Data Subject Requests
Processing data subject requests in your DCN
From the perspective of your DCN, a data subject request (DSR) is a data access or erasure request that your business must process on behalf of requesting individuals (data subjects) to comply with data privacy regulations such as the GDPR or CPRA. The Optable DSR functionality in your DCN enables you to block ongoing data collection related to a person or household identifier and erase that information from your DCN's internal storage systems. You can also unsuppress data collection for a previously blocked identifier.
Your Optable DCN provides you with UI and an API to create and list data subject requests.
There are three types of DSRs: access, erasure, and unsuppress.
You can issue DSRs from the Privacy > Data Subject Requests section of your DCN's UI, and using the Optable CLI. All DSRs are logged, and you can view the list of previously processed requests using both the UI and CLI.
For example, when your business receives a GDPR Right to Erasure request from an individual, you can configure a data subject erasure request to process that request in your Optable DCN. The erasure request will block ongoing data collection linked to that individual's identifiers and schedule the deletion of such existing linked data from all of the DCN's internal storage systems.
To see a list of previously processed DSRs in your DCN using the Optable CLI, you can issue the
Warning: The scope of requests processed via the DCN is limited to data stored and managed by the DCN. More generally, Optable's customers are responsible for ensuring that they adhere to regulatory requirements beyond what they accumulate in their DCN.
An access request returns a JSON representation of the data associated with a specified identifier if any such data exists in your DCN when the request is issued. You can copy the returned data should you need to send it to the requesting data subject because once you complete the request, the record will no longer be accessible unless you issue another DSR.
You can submit an access request using the Optable CLI by issuing the
privacy accesssub-command and specifying a valid type-prefixed identifier as follows:
$ optable-cli privacy access "e:a0ec47ca66cf92fb20ff6f556cfa0d8b63240566084029ac745b43180fd21303"
An erasure request performs two operations: deletion and suppression.
The deletion operation deletes the records of the specified identifier from all of your DCN's internal storage systems. Deletion is an irreversible operation.
The suppression operation blocks the specified identifier from storing and processing by your DCN. It may still be sent from your websites and applications sources via SDK or from other sources via API or CLI. The suppression operation is reversible by submitting an unsuppress request on the same identifier.
Immediately after the erasure request is submitted, the specified identifier and its associated data, such as any traits directly related to the ID and links to any neighboring IDs, are scheduled for deletion from your DCN's internal storage systems. The deleted identifier is also added to the suppression list. Since there may be a delay until the newly suppressed identifier is completely blocked, your DCN will re-perform deletions nightly on all suppressed identifiers. Within 48 hours following the successfully processed erasure request, the identifier and its associated data will no longer appear in records exported to destinations.
You can submit an erasure request using the Optable CLI by issuing the
privacy erasuresub-command and specifying a valid type-prefixed identifier as follows:
$ optable-cli privacy erasure "e:a0ec47ca66cf92fb20ff6f556cfa0d8b63240566084029ac745b43180fd21303"NOTE: Issuing an erasure request will automatically suppress ongoing collection and delete that subject's data from your DCN's internal databases and archives. The data will not be deleted from any destinations you may have exported it previously since your DCN may not have read access to them.
Warning: Issuing an erasure request will automatically suppress ongoing collection and delete that subject's data from your DCN's internal databases and archives. The data will not be deleted from any destinations you may have exported it previously since your DCN may not have read access to them.
An unsuppress request will remove a previously erased identifier from the suppression list, unblocking it from being stored should it be sent to your DCN.
You can submit an unsuppress request using the Optable CLI by issuing the
privacy unsuppresssub-command and specifying a valid type-prefixed identifier as follows:
$ optable-cli privacy unsuppress "e:a0ec47ca66cf92fb20ff6f556cfa0d8b63240566084029ac745b43180fd21303"