Helpshift adds a GDPR compliance tool
The customer support platform’s addition of an Issue Redaction Tool illustrates the balancing of brand-vendor responsibilities that GDPR will bring.
Compliance with the upcoming General Data Protection Regulation (GDPR) by a brand and its vendors is going to be a dance of expectations.
To take one example: There’s news this week from customer support platform Helpshift, which announced a new GDPR compliance capability for its platform.
Also unveiled were a Real-Time Operations Dashboard and access to Helpshift’s chatbot support by Zendesk users. Founded in 2011, Helpshift provides B2C customer support for mobile web, apps and website chat.
The GDPR compliance is based around a new Issue Redaction Tool that will allow brands to comply with user requests, such as providing a customer’s record of personal data, removing customer data or fulfilling similar requests.
It will be rolled out over the next few weeks, CEO Linda Crawford told me, as GDPR Day — May 25 — gets closer. Here’s a screen shot from the Redaction Tool:
A customer of a Helpshift client, such as mobile game company Supercell, might click a game app’s Help button to request their personal data.
Crawford said that such a request would be captured and relayed to Supercell by the Helpshift platform.
It’s up to Supercell to actually fulfill the request of removing the personal data in both Supercell’s main database, she said, and in any database Helpshift is maintaining for it.
As for the all-important GDPR issue of user consent, she said, “we’re going to rely on the brand.”
From the user’s point of view, the Help desk interface is Supercell. But, in actuality, the Help desk interface is maintained by vendor Helpshift, which will capture, pass on and provide a tool to fulfill the request.
GDPR fines can be levied against both data controller (which determines purpose and means of data processing) and the data processor. So, this typical relationship of a help desk provider with a brand is just one of many such brand-vendor relationships that will require a clear level of mutual understanding as to who controls consent or removes data.