For both the automated and manual data export options, boberdoo connects with your Amazon Web Services account to securely transfer lead data into an S3 bucket of your choosing.
boberdoo’s automated data export feature allows you to identify an hourly or daily export interval for all new leads that enter the system.
For each lead type, you can select one of two export options.
To manually export leads from the system, use Compliance>Lead S3 Merge.
The data retention options listed above can be used on their own as basic database backups, but they are best used in conjunction with boberdoo’s other security features.
Secure Data Retention + Lead Field Security
When used together with boberdoo’s Lead Field Security option, all data is decrypted in the export process. This allows you to view full lead details from your Amazon account and manage lead data access using Amazon’s permission settings.
Secure Data Retention + Data Deletion
boberdoo’s data export options were built to work alongside it’s Data Deletion Options. We strongly encourage you to utilize a lead security strategy that first exports your lead data before deleting it from the boberdoo system and database.
Reprocess Cleaned Lead Data
Any lead type that has both lead export and lead field cleanup configured can still reprocess leads that have fields that have already been cleaned. Once configured, you can trigger the reprocess of a cleaned lead, automatically retrieve the full lead details from your Amazon S3 bucket and update and reprocess the cleaned lead with the full lead details. After the lead is reprocessed and matched to a buyer, the lead is once again cleaned immediately.
Data Retention Policy
boberdoo enforces a 30 day minimum PII data retention policy and 7 days on sensitive fields. You can see how your fields are labeled, PII, Sensitive, or neither, in the Compliance section of your lead system. You may opt to have us store the data for less than 30 days but not longer.
Some clients may wonder why boberdoo enforces a data retention policy if their company is ultimately responsible for the data. We believe the following. Times are changing and risks are too high. This is the best thing for consumers and our clients. Our prediction is that most state level laws are heading towards the concept that lead companies should only hold data for as long as is required to provide the service you are promising the consumer. After 20 years of watching lead companies operate, this is essentially already true. Refunds, questions, and many complaints are generally handled within 30 days. When we clean email and phone we store a one way hash that allows us to still use those fields when you search for a lead and for deduping purposes.
…..but what if I really do need PII after 30 days? For example if I have been told I need to keep 5 years of data for TCPA issues then what do I do?
You can keep your PII data, just not in boberdoo. Most of our clients who are not already storing their leads outside of boberdoo are using our new Amazon AWS S3 account option. This is a data storage solution that we will set up and then transfer to you. You will be able to search for leads in this S3 account from your boberdoo system. You can also reprocess leads from S3 after the PII/Sensitive has been wiped from boberdoo. Your long term costs for the AWS account will be very low and the entire process of us setting up the account and transferring it to you are very easy.