Customer Attributes Support for General Data Protection Regulation

Documentation Experience Cloud interface and administration guide

Last update: Fri Apr 26 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Customer Attributes

CREATED FOR:

Experienced
Admin

This page describes how Customer Attributes supports General Data Protection Regulation (GDPR).

IMPORTANT

The contents of this document are not legal advice or meant to substitute for legal advice. Consult with your legal counsel for advice concerning GDPR.

The , a law in effect May 25, 2018, gives all individuals (data subjects) within the borders of the European Union (EU) control of their personal data. It also simplifies the regulatory environment for international business. This law applies to all businesses (data controllers) that offer goods or services to, monitor the behavior of, or collect personal data from individuals within the borders of the EU at the time their personal data is processed, regardless of the data controllerâ€™s business location.

ÃÛ¶¹ÊÓÆµ Experience Cloud acts as a data processor for any personal data it receives and stores on behalf of its customers. As a data controller, you determine the personal data that ÃÛ¶¹ÊÓÆµ Experience Cloud processes and stores on your behalf.

This document describes how Customer Attributes supports your data subjectsâ€™ GDPR data access and deletion rights using the ÃÛ¶¹ÊÓÆµ Experience Platform Privacy Service API and Privacy Service UI.

For more information about what GDPR means for your business, see .

Required setup to send requests for Customer Attributes

To make requests to access and delete data for Customer Attributes, you must:

Identify the following:
- Organization ID
- Alias ID of CRS Data Source you want to act on
- CRM ID of the profile you want to act on
Your organization ID is a 24-character alphanumeric string appended with @ÃÛ¶¹ÊÓÆµOrg. You need the organizationâ€™s ID to submit requests to the Privacy API. Contact ÃÛ¶¹ÊÓÆµ Customer Care at gdprsupport@adobe.com if you cannot locate the ID.
In Privacy Service, you can submit Access and Delete requests to Customer Attributes, and check the status of existing requests.

Required field values in Customer Attributes JSON requests

â€œcompany contextâ€:

â€œn²¹³¾±ð²õ±è²¹³¦±ðâ€: imsOrgID
â€œvalueâ€: <your IMS Org ID value>

â€ÎÐ²õ±ð°ù²õâ€:

â€œkeyâ€: <usually the name of the customer>
â€œactionâ€: either access or delete
â€œuser IDsâ€:
- â€œn²¹³¾±ð²õ±è²¹³¦±ðâ€: <Alias ID of CRS Data Source>
- â€œt²â±è±ðâ€: integrationCode
- â€œvalueâ€: <CRM ID>
â€œi²Ô³¦±ô³Ü»å±ðâ€: CRS (which is the ÃÛ¶¹ÊÓÆµ product that applies to the request)
â€œr±ð²µ³Ü±ô²¹³Ù¾±´Ç²Ôâ€: gdpr (which is the privacy regulation that applies to the request)

Example of JSON request

{
  "companyContexts": [
    {
      "namespace": "imsOrgID",
      "value": "<IMS_ORG_ID>"
    }
  ],
  "users": [
    {
      "key": "<KEY>",
      "action": [
        "<access/delete>"
      ],
      "userIDs": [
        {
          "namespace": "<Alias ID of CRS Data Source>",
          "type": "integrationCode",
          "value": "<CRM ID>"
        }
      ]
    }
  ],
  "regulation": "<gdpr/ccpa/pdpa>",
  "include": [
    "CRS"
  ]
}

Data Fields returned for access requests

attributes:
{
"value": "<*value*>",
"key": "<*key*>",
"displayName": "<*displayName*>"
}

recommendation-more-help

872fc4ed-f5f7-4b59-a6f8-4ddabe5aac1f