Identity data labels
Identity data “I” labels are used to categorize data that can identify or contact a specific person.
Label | Definition | Other Requirements |
---|---|---|
I1 | Directly identifiable: Data that can specifically identify or enable direct contact with an individual, such as a name or an email address. |
|
I2 | Indirectly identifiable: Data that can be used in combination with any other data to identify or enable direct contact with an individual or device. Does not allow identification of an individual by itself, but can be combined with other information (that may or may not be in your possession) to identify someone. Examples include a customer loyalty number, or an ID used by a company’s CRM system that is unique for each of their customers. |
|
Sensitive data labels
Sensitive data “S” labels are used to categorize sensitive data such as geographic data. Additional Sensitive Data labels will be introduced in the future to identify other types of sensitive information.
Label | Definition |
---|---|
S1 | Precise geo-location data related to latitude and longitude that can be used to determine the exact location of a device (within 100 meters or less). |
S2 | Geo-location data that can be used to determine a broadly defined geo-fence area. |
Data Governance labels (Data Privacy)
Data Governance labels provide users the ability to classify data that reflects privacy-related considerations and contractual conditions to help Adobe’s customers remain compliant with regulations and corporate policies.
Data Privacy Access labels
Label | Definition | Other Requirements |
---|---|---|
None | Select this option if this variable does not contain data that must be included in data returned to the Data Subject as part of a Data Privacy access request. | |
ACC-ALL | Values in this field should be included in all Data Privacy access requests. If this hit came from a device shared by multiple individuals, by applying this label, you, as the data controller, are indicating that it is acceptable to share the data in this field with any individual who had access to the shared device. | Fields with this label will be returned for all Data Privacy requests. |
ACC-PERSON | Values in this field should be included only for Data Privacy access requests when you are reasonably certain that the hit was from the Data Subject, as determined by a Data Privacy request ID matching an ID-PERSON field’s value. | You must also have an ID-PERSON label set on some variable within this report suite, and submit requests using that ID, or this label will never apply. |
While few variables will receive any of the other labels, it is expected that access labels will be applied to many of your variables. However, it is up to you, in consultation with your Legal team, to decide which data you have collected should be shared with Data Subjects.
Data Privacy Delete labels
Unlike the other labels, these Delete labels are not mutually exclusive. You can select either, both or none. A separate None label is not necessary, because None is indicated simply by not checking either of the Delete options.
A Delete label is required only for fields that contain a value that would allow a hit to be associated with the Data Subject (i.e. that would allow identification of the Data Subject). Other personal information (favorites, browsing/purchase history, health conditions, etc.) does not need to be deleted since the association with the Data Subject will be severed.
Label | Definition | Other Requirements |
---|---|---|
DEL-DEVICE | For Data Privacy delete requests, values in this field should be anonymized only for requests where a specified ID-DEVICE is present in the hit. If the same value occurs on other hits that are not being deleted, then those other instances will not be changed. This will result in the counts changing for reports which compute unique counts on this field. On shared devices, this may remove identifiers for other individuals, beyond just the Data Subject. Counts do not change if this field also has an ID-DEVICE label and the value in this field was used as an ID for the Data Privacy request. |
|
DEL-PERSON | For Data Privacy delete requests, values in this field should be anonymized only for requests where a specified ID-PERSON is present in the hit. If the same value occurs on other hits that are not being deleted, then those other values will not be changed. This will result in the counts changing for reports that compute unique counts on this field. Counts will not change if this field also has an ID-PERSON label and the value in this field was used as an ID for the Data Privacy request. |
|
Data Privacy Identity labels
Label | Definition | Other Requirements |
---|---|---|
None | This variable does not contain an ID that will be used for Data Privacy requests. | You need to set one of these other labels only if this field contains an ID that you will use when submitting access or delete requests through the Privacy Service API or UI. |
ID-DEVICE | This field contains an ID that can be used to identify a device for a Data Privacy request, but cannot distinguish between different users of a shared device. You do not need to specify this label for all variables that contain IDs (that is what the I1/I2 labels are for). Use this label if you submit Data Privacy requests using IDs stored in this variable and want to search this variable for the specified ID. |
Also requires I1 or I2 label.
|
ID-PERSON | This field contains an ID that can be used to identify an authenticated user (a specific person) for a Data Privacy request. You do not need to specify this label for all variables that contain IDs (that is what the I1/I2 labels are for). Use this label if you will submit Data Privacy requests using IDs stored in this variable and want to search this variable for the specified ID. |
|