Privacy request processing in Identity Service

Adobe Experience Platform Privacy Service processes customer requests to access, opt out of sale, or delete their personal data as delineated by privacy regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

This document covers essential concepts related to processing privacy requests for Identity Service within Adobe Experience Platform.


This guide only covers how to make privacy requests for the Identity data store in Experience Platform. If you also plan to make privacy requests for the Platform Data Lake or Real-time Customer Profile, refer to the guide on privacy request processing in the Data Lake and to the guide on privacy request processing for Profile in addition to this tutorial.

For steps on how to make privacy requests for other Adobe Experience Cloud applications, refer to the Privacy Service documentation.

Getting started

It is recommended that you have a working understanding of the following Experience Platform services before reading this guide:

  • Privacy Service: Manages customer requests for accessing, opting out of sale, or deleting their personal data across Adobe Experience Cloud applications.
  • Identity Service: Solves the fundamental challenge posed by the fragmentation of customer experience data by bridging identities across devices and systems.
  • Real-time Customer Profile: Provides a unified, real-time consumer profile based on aggregated data from multiple sources.

Understanding identity namespaces

Adobe Experience Platform Identity Service bridges customer identity data across systems and devices. Identity Service uses identity namespaces to provide context to identity values by relating them to their system of origin. A namespace can represent a generic concept such as an email address (“Email”) or associate the identity with a specific application, such as an Adobe Advertising Cloud ID (“AdCloud”) or Adobe Target ID (“TNTID”).

Identity Service maintains a store of globally defined (standard) and user-defined (custom) identity namespaces. Standard namespaces are available for all organizations (for example, “Email” and “ECID”), while your organization can also create custom namespaces to suit its particular needs.

For more information about identity namespaces in Experience Platform, see the identity namespace overview.

Submitting requests

The sections below outline how to make privacy requests for Identity Service using the Privacy Service API or UI. Before reading these sections, it is strongly recommended that you review the Privacy Service API or Privacy Service UI documentation for complete steps on how to submit a privacy job, including how to properly format user data in request payloads.

Using the API

When creating job requests in the API, any IDs provided within userIDs must use a specific namespace and type. A valid identity namespace recognized by Identity Service must be provided for the namespace value, while the type must be either standard or unregistered (for standard and custom namespaces, respectively).

In addition, the include array of the request payload must include the product values for the different data stores the request is being made to. When making requests to Identity, the array must include the value Identity.

The following request creates a new privacy job under the GDPR for a single customer’s data in the Identity store. Two identity values are provided for the customer in the userIDs array; one using the standard Email identity namespace, and the other using an ECID namespace, It also includes the product value for Identity (Identity) in the include array:

curl -X POST \ \
  -H 'Authorization: Bearer <key>' \
  -H 'Content-Type: application/json' \
  -H 'x-api-key: acp_privacy_ui_gdpr' \
  -H 'x-gw-ims-org-id: sample@AdobeOrg' \
  -d '{
    "companyContexts": [
        "namespace": "imsOrgID",
        "value": "sample@AdobeOrg"
    "users": [
        "key": "bob",
        "action": ["delete"],
        "userIDs": [
            "namespace": "email",
            "value": "",
            "type": "standard"
            "namespace": "ECID",
            "type": "standard",
            "value":  "123451234512345123451234512345",
            "isDeletedClientSide": false
    "include": ["Identity"],
    "regulation": "gdpr"

Using the UI

When creating job requests in the UI, be sure to select Identity under Products in order to process jobs for data stored in Identity Service.


Delete request processing

When Experience Platform receives a delete request from Privacy Service, Platform sends confirmation to Privacy Service that the request has been received and affected data has been marked for deletion. The deletion of the individual identity is based on provided namespace and/or ID value. Furthermore, the deletion takes place for all sandboxes associated with a given IMS Organization.

Next steps

By reading this document, you have been introduced to the important concepts involved with processing privacy requests in Identity Service. For information on processing privacy requests for other Experience Cloud applications, see the document on Privacy Service and Experience Cloud applications.

On this page