In today’s age, it’s important to regard your clients’ desires when they demand only specific types of contact from your organization or opt-out of particular kinds of information sharing. SUMO provides information to assist you with deciding the most ideal approach to agree to the best way to comply with the data protection and privacy regulations that that apply to your organization.
Most data protection and privacy regulations demand that you and your company honor consumer requests about how you use their data. A few of the regulations that are important to many organizations collecting and handling their clients’ information include:
- General Data Protection Regulation (GDPR), European Union
- California Consumer Privacy Act (CCPA), United States
- Canada’s Anti-Spam Law (CASL)
If you have clients or users who demand explicit methods of contact from your organization, review these typical requests and the methods related to them.
| COMMON CUSTOMER REQUEST | ACTIONS TO CONSIDER | THINGS TO CONSIDER |
| A customer has asked to not receive appointment-related email messages that I send using SUMO. How do I prevent SUMO from sending these email messages? | Your staff may check the “Email Opt-Out” box on the related lead, contact, or person account record. | Consider periodically reviewing your contacts’ “Opt-Out” preferences to make sure that only those contacts who wish to receive emails do not have “Opt-Out” checkbox set to true. |
| A customer has asked to not receive appointment-related SMS text messages that I send using SUMO. How do I prevent SUMO from sending these SMS text messages? | SUMO Appointments — In this product, your staff may check the “Text Opt-Out” box on the related lead, contact, or person account record. SUMO CEP — In this product, the customer is required to OPT-IN every single time they wish to receive an SMS Text Message, so the system will never send an SMS text message the customer does not OPT-IN to. | Consider periodically reviewing your contacts’ “Opt-Out” preferences to make sure that only those contacts who wish to receive emails do not have “Opt-Out” checkbox set to true. |
| A customer in California sent me an opt-out request so that we don’t refer to or share her personal data. | Build a Flow | Build a flow that: – Accepts a contact ID. – Finds all data associated with that contact ID. – Deletes the data. If you connect to external sources, consider deleting the data from those sources. Keep in mind that flows don’t necessarily identify all the data to delete. After your flow finishes, run a report to identify any remaining information, and then delete it. |
| I want to be able to track customers’ preferences for receiving marketing solicitations. How can I do that? | Store customers’ data privacy preferences. | Work with your legal team to understand how quickly you must act on your customers’ requests. Keep in mind that the preferences you set simply help you track your customers’ requests. And it’s up to you and your company to determine a way for honoring those customers’ requests. You can identify the customers for which you’ve set privacy preferences by either: – Retrieving updates to data privacy records when you set an Apex trigger on the Individual object. – Running queries for updates to records based on the Individual object using the SOAP API. Consider setting a schedule for these tasks based how quickly you must act on your customers’ requests. |
| I want to be able to track customers’ preferences regarding processing or deleting their data. How can I do that? | Store customers’ data privacy preferences | Work with your legal team to understand how quickly you must act on your customers’ requests. Keep in mind that the preferences you set simply help you track your customers’ requests. And it’s up to you and your company to determine a way for honoring those customers’ requests. You can identify the customers for which you’ve set privacy preferences by either: – Retrieving updates to data privacy records when you set an Apex trigger on the Individual object. – Running queries for updates to records based on the Individual object using the SOAP API. Consider setting a schedule for these tasks based how quickly you must act on your customers’ requests. |
