I wanted to know which options available for a global company, to manage the entire data base activities in Hubspot, when keeping GDPR in mind?
EU region is restricted to send out communication only to opt-ins, but the North America team is not restricted to that.
Currently, I see that the GDPR settings applies to the entire account and can not be adjusted based on rules. The North America team is at risk of loosing potential customers.
HubSpot's General Data Protection Regulation (GDPR) settings and tools apply to all portal operations because the GDPR concerns all European Union (EU) citizens, not just people in EU countries.
HubSpot and many other companies have put processes in place to be GDPR-compliant with all prospects and customers. There are at least two main reasons for this:
It's impossible to tell with certainty whether a website visitor is an EU citizen or not. IP addresses may help determine a visitor's geographic location (it's far from perfect), there is no way to determine citizenship. As such, many companies have opted to treat all visitors as if GDPR applies. It's viewed as easier to implement and less risky from a legal perspective.
Many companies suspect laws in the United States and other countries to change in the near future and align more closely with the spirit of the General Data Protection Regulation. Companies who implement a GDPR compliance policy now may gain a competitive advantage if North American privacy laws change.
In short, there is no way to limit HubSpot's GDPR settings to prospects and customers of EU citizenship.
While it is possible to create forms and workflows which only surface opt-in options to prospects and contacts who claim they are EU citizens, HubSpot cannot and does not condone these actions as legal.
HubSpot's General Data Protection Regulation (GDPR) settings and tools apply to all portal operations because the GDPR concerns all European Union (EU) citizens, not just people in EU countries.
HubSpot and many other companies have put processes in place to be GDPR-compliant with all prospects and customers. There are at least two main reasons for this:
It's impossible to tell with certainty whether a website visitor is an EU citizen or not. IP addresses may help determine a visitor's geographic location (it's far from perfect), there is no way to determine citizenship. As such, many companies have opted to treat all visitors as if GDPR applies. It's viewed as easier to implement and less risky from a legal perspective.
Many companies suspect laws in the United States and other countries to change in the near future and align more closely with the spirit of the General Data Protection Regulation. Companies who implement a GDPR compliance policy now may gain a competitive advantage if North American privacy laws change.
In short, there is no way to limit HubSpot's GDPR settings to prospects and customers of EU citizenship.
While it is possible to create forms and workflows which only surface opt-in options to prospects and contacts who claim they are EU citizens, HubSpot cannot and does not condone these actions as legal.
Hi, I have a question on this - is there a reason why HubSpot makes it easy to use different cookie policies and tracking settings based on IP address location, but not for any of the other GDPR features? You can show a cookie policy that requires opt in only to IP addresses located in the EU, but wouldn't it involve the same amount of risk that an EU citizen could be located elsewhere? Why is that the only feature that allows an exception to the official position stated above? Clearly HubSpot condones this action as legal since it's built in to the platform and documented in the knowledge base... just looking for clarity here on what I should be communicating to all my clients that do business globally and ask me about this all the time.
.png "HubSpot Employee"){kind=icon}
