Creating and Managing Privacy Permissions
Each time you touch a person, you need to add a Data Privacy permission to record how, where, and for what reason you are storing their personal data.
Over time, the organization may touch the same person multiple times. Each time, a Privacy Permission should be added which will give the rights for storing and processing the data held. These rights are cumulative, e.g. if you have seen this person at three different conferences, there will be three Privacy Permission records of which two might be active and one expired. This still allows the data to be held and processed.
When a contact or lead is first created, there are no Privacy Permission records. But there should be at least one, to allow you to process their data.
Adding in Classic
Go to Privacy Permissions tab. Hit NEW.
You only need to add four pieces of data
- Privacy Source; use selector to choose the Privacy Source
- Description (text)
- Lead or Contact name
Everything else is calculated or added for you
Opt-ins are created automatically
When a Privacy Permission is added to a lead or contact, a number of Privacy Optins are added to the Privacy Permission. An Optin will be created for each linked Communication Rule for the Privacy Source. These are shown in the Allowed Communications Panel. If the Privacy Source is Custom Type, the user will select which Communication Rule to add.
A lead or contact may request to be unsubscribed from a Communication Rule. Go to the Allowed Communications panel, then from the dropdown menu for the Communication Rule, select "Unsubscribe".
This has the effect of setting every Privacy Optin that the user has for this Communication Rule to unsubscribed; in the image above "Product Updates - Email". The other Communication Rules are not unsubscribed; in the image above "Product Updates - SMS".
When a Privacy Permission reaches its expiry date, any Allowed Communications that were created because of this Privacy Permission will expire. The Allowed Communication will not expire if another Privacy Permission is in place to keep that Allowed Communication valid.
If all of the Permissions have expired or been withdrawn then the Privacy Alert will show in red.
Extending and Withdrawing a Privacy Permission
A Permission can be extended or withdrawn.
Extending a Permission
The retention or communications expiry can be changed. An example is when someone is personally engaged with you even through their permission is about to expire.
Withdrawing a Permissions
A permission cannot be deleted, but it can be withdrawn if it was created in error or incorrectly. If a person no longer wants to be marketed to, they should unsubscribe.
This will result in the Permission being withdrawn and all Optins expiring.