At Freshworks, we’re committed towards helping you achieve GDPR compliance. Keeping that in mind, we are building several GDPR specific features and enhancements.
Product Capabilities: To help you comply with GDPR requirements for recording consent, honoring requests to delete, modify, and data portability – the following features are offered:
Opt-in option in Web forms: Web forms will have an option to include “opt-in” checkboxes to record the consent.
Opt-in option in Emails: If you follow a double opt-in process or need to re-collect consent, you most probably will need an option to collect consent through email. Wherever available, we have made this easy by giving an option to include an “opt-in” link in your email.
Storing the consent details: GDPR also states that you should be able to show when, how, and for whom the consent was recorded. To assist in this, we are adding a new activity in the activity timeline. This means, whenever you subscribe (or unsubscribe) a contact, it is shown in the activity timeline. The activity on the timeline will have information regarding when the action was performed, and the source information if consent was recorded through web forms or email.
Easy data export: Under GDPR, an EU citizen can request a copy of their data anytime. To comply with such requests we are introducing an option to export complete data of a particular contact on the respective landing page. This will make your life easy by enabling you to export a contact's data with one click.
Forget Contact: Under GDPR, an EU citizen can request to be completely deleted from your system. To comply with such requests we are introducing an option to “Forget” contact. Selecting this will completely delete the particular contact data from your web application.
Restrict sending emails when unsubscribed: We will introduce a new setting for Admins that will prevent your web application users from sending emails to those contacts with the "Do Not Disturb" field checked.
Including Unsubscribe option in Emails: Under GDPR, a contact should be able to unsubscribe at any time. To enable this we are providing an option to include an unsubscribe link in individual emails too. We already have this option for emails sent via bulk emails and sales sequences.
Disabling auto profile enrichment: If you don’t have required consent or your contacts don’t want their social profile to be shown on your web application, we are providing an option to disable Auto-profile enrichment. This option is available under Admin Settings -> CRM Settings.
Restrict Export of Reports: We will introduce a new setting that will prevent the users from exporting the reports. This setting will be at a user level, which means an admin can choose who can export reports and who cannot.
Restrict “permanently deleting” a record: We will introduce a new setting that will prevent the users from permanently deleting (Forgetting) a record. This will give admin control over which sales agent can delete a record completely.
Delete User: Not just a Contact, but a Sales agent can also raise a request to be completely deleted from your web application. We are introducing a “Delete User” feature that will delete the user completely from your web application and the third-party providers we might’ve sent the user’s data to.
Unsubscribing a contact from Emails: Your web application already has a field called “Do not disturb” which will restrict sending bulk emails to these contacts and warns the user while sending an individual email. We will make it easier to Unsubscribe a contact by giving the option in the quick actions (3-dots).
Rectify contact information: If a contact requests to change or update any of their information, then you can use the “Edit” option on contact to rectify the information.
Complete Data Export: We already have an option to completely export all the data present that gives a complete export of all the data present in your web application.
Permanently Deleting your account: We already have a “Cancel Account” feature which deletes all your data stored on the web application. You can choose to delete your web application account, and we will delete all your data stored within the web application and the data shared with third parties completely within 30 days of raising the request.
GDPR compliance in chat:
At a broader account level, account admins will have the option to:
Not store IPs - If you select this, Freshchat won't be able to identify the user location.
Turn-off social profile enrichment - Any user information that we add automatically through our enrichment tools will no longer be available.
Opt out of analytics - Freshchat will stop sending any data to third party analytics tools.
Also, for individual users, you will be able to delete users, export user data and turn-off events timeline.
For more information, on GDPR compliance in chat, please refer to the GDPR FAQ for chat
GDPR compliance in call:
Administrators have the option to delete specific user data or the entire account.
Deletion of account: The Freshcaller account can be cancelled and deleted permanently from the billing page. Once deleted, data will be held for 14 days, just in case the customer wants to restore it. Post 14 days, data and account is automatically deleted permanently.
Deleting call notes and call recording:
Admins can choose to delete specific call notes and call recordings from call logs.
When a specific contact is deleted,the system prompts to verify if hard delete of other related data like call notes and recordings associated with the contact is required.
When specific company is deleted, the system prompts to verify if all contacts in the company and related data of contacts need to be deleted.
Call recording: Admins can choose to configure the call recording at a number level as “Record calls manually”. With this setting, agents can start recording calls after the customer opt-in at any point in the conversation. A prompt message is also displayed to remind admins that appropriate greeting messages should be used to notify customers that their calls are being recorded.
For more information, on GDPR compliance in call, please refer to the GDPR FAQ for Caller