Compliance Tab

New Compliance

What Does The Compliance Tab Do?

The compliance tab is a more recent addition to the boberdoo system and provide everything you need to keep your data secure in one easy to use place. Going through the different subtabs, you have:

What Is boberdoo's Data Retention Policy?

If you log into your system and click on the Compliance tab, you will see exact details of which fields are marked as PII and which are marked as Sensitive/Delete with Sensitive. In general, PII is name, address, email, phone and IP address, those get cleared at 30 days. Sensitive is personal health information, financial information, account numbers and date of birth, those get cleared at 7 days. When we clear email and phone numbers we store a hashed value in boberdoo, so that way it is still possible to search for an email address and we can find the lead(s) based on that hashed email after the 30 days.

For info about data retention, please see our Secure Data Retention page.

What Is Lead Search And Delete?

The Lead Search/Delete functionality allows you to search for a specific lead and delete (clean) sensitive information associated with the lead across the system.  After a lead is cleaned, sensitive information is replaced with encrypted values and can no longer be viewed unless you are in secure mode.

  • Select Lead Search/Delete from the Compliance menu.
  • Search by Email or Primary Phone number.
  • Select the leads that you want to clean and click Start Clean.
  • You will be prompted for your password in order to access Secure Mode.
  • After the lead is cleaned, the lead will still be available, however, sensitive information and PII will no longer be available to view in the lead system.

Compliance 2

What If I Already Have An AWS Account?

All questions and information regarding Lead Search or Amazon AWS S3 have been moved to our Amazon AWS S3 Page.

How Do I Block An Email/Phone Number From The Lead System?

The Block List feature allows you to block a particular lead from entering your system.  A block can be placed on an email address or phone number.

  • Select Block List from the Compliance menu.
  • Click +Add New Email (Phone) and enter one or more values. Multiple entries must be separated by commas or a new line.
  • Click Add.
  • To find out if a particular lead is on your block list, enter the email address or phone number in the search field and click Search.
  • If the lead is on your block list, you will see when it was added and the user who added it.

Compliance 4

What Is The Difference Between Lead Logs And Secure Mode Logs?

Secure Mode Logs keep track of all privileged user activity in Secure Mode. Recorded log values include the date of the activity, lead type, lead ID if applicable, IP address, user name and the action taken in the system.

  • To view the logs, selected Secure Mode Logs from the Compliance menu.
  • To search the logs for activity by a specific user, enter a user name or partial user name in the search field. (e.g. manager)

Compliance 5

Additional Security Questions

What is 2FA?

To ensure that logins are secure, boberdoo now has Two Factor Authentication (2FA). It is now available in all lead systems and able to be set based on the user type. 2FA will soon be required in lead systems so get a jump on that now! 2FA is now widely used as a secure way to log into your account rather than with only a password. You can verify yourself in three different ways. The verification methods are email, SMS messaging or using an authenticator app such as Google Authenticator or Microsoft Authenticator.  Set up your 2FA under Settings tab > 2FA Settings.

How do you create an API key and what does it do?

In the boberdoo system API keys are decoupled from users. This allows APIs to be used for the use case instead of being tied to a user.

Lead Field Security

Different lead fields hold different bits of information, some more sensitive than others. In order to keep lead fields secure, we have a maximum day limit for PII and sensitive fields, see above. Sensitive field encryption is also used to keep sensitive information secure the second they get into a lead system. Secure mode is also used as an extra layer of security to view these sensitive fields. To activate secure mode, click the user drop down on the top right of your lead system, it is there along with settings and themes. 

What if my partner wants their leads exported?

They can export leads directly from the My Leads tab. Sensitive fields are cleaned at 7 days and PII fields are cleaned at 30 days in accordance with best practices for consumer data. We strongly advise either you or your partners set up a timed report to automatically export lead data. Your partners can set up Lead Details Report By Transaction Date in their lead system. Please contact support with any questions.

Partner Timed Report

Partner Timed Report 2