How we are preparing for GDPR

  • 12 February 2018
  • 37 replies
  • 795 views

Userlevel 6
Badge +1
The EU General Data Protection Regulation (GDPR) will set a new standard for how companies use and protect EU citizens’ data. It will take effect from May 2018.

At inSided, we are working hard to prepare for GDPR, to ensure that we fulfil its obligations and maintain our transparency about data protection, i.e. information privacy citizen rights.

Our first step towards GDPR compliance was to create a new role for Rens van Dongen as Privacy Officer, in addition to his responsibilities as Information Security Officer.

I am working closely with Rens to figure out how to convert GDPR legal provisions into tangible actions. We’ve been asking lots of questions, and our customers have been asking us questions.

These tangible actions will first be focussed mainly on the right to erasure, also referred to as the right to be forgotten.

The Regulation describes erasure as the process by which information is rendered inaccessible and unusable for all relevant parties. Personal data can be erased in a number of ways, including by masking the relevant personal information, so long as the erasure is irreversible, even by the institution carrying out the erasure process. That is also known as anonymization of personal data records.

Erasing posts from a specific user from a community, so removing his profile and posts, would drastically affect the integrity and consistency of community conversations and render them unusable to transfer knowledge and help other customers. To avoid this, we will be using true anonymization to make sure we don’t have to remove public community content, while ensuring that personal data in fact will be removed where needed.

Here’s an overview of the two initiatives we we are planning to provide in our platform by May 25, 2018, the moment the regulation will be enforced by the supervising authorities.

First, we will provide the ability to ‘erase’ a user from your community. This feature will become available for moderators and community managers in Control, and will be available as a REST API. The feature will fully anonymize the user profile, by replacing the username with a random text and delete all other profile data, such as email address, avatar and custom fields that have been set by yourself. While any posts from this user will still be available, it won’t possible able to link them back to the identity of the user. We will make sure that we will anonymize this user in all the data stores of our platform that can contain personal data.

Second, we have a process in place, that will assure the removal of all community and personal data from inSided customers, within 30 days after their contract has ended and we stopped providing our services.

If you have any questions or remarks on how GDPR will impact our platform, please don’t hesitate to comment below or reach out to me. For other questions related to our Data Protection program, you can always get in touch with Rens, our Privacy Officer, by mailing privacy@insided.com.

37 replies

Userlevel 7
Badge +4
@christophrooms Before I add ideas to Ideation: are these the only two initiatives or the first two?

I think it's important to enable and simplify opting in and out from forum communication. For community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail.
Userlevel 4
Badge
I think it's important to enable and simplify opting in and out from forum communication. For community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail.
Hi Jurgen, while there is no doubt for me such improvements would add value to the user experience, by making it easier for, or even enable, users to unsubscribe, I'm not so sure how this would relate to compliance with the GDPR.

While the GDPR has very strict and specific guidelines regarding direct marketing communications, these notification emails serve a functional purpose which is tied directly to specific past user behavior, and are therefore sent for activation and reminder purposes in the user's interest, rather than promoting a service for which the user has not yet subscribed.

What is your view on this?
Userlevel 7
Badge +4
@Rens So if I understand correctly, you're saying notification e-mails aren't related to compliance with the GDPR because these emails don't promote a service. That could be, I'm just not sure ...

Unfortunately, direct marketing is not defined in GDPR. According to one definition, direct marketing “covers any messages that contain marketing elements”. Following this definition and supposing that a combination of styling, branding, and a slogan or tagline should be considered marketing elements, it would mean communities would have to eliminate these elements from their notifications unless Insided would enable users to (easily) opt out from e-mail notifications across the board.
Userlevel 4
Badge
and supposing that a combination of styling, branding, and a slogan or tagline should be considered marketing elements
These can be marketing elements, but that doesn't make their use exclusively tied to marketing. The dictionaries talk of marketing as "the action or business of promoting and selling products or services", which makes more sense to me. And that's not the purpose or function for our notification emails.

Again, I'm not at all saying that improving our notification emails in this regard isn't a good idea, quite the contrary, I am in favor as I believe we have a clear shot at quick UX improvements to serve the customer. I just don't think that in this case, the GDPR has an opinion about this matter.
Userlevel 7
Badge +4
After some more reading, I tend to agree :)

I'm going to let our consultants investigate this and get in touch if necessary.
Userlevel 4
Badge
Please do, as I believe the GDPR is a brand new legal challenge for companies and privacy professionals; I also have a lot to learn. So sharing our insights will help!
Userlevel 5
Badge +3
How about private 1-to-1 messages? At least in our community these are the discussions that may actually include pretty private information from the customer especially if the discussion was between a customer and our moderator. I didn't see mention of these above, but I suggest that the private discussion of deleted users be erased.
Userlevel 6
Badge +1
@Riina Yes, also private messages will be deleted.
Userlevel 6
Badge +3
Hello,

After reading the conversation between @Rens and @Jurgen, I still have some doubts regarding this issue. In fact, I will have a meeting with our Legal Department to clarify if an "informative" newsletter isn´t considered as marketing. I can share with you the results of our meeting if you would like.

Meanwhile, @Jurgen, did your consultants reach any conclusions? I strongly agree with you on this "community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail."
Userlevel 7
Badge +4
Meanwhile, @Jurgen, did your consultants reach any conclusions? I strongly agree with you on this "community managers it would be nice to be able to easily see which users have opted in and out from being approached via mail."

The discussion is ongoing on a higher level ... I'm interested what your legal department has to say as well 🙂
Userlevel 6
Badge +4
We're also starting to get questions from higher up.
Specifically around processes on how we are going to deal with users that have requested to be forgotten, what that means, and how it will look in our databases, the users profile, and toward 3rd parties on the community.
Userlevel 6
Badge +3
@Jurgen and @Ditte , when you have anything more concrete, would you be able to share with us?

I will do the same after having the meeting with our Legal department 🙂
Userlevel 6
Badge +3
Hello :)

I had the meeting with our Legal Department. Let me share with you the main conclusions so far:
  • our terms and conditions must be update considering the GDPR;
  • if the newsletter could be seen from the platform itself, none of this would be necessary;
  • once we are using the email to send a communication, we need to ask permission or tell the purpose during the sign in;
  • an opt-in/opt-out box would be ideal for the user to check or uncheck that box
@Jurgen and @Ditte , do you have any updates on your side?
@Rens, are you considering having an additional field to do the opt-in/opt-out ?
Userlevel 4
Badge
Thanks for following up with us Tomas, and sharing your insights!

I think there must be made a clear distinction between two activities:
  1. the community platform automatically sends notification emails to alert community users about activity which relates to them. Improving the opt-out functionality in this regard is discussed above and is requested for in this topic. In my opinion, that functionality could indeed be improved from an UX perspective, however, it's GDPR compliant already as it does not relate to marketing.
  2. the community database might be exported (manually as CSV, or through the API) and used by community managers as a source of customers' contact details to send marketing newsletters, using another system, such as Mailchimp. This activity still is outside of the community platform's technical scope of supported functionality. Indeed, the user needs to provide his or her consent for wanting to receive such newsletters, in order to be compliant with the GDPR. However, asking for this consent already is possible in the community platform by setting custom registration/profile fields as radio buttons. But again, to further improve UX, a request has been made to allow for checkboxes and a more flexible registration form UI. I can absolutely see and support the functional added value in this request. But from a legal -GDPR- point of view, it's not absolutely necessary in the context of our community platform service, as Christoph explained in the ideation topic.
I hope this will help to streamline our discussions regarding email communications and GDPR, so we can properly distinguish between legal needs (this topic) and functional needs (ideation topics).

If you haven't already done so, I'd also recommend for you to vote for these two ideation topics (here and here) so we can help the product team prioritize and deliver the most value. After all, we all want to see the community grow more and more towards the center of your customer communications, so for me there's no doubt that maturing these functional possibilities, aligned with privacy law, makes a lot of sense. ☺
Userlevel 6
Badge +3
Thanks for following up with us Tomas, and sharing your insights!

I think there must be made a clear distinction between two activities:
  1. the community platform automatically sends notification emails to alert community users about activity which relates to them. Improving the opt-out functionality in this regard is discussed above and is requested for in this topic. In my opinion, that functionality could indeed be improved from an UX perspective, however, it's GDPR compliant already as it does not relate to marketing.


In this point I totally agree with you 🙂 Indeed, users can choose not to receive further notifications from the paltform.

Regarding the second point, what you are saying is that we can ask the user´s permission to receive the newsletter using this profile fields?



Already voted on those topics 😀
Userlevel 4
Badge

Regarding the second point, what you are saying is that we can ask the user´s permission to receive the newsletter using this profile fields?



That's right, by adding a new profile field that's "shown on registration", you can make them choose between two radio boxes and thus actively provide consent. @Leatham actually demonstrated how that'd look in his screenshot in his ideation topic. It could be improved upon, but it works.
Userlevel 6
Badge +3
Thanks @Rens :)

Just one final question (at least for now):
  • users can change this anytime?
Userlevel 4
Badge
Just one final question (at least for now):
  • users can change this anytime?


Yes, such field values can be changed at any time by the users through their "my profile settings".
Userlevel 6
Badge +4
@Rens @christophrooms Do you have more information on the process from A to Z on removing a user from the platform?

Any information on how SSO and SAML enabled communities will be able to handle this without too much hassle?
For instance someone contacts us through phone or email, but also have a community profile that the agent will need to erase.

Cheers,
Ditte
Userlevel 7
Badge +4
Related question: are any stored IP addresses related to anonimized accounts also removed from Control?
Userlevel 7
Badge +4
And also private messages sent by the user to a moderator that may contain personal information.

Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.
Userlevel 6
Badge +1
And also private messages sent by the user to a moderator that may contain personal information.

Unfortunately, Insided may "replace the username with a random text and delete all other profile data". But if there's any way to retrieve any personal information linked to these 'random text' accounts this counts as pseudonimization not anonymization.



Private messages will be deleted. So the moderator will also not be able to see these messages anymore. So the moderator should not be able based on the private messages be able to identify the user.
Userlevel 6
Badge +1
Related question: are any stored IP addresses related to anonimized accounts also removed from Control?


IP addresses are also removed from our system, if possible immediately. There are a few use cases where we remove the IP addresses not immediately but within a specific period. For example, we store IP addresses in our log files for defect and threat detection. We need to be able to trace back what happened in the community in case of misbehaviour. We will keep these log files for 180 days.
Userlevel 6
Badge +1
@Rens @christophrooms Do you have more information on the process from A to Z on removing a user from the platform?

Any information on how SSO and SAML enabled communities will be able to handle this without too much hassle?
For instance someone contacts us through phone or email, but also have a community profile that the agent will need to erase.

Cheers,
Ditte


We will provide both an API and an option in Control to remove a user.

When you are using SSO, it probably makes most sense to use our API to remove a user.
Userlevel 6
Badge +4
Hi guys,

Sonos is going live with a new privacy statement to our end-users by April 24th, so we're expecting a few customers wanting to exercise their right to be forgotten already then.

Any news on the API and process? Will you be sending an email with documentation and instructions that we can share internally with the people that need to include these processes? Who can our privacy officers reach out to for technical support for the integration of the api?

Thanks in advance :)

Ditte

Reply