,
Sonos is going live with a new privacy statement to our end-users by April 24th, so we're expecting a few customers wanting to exercise their right to be forgotten already then.
Any news on the API and process? Will you be sending an email with documentation and instructions that we can share internally with the people that need to include these processes? Who can our privacy officers reach out to for technical support for the integration of the api?
Thanks in advance :)
Ditte
Sonos is going live with a new privacy statement to our end-users by April 24th, so we're expecting a few customers wanting to exercise their right to be forgotten already then.
Any news on the API and process? Will you be sending an email with documentation and instructions that we can share internally with the people that need to include these processes? Who can our privacy officers reach out to for technical support for the integration of the api?
Thanks in advance :)
Ditte
Reply
Sign up
If you ever had a profile with us, there's no need to create another one.
Don't worry if your email address has since changed, or you can't remember your login, just let us know at community@gainsight.com and we'll help you get started from where you left.
Else, please continue with the registration below.
Welcome to the Gainsight Community
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.