Supported Data Request Types for Adobe Advertising

Adobe Experience Platform provides the ability for businesses to complete the following tasks:

  • Access a data subject’s cookie-level data or device ID-level data (for ads in mobile apps) within Search, Social, & Commerce, Creative, DSP, or DCO.
  • Delete cookie-level data stored within Search, Social, & Commerce, Creative, DSP, or DCO for data subjects using a browser; or delete ID-level data stored within DSP for data subjects using apps on mobile devices.
  • Check the status of one or all existing requests.

Required Setup to Send Requests for Adobe Advertising

To make requests to access and delete data for Adobe Advertising, you must:

  1. Deploy a JavaScript library to retrieve and remove your data subject cookies. The same library, AdobePrivacy.js, is used for all Adobe Experience Cloud solutions.

    IMPORTANT
    Requests to some Experience Cloud solutions don’t require the JavaScript library, but requests to Adobe Advertising require it.

    You should deploy the library on the webpage from which your data subjects can submit access and delete requests, such as your company’s privacy portal. The library helps you retrieve Adobe cookies (namespace ID: gsurferID) so that you can submit these identities as part of access and delete requests via the Adobe Experience Platform Privacy Service API.

    When the data subject asks to delete personal data, the library also deletes the data subject’s cookie from the data subject’s browser.

    NOTE
    Deleting personal data is different than Opt-Out, which stops the targeting of an end user with audience segments. However, when a data subject asks to delete personal data from Creative, DSP, or DCO, the library also sends a request to Adobe Advertising to opt out the data subject from segment targeting. For advertisers with Search, Social, & Commerce, we recommend that you provide the data subjects a link to https://www.adobe.com/privacy/opt-out.html, which explains how to opt out of audience segment targeting.
  2. Identify your Experience Cloud organization ID and make sure it’s linked to your Adobe Advertising accounts.

    An Experience Cloud organization ID is a 24-character alphanumeric string appended with “@AdobeOrg.” Most Experience Cloud customers have been assigned an organization ID. If your marketing team or internal Adobe system administrator doesn’t know your organization ID, or isn’t sure if it’s been provisioned, then contact Adobe Customer Care at gdprsupport@adobe.com. You’ll need the organization ID to submit requests to the Privacy API using the imsOrgID namespace.

    IMPORTANT
    Contact your company’s Adobe Advertising representative to confirm that all of your organization’s Adobe Advertising accounts — including DSP accounts or advertisers, Search, Social, & Commerce accounts, and Creative or DCO accounts — are linked to your Experience Cloud organization ID.
  3. Use either the Adobe Experience Platform Privacy Service API (for automated requests) or the Privacy Service UI (for ad-hoc requests) to submit access and delete requests to Adobe Advertising on behalf of the data subjects, and to check the status of existing requests.

    For advertisers who have a mobile app to interact with data subjects and launch campaigns with DSP, you must download the Privacy-ready Mobile SDKs for Experience Cloud. The Mobile SDKs allow data controllers to set opt-out status flags, retrieve the data subject’s device ID (namespace ID: deviceID), and submit requests to the Privacy Service API. Your mobile app will require an SDK Version 4.15.0 or greater.

    When you submit a data subject’s access request, the Privacy Service API returns a data subject’s information based on the specified cookie or device ID, which you then must return to the data subject.

    When you submit a data subject’s delete request, the cookie ID or device ID and all cost, click, and revenue data associated with the cookie are deleted from the server.

    NOTE
    If your company has multiple Experience Cloud organization IDs, then you must send separate API requests for each. You can, however make one API request to multiple Adobe Advertising sub-solutions (Search, Social, & Commerce, Creative, DSP, and DCO), with one account per sub-solution.

All of these steps are necessary for Adobe Advertising. For more information about these and other related tasks you need to perform using the Adobe Experience Platform Privacy Service, and where to find the necessary items, see “Privacy Service overview.”