Homepage Pardot Setup GDPR Compliance With Pardot

GDPR Compliance With Pardot

Learn how to configure Pardot for GDPR compliance and manage user consent effectively.
Written by Axel
Updated 1 month ago

"I need to ensure our Pardot setup is GDPR compliant - where do I start?"

GDPR compliance in Pardot requires careful attention to several key components. Let's walk through the essential steps to ensure your marketing automation aligns with data protection requirements.

Four Essential Components for GDPR Compliance

There are four components. We will go through these step by step to help you implement a robust compliance strategy.

Privacy Policy Integration

Your privacy policy needs to be transparent about Pardot's role. Make sure to include:

  • Precise details about data collection through Pardot
  • Clear explanation of how you use this data in marketing
  • Information about tracking methods used
  • Comprehensive overview of user data rights

Configuring Pardot Privacy Settings

Navigate to Account Engagement Settings > Account Settings to configure these crucial GDPR-related settings:

Edit Account Settings for Configuring Pardot Privacy Settings

Honor Do Not Track (DNT) Header

You must decide whether to respect or ignore browser "Do Not Track" settings. Respecting these settings prioritizes GDPR compliance over visitor tracking, while ignoring them prioritizes tracking capabilities.

Automatically Remove Unconverted Visitor Records

Configure automatic deletion of non-converted visitor records:

  • Enable/disable automatic deletion
  • Set retention period (options: 6 months, 1 year, 2 years, or 3 years)
  • This setting affects how long you keep data of visitors who haven't converted to prospects

Retroactive First-Touch Tracking

Decide whether to retroactively measure first touch point data. Enabling this feature prioritizes tracking over GDPR compliance, while disabling it puts GDPR first.

Configure Cookie Duration

Set the lifetime of Pardot cookies:

  • Minimum required: 180 days
  • Default setting: 3,650 days
  • Choose a duration that balances business needs with privacy requirements

Implementing Double Opt-In (DOI)

Pardot doesn't provide an out-of-the-box double opt-in solution, so you'll need to create your own process. While Salesforce suggests a standard approach, it has limitations:

  • Relies heavily on cookies
  • Experiences delays in DOI email sending due to Automation Rule processing

We recommend implementing a custom solution that:

  • Ensures immediate DOI email delivery
  • Maintains compliance without depending on cookies
  • Creates a reliable verification process

Optional: Setting Up a Preference Center

Consider implementing a preference center to give users more control over their data:

  1. Create a custom preference center page
  2. Define clear subscription options
  3. Establish processes for preference updates
  4. Document and maintain preference histories

Need expert guidance on implementing these GDPR compliance measures in your Pardot instance? Contact our specialists for personalized support.

Did this answer your question?
close-image
full-image