1.0 - GDPR Requirements and Limitations - Vantage Customer Experience

Vantage Customer Experience User Guide

prodname
Vantage Customer Experience
vrm_release
1.0
category
User Guide
featnum
B035-3800-099K
The Vantage CX GDPR features address the following aspects of the GDPR directive:
GDPR Requirement Description Limitations
Traceability Ensures the customer can ask why they received a communication and receive that explanation within a specified time. This includes offers and the decisioning rules associated with that offer.
  • Users must have permission to access
  • Users must enter the following:
    • Customer ID
    • Date range in this format (regardless of the location settings): YYYY-MM-DD
  • The ability to enter one or multiple IDs
Erasure Ensures the customer can request the removal of all PII data related to them and has the right to decline future communications and decisions. This includes the data about the customer profile and simulation data that is persisted in Vantage CX. The customer receives a confirmation.
  • Clients are responsible for future decline options (the default). The decline option means that Vantage CX is not contacted again with that ID.
  • Clients are responsible for excluding a previously deleted customer in future Contact Profile loads.
  • Clients are responsible for managing consent tracking for each channel.
  • Clients who have CIM are assumed to be GDPR-compliant, which means that the decline suppression segments are in place to ensure that they do not inject leads for those who have requested erasure.
Privacy and Security by Design Ensures that customer PII is secure, accomplished by encryption. This includes data at rest.
  • Session data access is restricted to Vantage CX components.
  • If any PII data is in H-base or Teradata, it must be encrypted using the supported encryption recommendations.
  • All third-party integrations (including Groovy scripts) and inbound API calls to Vantage CX must use https for data transmission.