We wanted to give everyone some insight into the status of the internal GDPR project leading up to May 25, 2018 and beyond.

We are fully committed to enhancing the HubSpot platform to enable customer/partner compliance with the GDPR. We kicked off our GDPR compliance project last year, and we have key members from all parts of the company working on solving for our customers/partners and the GDPR.

While the existing product today can be used in a way that helps comply with GDPR, doing so can be difficult or involve complex workarounds. Our goal is to make this as easy as possible and to have the product help our customers live up to the principles of GDPR easily, as well as introduce new product functionality that will help you comply and automate compliance with the regulation. Some of the key features and areas of the product we are working on include:

 

  • New tools in form builder to help ensure proper notice and consent
  • Ensuring that end users are able to manage their communication preferences in a way that puts control in the data subject's hands
  • Improvements to double opt-in functionality
  • Ability to easily understand what consent customers have given, when, and the history of changes to that in the relevant parts of the product
  • Ensuring an easy means of exporting the personal data of a data subject
  • Bolstered deletion functionality to comply with right to erasure
  • Enhanced cookie management and preferences with localized privacy notices
  • In-portal guidance and suggestions on how to address key data privacy rules
  • Work with our certified integration partners on solving for the GDPR

 

The regulations and guidance from the EU help shape the solutions we are crafting, though with the draft ePrivacy Regulation and ongoing member-state implementation of the GDPR, there remain a number of open questions. This means two things: one, we recognize the need to build flexibility into the product to adapt to these changes, and two, we may delay releasing new functionality to make sure it aligns with the new rules.

We'll be announcing GDPR related changes on a rolling basis leading up to the GDPR enforcement date of May 25, 2018 and then beyond. Please keep a look out for more updates that we will be adding to our main GDPR page as we go along.