GDPR assistance through Hubspot & PieSync

Updated 2 months ago by Frans Leys

Hubspot recently added a feature that will allow you to track lawful basis by setting up automated workflows (f.e. when starting a trial, a lawful basis property gets added to a certain contact) or by manually adding the lawful basis property information. Hubspot will also store a copy of the notice (f.e. your privacy policy) that your customer was provided with upon consenting.

How do you make sure the value is filled out for each individual contact as they get added into Hubspot?


Setting Legal basis as an ACTION in a sync rule

When syncing into Hubspot, make sure you set the legal processing straight via a sync rule. For instance, when someone subscribes to your Mailchimp list, you have obtained consent and you should log this as such in Hubspot. This is only relevant if you used a GDPR-compliant subscription form to obtain the consent. The field "Consent source" is concurrently set with the source so you can trace it back to the original app!

In this sync with Salesforce, contacts that are actively being worked on are kept alive in Hubspot on a legal basis which may be the performance of a contract, or under legitimate interest. However, a second rule is added. When a contact gets deleted in Salesforce, it triggers a followup in Hubspot and clears the legal basis of performance of contract and sets it to a custom value.

Using Legal basis as a FILTER in a sync rule

When Hubspot acts as your source of GDPR truth, let it fuel the rest of your SaaS stack. Here, I am using Hubspot & ActiveCampaign side by side. Hubspot is my main CRM, while a distribution list in ActiveCampaign sends out transactional e-mails to customers. The legal basis, as it is set in Hubspot, is unambiguously controlling whether or not these e-mails are sent out of ActiveCampaign, and vice versa. 


How did we do?