Data Subject Requests

Processing data subject requests in your DCN

From the perspective of your DCN, a data subject request (DSR) is a data access or suppression request that your business must process on behalf of requesting individuals (data subjects) to comply with data privacy regulations such as the GDPR or CPRA. The Optable DSR functionality in your DCN enables you to block ongoing data collection related to a person or household identifier and erase that information from your DCN's internal storage systems.

Suppression Requests

There are two types of suppression requests: suppress and unsuppress. These suppression requests can be easily configured using one or more supported suppression sources and by following our suppression source format.

Suppress Request

A suppress request performs two operations: deletion and suppression.

The deletion operation deletes the records of the specified identifier from all of your DCN's internal storage systems. Deletion is an irreversible operation.

The suppression operation blocks the specified identifier from storing and processing by your DCN. It may still be sent from your websites and applications sources via SDK or from other sources via API or CLI. The suppression operation is reversible by submitting an unsuppress request on the same identifier.

Immediately after the suppress request is submitted, the specified identifier and its associated data, such as any traits directly related to the ID and links to any neighboring IDs, are scheduled for deletion from your DCN's internal storage systems. The deleted identifier is also added to the suppression list. Since there may be a delay until the newly suppressed identifier is completely blocked, your DCN will re-perform deletions nightly on all suppressed identifiers. Within 48 hours following the successfully processed suppress request, the identifier and its associated data will no longer appear in records exported to destinations.

Unsuppress Request

An unsuppress request will remove a previously suppressed and erased identifier from the suppression list, unblocking it from being stored should it be sent to your DCN.

Suppression Sources

One or more suppression sources can be configured to ingest suppress and unsuppress requests. The supported sources are:

All sources (except File Upload) support to configure an ingestion frequency (Hourly, Daily or Weekly) to automate the ingestion of suppress or unsuppress requests through those sources.

Additionally, each time a source is ingested, any new suppress or unsuppress requests are processed incrementally. For any given identifier, the system ensures that the request with the most recent timestamp—whether suppressed or unsuppressed—takes precedence over any earlier requests for the same identifier.

Suppression Source Format

Prior to uploading a file or configuring a table/view, your must format your data using the specified schema below. All suppression sources types require that you follow this schema.

Header/Column
Format (Value)

id

Any supported identifier types, pre-fixed and encoded in accordance with our documentation

event_type

Suppression event type: suppressed or unsuppressed

timestamp

Unix timestamp

Example:

id
event_type
timestamp

e:31c5543c1734d25c7206f5fd591525d0295bec6fe84ff82f946a34fe970a1e66

suppressed

1704828445

e:274e44d98f150bdaff591268419d09f488c22a617e34e15434e5ac1f8db3b216

suppressed

1704828445

e:6cfb3c87ab6570473e2931f440cf33b1b0335355911be42c876bf187cb8b75d8

unsuppressed

1704828445

...

...

...

Access Requests

An access request returns a JSON representation of the data associated with a specified identifier if any such data exists in your DCN when the request is issued.

You can copy the returned data should you need to send it to the requesting data subject, because once you close the request, the generated response will no longer be accessible unless you issue another access DSR.

Submitting an Access Request

You can submit an access request using the DCN's UI by navigating to Admin > Data Subject Requests > Access or by using the Optable CLI by issuing the privacy access sub-command and specifying a valid type-prefixed identifier as follows:

$ optable-cli privacy access "e:a0ec47ca66cf92fb20ff6f556cfa0d8b63240566084029ac745b43180fd21303"

Last updated

Was this helpful?