This article describes how certain features and functionality in Zendesk QA can assist with your obligations under privacy law.
To learn more about meeting your obligations in other Zendesk products, see Complying with Privacy and Data Protection Law in Zendesk products.
Topics covered in this article:
Meeting an access obligation
Individuals from certain regions have a right of access. On request, you may have an obligation to inform a user where their personal data is being held and for what purposes.
If an individual requests a copy of their personal data, you can export the data from Zendesk QA as described in Meeting a data portability obligation in this article.
Meeting a correction obligation
Individuals from certain regions have a right to rectification, or the right to have inaccuracies in their personal data corrected. On request, you may have an obligation to provide the individual with their personal data and fix inaccuracies or add missing information.
Users can update user data in Zendesk QA by navigating to the General section of the personal Settings page (found by clicking on their profile picture in the bottom left corner). In addition, updates made within Zendesk will automatically be updated in Zendesk QA within approximately two hours.
Meeting an erasure or deletion obligation
Individuals from certain regions have a right to erasure, or the right to be forgotten or deleted. On request, you may have an obligation to delete the personal data of an individual.
When the underlying ticket is deleted within Zendesk, that ticket and all associated data collected in Zendesk QA will also be deleted within approximately two hours.
Administrators can delete users by navigating to Users & Workspaces through their profile picture at the bottom left corner, selecting the relevant user and clicking the “Delete user” button that appears upon selection. This deletes the user’s profile but their work product (reviews, disputes, and so on) remains in Zendesk QA, as the employer has a legitimate interest in retaining that data.
Meeting a data portability obligation
Individuals from certain regions have a right to data portability. On request, you may have an obligation to provide an individual with their personal data or to transmit the data to another organization.
To meet a portability obligation, you may use the Export API to export users, reviews, disputes, CSAT data, and quizzes.
Meeting an objection obligation
Individuals from certain regions have a right of objection, or the right to object to direct marketing.
You may have an obligation to stop processing personal data for direct marketing purposes when you receive an objection from an individual.
Zendesk QA can be used to send out customer satisfaction surveys. Each survey email has a link in the footer for the recipient to opt out of receiving further emails.
Disclaimer
This document is for informational purposes only and does not constitute legal advice. Readers should always seek legal advice before taking any action with respect to the matters discussed herein.