How privacy access and delete requests are processed in Adobe Experience Platform
Privacy regulations such as GDPR, CCPA, and LGPD require organizations to process access and delete requests for personal data. Adobe Experience Platform automates these operations through its Privacy Service, eliminating manual intervention and safeguarding customer data from unrestricted access. To do this, submit your request through the platform workflow and verify completion using reporting tools.
Description description
Environment
Adobe Experience Platform (AEP)
Issue/Symptoms
- Questions about whether privacy access and delete requests are processed manually or automatically.
- Concerns about Adobe engineers having direct access to customer data during these operations.
Resolution resolution
- Submit a privacy access or delete request (e.g., GDPR, CCPA, LGPD) through the designated workflow in Adobe Experience Platform.
- The backend system automatically processes the request without manual intervention from Adobe engineers.
- Customer data is not manually updated by Adobe engineers during this process.
- Adobe engineers do not have direct, unrestricted access to customer data when handling GDPR-related requests.
- Verify that the requested action completes successfully using the platform’s reporting or notification
- Verify that the requested action completes successfully using the platform’s reporting or notification tools.
Notes
-
The data controller(you, the customer) determines:
- Which identities belong to the data subject.
- Which Adobe products and data sets should be in scope.
-
Adobe acts as a data processor, automatically executing your instructions across the relevant services.
-
Once a request is created, Privacy Service orchestrates the request to each subscribed Adobe solution automatically. Adobe engineers don’t manually pull data or make ad-hoc edits to records.
-
For more information, see the Privacy Service overview.