Sitecore released update 7 for Sitecore 8.2 in April 2018 (ver 180406). This release includes some important features to make it easier for you to be compliant with the new GDPR regulations that came into effect today May 25th, 2018.
These features include:
- The Contact Segmentation Index was updated to be compatible with the Right to be forgotten feature. This includes cases where tags, pages, and page event documents should be removed, as well as cases where the updates would have been ignored because of the setting to avoid indexing anonymous contacts.
- Policy Identifier – the unique identifier for the policy. This can include the version number.
- To enable an organization to implement the Right of access and the Right to data portability as part of GDPR, the contact repository API was extended to retrieve the complete interaction history of a given contact. The Sitecore.Analytics.Data.ContactRepositoryBase.GetInteractionCursor method can be used to enumerate the contact’s historical interactions, loading them in batches of a desired size.
- To enable an organization to implement the Right to be forgotten, a new removeContactPiiSensitiveData pipeline has been implemented.
- General Data Protection Regulation
- Practical Application of the GDPR for Marketers: Data Retention, Erasure, Access Requests, Preference Management
- Practical Application of the GDPR for Marketers: Data Security & International Transfers
- Practical Application of the GDPR for Marketers: Consent and Data Governance
- Sitecore Experience Platform 8.2 Update-7
- Sitecore 8.2 update 7 Release Notes
- Technical guidance for GDPR (including EXM and Sitecore Commerce)
- Tomek Juranek has written a really good article on how these features could be implemented – Sitecore and GDPR in practice