Sitecore has always adhered to Privacy by Design. This philosophy is particularly valuable in the emerging era of GDPR regulation.
If you use the Sitecore Experience Manager for analytics, you can use some available tools to manage Personally Identifiable Information (PII) for your site visitor contacts. One best practice is to capture and store your end customer’s affirmative action in the Experience Database. The customer’s consenting action can be stored as a facet on the customer’s contact record. You can then use the search feature of the XM to pull up the contact by name or organization to manage compliance.
Sitecore privacy by design is based on securing data in you xDB by encryption, and the largest amount of the PII is stored in your xDB, where data may be stored from the Web Forms module, social connectors, commerce and from other systems (for example, CRM). PII is also located in indexers like Lucene, Azure Search or SOLR. You should inform users why personal data is stored in these places.
Sitecore 9 brings an elegant solution for cases of applying the right to be forgotten. A new ExecuteRightToBeForgotten() method performs anonymization of the contact. It deletes all identifiers of the contact and attributes or values, which are identified as PII data. Data that cannot identify a specific person within the scope of anonymized contact in the xDB, will remain. At the same time, the ExecutedRightToBeForgotten attribute will be set to true.