Right to data is a fundamental for every individual. With organizations across the world collecting customer data to enable them to provide services. It becomes important that companies manage data in a transparent manner with the customer’s consent.
GDPR is one of the most important change to data privacy regulations in the last two decades. It stands for “General Data Protection Regulation”. It establishes a new framework for handling and protecting the personal data of EU-based residents which comes into effect on May 25, 2018. It provides the citizens of the EU greater control over their personal data and assures that their information is being securely protected across Europe.
Although GDPR is a data protection framework for the citizens residing in the EU. It also applies to all companies that handle personal data of individuals from the EU, which means almost every major corporation in the world will need to be ready when GDPR comes into effect.
If you or your organization stores and processes personal data in connection to services or goods offered in EU, then the laws will apply to you. Also, in the the event of infringement of these laws, you can face fines and penalties from 10 million to 20 million or 2% to 4% of the annual revenue of the organization depending upon whichever is higher.
We are fully committed towards being GDPR compliant by the 25th of May, by when the regulation comes into effect. Over the past few months, multiple internal teams have been working towards making sure that we are aligned to the GDPR framework. Also, we’ve built product features for great privacy and data control for our product. Learn about our organization wide efforts for GDPR.
At Freshdesk, as an organization we have always implemented and practiced processes which ensure that customer data is stored and processed in ways only necessary to serve our customers in the best possible way. Our privacy, security & data storage policies are also streamlined with the GDPR goals and objectives. Visit our security page, to know more about the privacy and security policies.
Freshdesk is committed towards upholding the underlying principles of GDPR and below are some of the initiatives undertaken.
Programs, projects, and processes at Freshdesk are aligned to Privacy Principles right from the inception of an idea or project, thereby supporting Privacy by Design and Default principles.
The GDPR program thoroughly evaluates how Freshdesk, both as a data controller and processor, is placed with its existing procedures for readiness to:
Freshdesk lets you delete customer/agent data permanently. You can delete the customer/agent’s profile and all the data associated- like tickets raised by them, team huddle discussions, phone conversations, chats, satisfaction ratings provided, topics created and discussions in forums.
A delete or an export request from a customer would have to be routed via the admin who validates if the requestor is genuine.
|End-User Profile Deletion|| |
Freshdesk currently supports the deletion of End-User profile information with an option of a soft delete as well as a permanent delete which would erase all associated data like tickets, forums, calls and so on.Know more about how to delete end-user profile
|Agent Profile Deletion|| |
We currently support the deletion of Agent profile information again with a soft delete and a permanent delete option where all their contributions like knowledge base articles, tickets & team huddle discussions are anonymized and all PII (Personally Identifiable Information) is deleted forever.Know more about how to delete agent profile
|Ticket Deletion|| |
Users of Freshdesk can delete tickets and all team huddle discussion associated with the ticket are deleted along with it. Follow the steps in the below link to delete tickets:
|Attachment and Image Deletion|| |
Customers can delete attachments and images by deleting the support tickets to which those attachments and images are attached.
Freshdesk supports export request from data subjects. A subject can export user contact details, tickets of the user, forums the user has contributed to with the respective APIs.
An export request from a data subject would have to be routed via the admin who validates if the requestor is genuine. Customers can leverage the following APIs to assist with their GDPR compliance efforts on data portability:
|User Profile|| |
User profile can be accessed using View a Contact API
|Tickets of the User|| |
List Ticket by Requestor using List Tickets API
|Forum contributions of the User|| |
User contribution to forums can be accessed using this API.
|Satisfaction ratings of the User|| |
The users' provided satisfaction rating can be accessed by this API.
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. End-users and agents in Freshdesk can rectify any errors in their personal data by editing their profiles.
In addition, Freshdesk customers can leverage the following APIs to assist with their GDPR compliance efforts:
Note: We will be updating the above section continuously with our latest road map and progress.
We at Freshdesk are committed towards providing a product which enables our customers to provide customer service responsibly by implementing and adhering to prescribed compliance policies, both as a data controller and processor. The upcoming GDPR enforcement is critical to our mission of providing EU and all our global customers with safe and dependable customer support software.
Disclaimer: This is for informational purposes only and should not be relied upon as legal advice or to determine how GDPR might apply to you and/or your organisation. We encourage you to obtain independent professional advice, before taking or refraining from any action on the basis of the information provided here.