How Zyxel streamlined global GDPR deletion requests with GDPR Compliance

With over 20 years in the networking and security industry, Zyxel has relied on Zendesk for nearly a decade to support its global customer base. When GDPR regulations required stricter data handling, they turned to the GDPR Compliance app to manage user and ticket deletions. Today, the app is fully integrated into their automated workflows, helping them handle up to 20 requests a day, stay compliant across regions, and maintain a tidy Zendesk environment.

Could you please introduce yourself and your company, as well as your role at the company?

I’m Tobias. We work in the networking industry, specifically in security products and Wi-Fi. And the company has existed for over 20 years, it’s called Zyxel. My role is mainly a Zendesk admin, but I previously worked as a 10-year Zendesk agent. So I know both sides of the story, and yeah, that’s my daily job right now.

What was the biggest challenge you were facing before using our GDPR Compliance app for Zendesk?

The biggest challenge was first to even find something that could do GDPR deletion jobs and get a picture of what should be anonymized or deleted within the system. So we had Zendesk for seven or eight years, and we never did any cleanup.

And when it comes to reviewing our data at some point and to the sanctions for Russian business, then we were more focused on the data and what kind of things we need to delete or anonymize.

How did you come across GDPR Compliance in Zendesk?

We went through the Zendesk app marketplace, which we usually do first when looking for an app, and just entered the keyword ‘GDPR’. We found a few apps. Usually, I check the ratings of apps before installing because there are a lot of scam things on the marketplace, to be honest. And when a GUI looks somehow fancy and good, I will migrate it.

And if I have a feeling that nothing is matching, then we usually try to develop our own apps. Meanwhile, the app builder is released by Zendesk, which can do some easy jobs at least. However, the GDPR is a complex topic. You need a database, you need whatever to achieve this. So we decided on this app.

Was there anything else that made you choose our application over others?

I think we installed two apps or maybe three apps. I forgot it’s been a long time, two or three years already. And we saw which was easy to set up and which worked as a kind of out-of-the-box experience for this job at the beginning.

We’re also always looking for instance price apps. So, not per agent, because we have a lot of licenses where people are not working with Zendesk, just using it for monitoring, or from different web stores, and the team has never touched GDPR-related things. So, we usually check this as a criterion, for instance, the app price for us.

How was your onboarding experience? Maybe there were some challenges?

The manual experience was fine. When we had a GDPR process to follow, we knew we could enter an email address or search for a user in the list and anonymize the user using the default criteria. So the beginning and the start were no problem.

But we are acting in a worldwide company, and I’m responsible for the EMEA region and partially the US region. This means that we receive 10 to 20 GDPR requests per day from time to time. So, the manual searching was out at some point.

And then it comes into the list of fuses or generated automations. And here, we had previously experienced some hiccups that we were not quite sure how to automate the process so that the right deletion user would be part of a list.

And sometimes automation would get stuck, and I wouldn’t receive a reminder that it was stuck. I think that was some bug we raised before, which has meanwhile been fixed. However, the app and its design are working.

The main challenge was for us to process how we combine our data to ensure GDPR compliance for Zendesk. Meanwhile, we receive incoming ticket requests with a static ticket Title, which is the email address. We then grab these tickets with specific text and add them to a list of GDPR Compliance. Then, based on this automation and trigger, we put it into the GDPR Compliance app and delete it once a day. So that’s a good working workflow for us.

How would you describe your experience with the application?

From a configuration point of view, we did most things on our own. So, I was only in touch with support if something was not loading or not working, or if we saw unexpected error messages in the app. I think I was in touch with support five, six, or seven times.

Meanwhile, we are on track, with well-established processes for GDPR request deletion and organization deletion.

Would you recommend our GDPR Compliance app to others?

Yes, absolutely. I’ve already done it before. We are co-working on custom app development with a lot of different Zendesk customers, and whenever the question arises regarding GDPR, that’s the app I recommend. Because it’s working, it’s good, and it’s stable.

It’s also not too expensive, which is a way forward. Typically, if an app has a good price, we keep it. If an app becomes too expensive over time, we develop a custom app.