The compliance tab is a more recent addition to the boberdoo system and provide everything you need to keep your data secure in one easy to use place. Going through the different subtabs, you have:
If you log into your system and click on the Compliance tab, you will see exact details of which fields are marked as PII and which are marked as Sensitive/Delete with Sensitive. In general, PII is name, address, email, phone and IP address, those get cleared at 30 days. Sensitive is personal health information, financial information, account numbers and date of birth, those get cleared at 7 days. When we clear email and phone numbers we store a hashed value in boberdoo, so that way it is still possible to search for an email address and we can find the lead(s) based on that hashed email after the 30 days.
For info about data retention, please see our Secure Data Retention page.
The Lead Search/Delete functionality allows you to search for a specific lead and delete (clean) sensitive information associated with the lead across the system. After a lead is cleaned, sensitive information is replaced with encrypted values and can no longer be viewed unless you are in secure mode.
All questions and information regarding Lead Search or Amazon AWS S3 have been moved to our Amazon AWS S3 Page.
The Block List feature allows you to block a particular lead from entering your system. A block can be placed on an email address or phone number.
Secure Mode Logs keep track of all privileged user activity in Secure Mode. Recorded log values include the date of the activity, lead type, lead ID if applicable, IP address, user name and the action taken in the system.
What is 2FA?
To ensure that logins are secure, boberdoo now has Two Factor Authentication (2FA). It is now available in all lead systems and able to be set based on the user type. 2FA will soon be required in lead systems so get a jump on that now! 2FA is now widely used as a secure way to log into your account rather than with only a password. You can verify yourself in three different ways. The verification methods are email, SMS messaging or using an authenticator app such as Google Authenticator or Microsoft Authenticator. Set up your 2FA under Settings tab > 2FA Settings.
How do you create an API key and what does it do?
In the boberdoo system API keys are decoupled from users. This allows APIs to be used for the use case instead of being tied to a user.
Lead Field Security
Different lead fields hold different bits of information, some more sensitive than others. In order to keep lead fields secure, we have a maximum day limit for PII and sensitive fields, see above. Sensitive field encryption is also used to keep sensitive information secure the second they get into a lead system. Secure mode is also used as an extra layer of security to view these sensitive fields. To activate secure mode, click the user drop down on the top right of your lead system, it is there along with settings and themes.
What if my partner wants their leads exported?
They can export leads directly from the My Leads tab. Sensitive fields are cleaned at 7 days and PII fields are cleaned at 30 days in accordance with best practices for consumer data. We strongly advise either you or your partners set up a timed report to automatically export lead data. Your partners can set up Lead Details Report By Transaction Date in their lead system. Please contact support with any questions.