GDPR is a term that’s been quite popular in the last few months. The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. GDPR affects almost all businesses around the world irrespective of where they’re located. This blog covers how you as Freshservice customers can stay within GDPR compliance by highlighting some of the key features.
What does GDPR mean for IT teams?
IT teams collect and store personal data about their customers (‘data subjects’). In this case, the IT teams act as the data controller as they determine how the data should be used and their suppliers act as data processors as they process the data on behalf of the data controller.
As IT teams are liable along with their suppliers, it is imperative that the tools they use are enabling them to stay compliant with GDPR. For example, if the IT teams are storing personal data of the data subjects (customers/end users) in any software, they must ensure that the software provides them an option to delete the users personal data completely.
How is Freshservice handling it?
At Freshworks, we’ve been working on ensuring all our products enable our customers to stay GDPR compliant. Freshservice is enabling our customers to support the right to be forgotten and the right to opt out of analytics.
Right to be forgotten (For Requesters)
GDPR mandates that any user can exercise their right to be forgotten and once exercised, any personal data Details such as name, email, phone numbers should be erased by the data controller. Freshservice admins will be able to completely erase all PII pertaining to that user by clicking on “Forget User” under the Requesters profile.
If the user is associated to any core helpdesk entity like an approval, ticket or a change, the user will be represented with the tag “Forgotten User” and the entity will be retained.
Right to be forgotten (For Agents)
Just like the requester, an agent can also exercise their right to be forgotten. An admin can carry out this activity under the Agent’s profile and all PII of the agent will be deleted. However, all the related activities such as tickets assigned, changes assigned etc will be retained. We retain this information because it is important for the IT Service desk operations.
Right to opt out of analytics
Freshservice customers can also choose to opt out of business analytics.
Freshservice admins can opt an individual user (agent/requester) out of analytics. They can do that by visiting the profile page and clicking on opt out of analytics. Once done, the data for that particular user won’t be shared.
A Freshservice customer can also choose to opt out of analytics for the entire account. In this case, you can reach out to our support team (firstname.lastname@example.org) and they should be able to help you out.
We’re committed to ensuring that we enable our customers to stay within GDPR compliance. You can read more about Freshworks commitment to GDPR here and please refer this solution article for more details. As always, you can reach out to our ever helpful support team if you want any clarity!