This document provides an overview of managing individual data privacy and opt-out requests that you can send to Audience Manager through the Privacy Service UI and the Privacy Service API.
These tools allow you to send consumer data privacy requests made under GDPR and CCPA.
Before reading this article, we recommend going through the GDPR Glossary and CCPA Glossary, to better understand the terminology used here.
You can submit individual requests to access and delete consumer data from Audience Manager, in two ways:
When sending individual data privacy requests, you can submit any Audience Manager identifiers (IDs), as described in the Audience Manager Identifiers section, along with their respective namespace IDs (data source IDs).
The Privacy Service supports two types of requests: data access and data deletion requests.
You can send individual data access requests through the Privacy Service UI (documentation here or by calling the Privacy Service API (documentation here and API reference here.
The Privacy Service UI allows you to create new job requests either by using the Request Builder or by uploading a JSON file.
To see what a valid JSON file looks like, you can download a sample JSON.
We understand your commitment to honoring your data privacy requests within the time period set by the legislation.
You can send data deletion requests through the Privacy Service UI (documentation here or by calling the Privacy Service API (documentation here and API reference here.
The Privacy Service UI allows you to create new job requests either by using the Request Builder or by uploading a JSON file.
To see what a valid JSON file looks like, you can download a sample JSON.
Adobe understands your commitment to honoring your data privacy customer requests within 30 days. For that reason, Adobe is committed to processing your data deletion request as soon as possible.
In response to your consumer data deletion requests, Audience Manager deletes traits and segments associated with the Audience Manager identifier included in the request. Additionally, the respective Audience Manager identifiers for the individual opted out of further data collection by Audience Manager and the respective ID mappings will be removed.
When you send declared IDs, such as cross device CRM IDs or cookie IDs, in data privacy requests, Audience Manager will perform the necessary deletion on all the linked devices (up to 100 devices per declared ID).
Audience Manager will attempt to notify activation partners about deletion requests by sending them unsegment information for Data Subjects requesting deletion of certain data. However, some activation partners:
In those cases, you are not able to send delete requests to activation partners in an automated way through Audience Manager.
Refer to our device-based destinations list documentation to see which Audience Manager activation partners support unsegment.
Audience Manager supports industry-wide standards with regard to opt-out management. Read on for complete information on the types of opt-out supported by Audience Manager.
While data access and deletion requests are handled through the Privacy Service, opt-out requests are currently supported through the DCS API. Read on to learn what the opt-out API calls should look like.
The global opt-out represents an opt-out across Audience Manager and other Adobe Experience Cloud solutions for all brands. The table below lists the methods used for global opt-out:
Opt-Out For | Description |
---|---|
Adobe Experience Cloud |
The Your Privacy Choices page provides 1-click features that let your end users control and opt-out of data collection by the Adobe Experience Cloud advertising solutions (including Audience Manager). Specifically, see the business customer section of the Privacy Choices page. |
Direct API calls to Audience Manager |
Your users can opt-out from data collection by all Audience Manager brands by making a call to the DCS API below and include the Audience Manager User ID : As a result, we will set |
Mobile devices |
See the opt-out and privacy settings for:
|
Your end users can also opt out of global data collection by visiting the websites of our industry standards partners.
Following the opt-out requests described above:
The partner-level opt-out allows you to opt-out your users from data collection by specific Audience Manager partners. You can send partner-level opt-out requests for cross-device IDs, including CRM IDs and hashed email addresses.
Following a partner-level opt-out with a declared ID call:
When Audience Manager receives a partner-level opt-out request, the JSON returned by the DCS contains the error code 171, with the message “Encountered opt out tag”, instead of the Audience Manager user ID.
You can make a declared ID opt-out request with the d_cid
and d_cid_ic
key-value pairs. The legacy parameters like d_dpid
and d_dpuuid
still work, but are considered deprecated. See CID Replaces DPID and DPUUID. In the examples, italics indicates a variable placeholder.
For a description and syntax, see URL Variables and Syntax for Declared IDs.
Opt-Out Using | Code Sample |
---|---|
A data provider ID and user ID. | https://yourcompany.demdex.net/demoptout.jpg?d_cid=123%01987... |
An integration code and user ID. | https://yourcompany.demdex.net/demoptout?d_cid_ic=456%01321... |
Multiple d_cid and d_cid_ic key-value pairs. |
https://yourcompany.demdex.net/demoptout?d_cid=123%01987&d_cid_ic=456%01321... |
The partner-level opt-out allows you to opt-out your users from data collection by specific Audience Manager partners. You can opt-out from data collection on a given device ID for a brand by making the following calls to the DCS API:
Opt-Out Using | Code Sample |
---|---|
An Audience Manager Unique User ID (uuid ). |
https://yourcompany.demdex.net/demoptout.jpg?d_uuid=123 |
An Experience Cloud ID (mid ) |
https://yourcompany.demdex.net/demoptout.jpg?d_mid=123&d_orgid=IMSoRGid |
Read more about uuid
, mid
and imsOrgId
in the Index of IDs in Audience Manager.
Following a partner-level opt-out with a device ID call:
In order to help you automate your consumer data privacy requests, Audience Manager will attempt to notify activation partners about deletion requests from Data Subjects by sending them unsegment (or remove segment) information.
However, some of our activation partners:
In those cases, you are not able to send delete requests to activation partners in an automated way through Audience Manager.
Consult the list of device-based destinations to see which Audience Manager activation partners support unsegment.
Given that Audience Manager is not the source of the data, there is a limited role for data correction in Audience Manager. The correction could mean that the consumer has requested to either be disqualified from an incorrect trait/segment or qualified to the desired trait/segment.
Audience Manager customers can choose to capture the relevant signals/traits/segments against user profiles and send this information through offline data ingestion to Audience Manager. Please note that the user will continue to get qualified to the original trait and segments if they repeat their behavior.