Privacy Management privacy-management

Marketo Engage offers a set of tools to help you comply with Privacy regulations.

Privacy requests submitted through Privacy Service UI or API for Marketo Engage apply only to the following:
  • Marketo Engage users that have onboarded to Adobe Identity Management System
  • Marketo Engage users utilizing another Experience Cloud product that’s already on the Adobe Identity Management System (e.g., RT-CDP, B2B and B2P Editions, Audience Manager).

Regulations on Privacy Management regulations-on-privacy-management

Marketo Engage’s capabilities help you comply with the following regulations:

  • GDPR General Data Protection Regulation is the European Union’s (EU) privacy law that harmonizes and modernizes data protection requirements for EU countries.
  • CCPA California Consumer Privacy Act provides California residents rights in regards to their personal information and imposes data protection responsibilities on certain entities that conduct business in California.
  • PDPA Personal Data Protection Act is the privacy law that harmonizes and modernizes data protection requirements for Thailand.
  • LGPD Lei Geral de Proteção de Dados effective as of early 2021 for all companies collecting or processing personal data in Brazil.
  • NZPA Privacy Act 2020 is the privacy law that harmonizes and modernizes data protection requirements for New Zealand.

All of the above regulations apply to Marketo Engage customers who hold data for Data Subjects residing in the respective regions or countries mentioned above (EU, California, Thailand, Brazil, New Zealand).

Right to Access and Right to be Forgotten right-to-access-and-right-to-be-forgotten

In order to help you facilitate your Privacy readiness, Marketo Engage allows you to handle access and delete requests.

  • The Right to Access is the right for the Data Subject to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. The Data Controller shall provide a copy of the personal data, free of charge, in an electronic format.
  • Also known as Data Erasure, the Right to be Forgotten (delete request) entitles the Data Subject to have the Data Controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.

To learn how you can create access/delete requests and how we process them, refer to this article.