Note:
The Leafworks GDPR app is no longer being actively developed! However, we are happy to continue advising you on data protection-compliant Zendesk setups and the handling of personal data in customer service.
Zendesk is used by many companies that are subject to the requirements of the General Data Protection Regulation (GDPR). Personal data is processed in daily operations – for example, in ticket content, comments, attachments or user-defined fields. This data is generated continuously and often remains in the system for years.
Handling this information is not only a legal issue, but also an organisational and technical challenge: on the one hand, data protection requirements must be met, and on the other hand, ticket data is an important basis for quality assurance, control and reporting in customer service.
Data protection in the conflict between operation and evaluation
- Service KPIs and performance analyses
- Trend and quality evaluations
- Internal reviews and optimisations
What options Zendesk offers natively today
- Deletion functions for tickets and users, including time-controlled deletion based on defined retention periods
- Redaction functions that allow content in tickets to be redacted manually or semi-automatically
- Advanced options as part of additional data protection add-ons
Where the challenges lie in practice
- Which data must be removed, anonymised or retained, and when?
- Which ticket components are still relevant for reporting, even if personal content has been removed?
- How can data protection requirements be systematically integrated into existing workflows?
- How can we ensure that measures are implemented consistently and transparently?
What the Leafworks GDPR app was intended for
The Leafworks GDPR app was developed against this backdrop. Its aim was to anonymise personal ticket data without deleting tickets completely, thereby enabling meaningful reporting to continue.
Its functions at the time included:
- Anonymisation of personal content in tickets
- Selection of affected tickets based on defined criteria
- Obtaining relevant key figures for analysis
- Targeted control via fields and rules
The app is no longer available and is no longer being developed. Data protection in Zendesk is still relevant, but can no longer be effectively addressed by a single app.
Approaching data protection in Zendesk sensibly today
- clear rules for data storage and deletion
- transparent processes for information and deletion requests
- clear distinction between personal data and evaluable service information
- regular review of the Zendesk configuration
Questions about GDPR and data protection in Zendesk?
If you need assistance evaluating your Zendesk setup or have questions about handling ticket data in compliance with data protection regulations, we are happy to help.
Would you like expert support with data protection issues?
