Under the General Data Protection Regulation (GDPR), an individual saved as a contact in MadKudu contacts database has the right to request for certain actions to be performed on the personal data you have about them. To keep to our commitment to GDPR readiness, we offer the ability to:
- Delete records: The GDPR requires permanent deletion of their contact record from your database, including email history, form submissions, and other engagement data and activity. This includes removing all data keyed by that email address from all storage mediums that don’t automatically expire data within 30 days. This includes archives, databases, and staging environments.
- Modify incorrect or inaccurate data: The GDPR empowers individuals to correct any personal data that is deemed inaccurate or incomplete. In MadKudu, if the end-user asks you to change her information, we can do so from within her contact record.
- Retrieve user-specific data: Under the GDPR, end users have a right to access their personal data and are entitled to obtain their personal data in a commonly used, structured format, such as a CSV file.
Requests are typically responded to within 30 days.
How to make GDPR requests
Get records deleted via CSV upload in MadKudu App
Pre-requisites
- You are a customer of MadKudu
- Have the Admin rights to the MadKudu app
Step by Step
- Log in to the MadKudu app
- Go to the Settings > GDPR. This section will only be visible if you have sufficient Admin access rights.
- Upload a CSV of the emails you would like to delete from the MadKudu database. Your file should have a CSV extension.
- Click "Delete Records" in the pop-up to validate the operation.
- Once your file has been processed, you will receive an email informing you of the correct deletion of the records from the MadKudu database.
*Please note: Once the email is deleted, this cannot be undone.*
Get records deleted via MadKudu GDPR deleted
To use MadKudu GDPR, start by authenticating with your API key located in your account. Go to Settings > Integrations > API
Use this API doc for authentication instructions: https://developers.madkudu.com/#introduction
The API offers 2 options: sending a CSV file or an array of emails.
Option 1: CSV file
API Endpoint: https://api.madkudu.com/v1/gdpr/file -> Submit a csv file containing emails, using the csv file format suggested above.
Example using cURL:
curl --location --request POST '<https://api.madkudu.com/v1/gdpr/file>' \\
-header 'Authorization: <BASIC_TOKEN>' \\
-form 'csv_file=@"/Users/user/Desktop/gdpr_csv_test.csv"'
Option 2: Array of emails
API Endpoint: https://api.madkudu.com/v1/gdpr/array -> Submit an array of emails in json format.
Example using cURL:
curl --location --request POST '<https://api.madkudu.com/v1/gdpr/array>' \\
-header 'Authorization: <BASIC_TOKEN>' \\
-header 'Content-Type: application/json' \\
-data-raw '["test+1@madkudu.com","test+2@madkudu.com"]'
Expected responses:
For other types of requests
For requests other than record deletion, you can use our online form -> MadKudu’s data privacy management form.
At this form:
- Enter your email address with a valid company domain.
- Enter the email address of the contact record you would like to perform the request on.
- Select the appropriate GDPR-compliant action you would like to perform on the selected personal record.
- For requests to Modify, enter a description on what needs to be changed.
- Then, click Submit Request.
