About Privacy requests privacy-requests

For a general presentation on Privacy Management, refer to this section.

This information applies to GDPR, CCPA, PDPA, and LGPD. For more on these regulations, see this section.

The opt-out for the Sale of Personal Information, which is specific to CCPA, is explained in this section.

In order to help you facilitate your Privacy readiness, Adobe Campaign allows you to handle Access and Delete requests. The Right to Access and the Right to be Forgotten (delete request) are described in this section.

Adobe Campaign offers Data Controllers two possibilities for performing Privacy Access and Delete requests:

  • Via the Adobe Campaign interface: for each Privacy request, the Data Controller creates a new privacy request in Adobe Campaign. See this section.
  • Via the API: Adobe Campaign provides an API that allows the automatic process of Privacy requests using SOAP. See this section.
For more on personal data and on the different entities that manage data (Data Controller, Data Processor and Data Subject), see Personal data and Personas.

Prerequisites prerequesites

Adobe Campaign offers Data Controllers tools to create and process Privacy requests for data stored in Adobe Campaign. However, it is the Data Controller’s responsibility to handle the relationship with the Data Subject (email, customer care or a web portal).

It is therefore your responsibility as a Data Controller to confirm the identity of the Data Subject making the request and to confirm that the data returned to the requester is about the Data Subject.

Installing the Privacy package install-privacy-package

In order to use this feature, you need to install the Privacy Data Protection Regulation package via the Tools > Advanced > Import package > Adobe Campaign Package menu. For more information on how to install packages, refer to the detailed documentation.

Two new folders, specific to Privacy, are created under Administration > Platform:

  • Privacy Requests: this is where you will create your Privacy requests and track their evolution.
  • Namespaces: this is where you will define the field that will be used to identify the Data Subject in the Adobe Campaign database.

In Administration > Production > Technical workflows, three technical workflows run every day to process Privacy requests.

  • Collect privacy requests: this workflow generates the recipient’s data stored in Adobe Campaign and makes it available for download in the privacy request’s screen.
  • Delete privacy requests data: this workflow deletes the recipient’s data stored in Adobe Campaign.
  • Privacy request cleanup: this workflow erases the access request files that are older than 90 days.

In Administration > Access Management > Named rights, the Privacy Data Right named right has been added. This named right is required for Data Controllers in order for them to use privacy tools. This allows them to create new requests, track their evolution, use the API, etc.

Namespaces namesspaces

Before creating Privacy requests, you need to define the namespace you will use. This is the key that will be used to identify the Data Subject in the Adobe Campaign database.

Three namespaces are available out-of-the-box: email, phone and mobile phone. If you need a different namespace (a recipient custom field, for example), you can create a new one from Administration > Platform > Namespaces.

For optimal performance, it is recommended to use out-of-the-box namespaces.