Commit 205d7f38 authored by Lyle Kozloff's avatar Lyle Kozloff

Merge branch 'tw-update-gdpr-article-15' into 'master'

GDPR Article 15 Workflow Updates

See merge request !17090
parents 6c6fc56c 223e7407
Pipeline #39777933 passed with stages
in 31 minutes and 25 seconds
......@@ -14,7 +14,9 @@ category: Support Workflows
## Overview
Use this workflow when a user is requesting information under GDPR Article 15. The request may look something like:
Use this workflow when a user is requesting information under GDPR Article 15 either through a Zendesk ticket or the `gdpr-request` issue tracker. **These requests must be filled within 30 days.**
The request may look something like:
---
1. Please confirm to me whether or not my personal data is being processed. If it is, please provide me with the categories of personal data you have about me in your files and databases.
......@@ -39,10 +41,11 @@ Use this workflow when a user is requesting information under GDPR Article 15. T
---
## Workflows
** These requests must be filled within 30 days. **
### Requests received through Zendesk
### Service Agent Workflow (ZenDesk)
If a request is received through Zendesk as a ticket:
1. Apply the **"Account::GDPR Article 15 - GitLab.com"** Macro
......@@ -64,7 +67,13 @@ Once you've submitted your request, we'll have the various teams review our syst
Thanks for your understanding,
```
### Workflow for Requests submitted to: `gdpr-request@gitlab.com`
### Requests received through `gdpr-request@gitlab.com`
If a request was submitted to `gdpr-request@gitlab.com` it will show up as an open issue in the `gdpr-request` issue tracker.
1. Create a new issue in the `gdpr-request` issue tracker using the `GDPR-Section-15-Request` template and populate the title with the email address of the requestor.
2. Work through the checklist provided by the template and, when directed to, respond to the original issue with the [Request received response](/handbook/support/workflows/services/gitlab_com/gdpr_article-15.html#request-received-response) and [Request completed response](/handbook/support/workflows/services/gitlab_com/gdpr_article-15.html#request-completed-response) templates.
>Note: The following snippet is for reference **only**. Prefer the [issue template in the gdpr-request tracker](https://gitlab.com/gitlab-com/gdpr-request/blob/master/.gitlab/issue_templates/GDPR-Section-15-Request.md)
......@@ -129,7 +138,7 @@ Thanks for your understanding,
```
### Response template for incoming requests
#### Request received response
```
Greetings,
......@@ -137,10 +146,11 @@ We have received your Article 15 GDPR request. We're working on identifying any
You'll receive an additional notice once this process is complete.
Thanks for your understanding,
<Person who owns the request>
```
### Email template for successfully deleted accounts
#### Request completed response
```
Per your request under Article 15 of the GDPR please review the following:
......@@ -164,14 +174,14 @@ If you were a GitLab customer, you can access your customer data at https://cust
- generate invoices and bill you (if you are a customer)
3. We have not shared your personal data with any 3rd parties. However, we do use 3rd party companies to process personal data as a part of normal company operations. As such, we have (or may have) used the following 3rd parties to process your personal data:
- ZenDesk (in the event you have created a support request, either by email or through the support portal at https://support.gitlab.com)
- Zendesk (in the event you have created a support request, either by email or through the support portal at https://support.gitlab.com)
- Marketo (in the event that you requested to be on our email list, either by opting in at account signup or through our website https://about.gitlab.com)
- MailChimp (in the event that you requested to be on our email list, either by opting in at account signup or through our website https://about.gitlab.com)
- Zuora (in the event that you are a GitLab.com or GitLab Self-managed customer and provided billing information)
- Mailgun (we use this service to send outgoing emails from GitLab.com such as account confirmation emails, password resets and other notifications)
- Salesforce (in the event that you are a GitLab.com of GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- license.app (in the event that you are a GitLab.com of GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- Outreach (in the event that you are a GitLab.com of GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- Salesforce (in the event that you are a GitLab.com or GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- license.app (in the event that you are a GitLab.com or GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- Outreach (in the event that you are a GitLab.com or GitLab Self-managed customer, or provided your personal information in a demonstration or trial)
- Drift (in the event that you have ever reached out to us via webchat)
- Cookiebot (in the event that you have accepted cookies from GitLab)
......@@ -184,6 +194,7 @@ If you were a GitLab customer, you can access your customer data at https://cust
If you have any additional queries, please contact gdpr-request@gitlab.com
Thank you,
<name>
```
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment