Customer.io, GDPR, and you!
UpdatedGDPR (General Data Protection Regulation) is a regulation to strengthen and unify data protection for EU citizens. In a nutshell, its goal is to protect individuals’ data and grant them rights over access to and usage of that data.
Read the text in full!
We’d encourage you to read the text in full and consult with your legal counsel for the most complete understanding of the GDPR.
Customer.io helps you use customer data to help send personalized messaging. We understand the power of this capability, and with it the importance of helping you protect that data. We’ve stated our public commitment to the regulation and, as part of that, have either built new features for the product, or made them more accessible.
Documentation Directory
This is a collection of documentation for features of Customer.io which help you comply with GDPR article 24 (responsibility of the controller).
- End user data exports: How to export attributes for a group of users
- End user data deletion & suppression: Honor delete requests and the right to be forgotten
Delete or suppress users to comply with GDPR requests
You can remove a person (through our UI, our API, and other integrations) from your workspace to remove their profile data from Customer.io.
But, to fully honor a GDPR “right to be forgotten” request, you may want to suppress a user. Suppressing a person in Customer.io:
- Deletes the person’s profile
- Redacts activity attributed to the person
- Prevents you from adding a person with the same identifiersThe attributes you use to add, modify, and target people. Each unique identifier value represents an individual person in your workspace. (generally their ID or email) to your workspace
The last point is crucial: while you can remove profiles from your workspace, you can also add them back. Suppressing a user’s profile ensures that you can’t add a person with the same email or ID to your workspace.
