Adobe Campaign offers a set of tools to help you comply with Privacy regulations (including GDPR, CCPA, PDPA, LGPD).
Here are the five main capabilities offered by Adobe Campaign to ensure GDPR and other privacy regulations readiness:
Right to Access
Right to Delete
For more on this, see Right to Access and Right to be Forgotten.
For more on this, see Consent, Retention and Roles.
Adobe Campaign’s capabilities help you comply with the following regulations:
All of these regulations apply to Adobe Campaign customers who hold data for Data Subjects residing in the respective regions or countries mentioned above (EU, California, Thailand, Brazil).
For more on personal data and on the different entities that manage data (Data Controller, Data Processor and Data Subject), see Personal data and Personas.
In order to help you facilitate your Privacy readiness, Adobe Campaign allows you to handle Access and Delete requests.
The Right to Access is the right for the Data Subject to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. The Data Controller shall provide a copy of the personal data, free of charge, in an electronic format.
Also known as Data Erasure, the Right to be Forgotten (delete request) entitles the Data Subject to have the Data Controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
To learn how you can create Access and Delete requests and how Adobe Campaign processes them, refer to the implementation steps.
In addition to the most recent Right to Access and Right to be Forgotten capabilities, Adobe Campaign offers other important features that are essential to Privacy:
Consent signifies agreement by the Data Subject to the processing of personal data relating to a Data Subject. Obtaining any necessary consent for that processing is the responsibility of the Data Controller. While Adobe Campaign may provide some features to help a customer manage consent related to the service, Adobe is not responsible for consent. Customers should work with their own legal departments to determine their own processes and practices for any necessary consent.
The features to help manage some aspects of consent have been core to Adobe Campaign since the beginning. Through the subscription management process, customers can track which recipients have opted-in to which type of subscriptions whether it be newsletters, daily or weekly promotions, or any other type of marketing program.
For more on Consent management, refer to the detailed documentation.
In addition to the Consent Management tools provided by Adobe Campaign, you have the possibility to track whether a consumer has opted-out for the sale of Personal Information. Refer to this section.
Regarding retention, built-in log tables in Campaign have pre-set retention periods on them, generally limiting their data storage to six months or less.
The following are the default retention values for built-in tables. Be aware that the retention configuration is set by Adobe technical administrators during implementation and values may vary for each implementation, based on customer requirements.
And similar to delete, using standard workflow functionality, it is possible to set up retention periods for any custom table.
Reach out to the Adobe consultants or technical administrators to learn more about retention or if you need to set retention for custom tables.
Adobe Campaign provides you the ability to manage the rights assigned to the various Campaign operators via different pre-built or custom roles.
One benefit is this allows you to manage who within your company can access different types of data. For example, you might have different marketers covering different geos and each marketer can only access data from their geo.
Similarly, this functionality also allows you to configure different capabilities for each user, such as limiting who can send deliveries, or more relevant for Privacy management, who can modify or export data.
For more on access management, refer to the detailed documentation.