Administering data subject rights requests

The EU General Data Protection Regulation (GDPR) defines any identified or identifiable person as a data subject. To enable personalization on the websites on which you install Personalization, it may store personal data, which based on the GDPR can be broadly defined, as demonstrated in the following information from Article 4 (1):

“[Any] information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” Some examples of personal data include, but are not limited to: name, personalized email address, mailing address, phone number, dynamic and static IP addresses etc.

GDPR allows data subjects specific rights (also known as data subject rights) relating to the storage and handling of any gathered data about them.

To ensure your needs about the management, reporting, and removal of data subject information are met per the requirements of GDPR, Personalization includes several methods you can use to complete the required tasks as described in the following documentation, along with more information about how Personalization stores personal data.

How Personalization obtains and stores personal data

Personalization uses both profile fields and identifiers to store personal information for data subjects described in the following sections.

Profile fields

Personalization tracks visitors to websites as profiles. You can view the profiles in the Personalization interface by clicking the Personalize tab, and the People link.

For more information about profiles fields, see the following resources:


Identifiers are used to identify and track visitor profiles. Some identifiers are resolvable, which means their value is unique for an individual. An example of a resolvable identifier is email address. Some identifiers are non-resolvable, which means their values are not unique across profiles (such as name).

Personalization assigns a default, resolvable identifier (tracking ID) to each visitor profile. Use API endpoints to configure other identifier values for profiles (such as email address, name, and Facebook ID).

For more information about profiles fields, see the following resources:

Personalization default data collection with Drupal module

For websites using the Personalization Drupal module, the following attributes are collected by default, without any configuration, about the visitor and their behavioral activity.


Individual implementations may choose to collect more or less data about visitors and their behavior patterns at their discretion. The following table represents only the default data collected by Personalization.



Content Title

Acquia: Experience Digital Freedom


Referring URL

User Agent String

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36

Client Timezone


Visitor IP

Content Type

Landing page

Page Type

Node page

Post ID


Content UUID


Content Language


Content Published Date


Data subject rights

Data subjects may be users of the Personalization group of products, visitors of websites using Personalization (which can include hosted subscribers), or potentially both.

Data subject rights for users

Using the Personalization interface, you can read, remove, or rectify the gathered data for users. Depending on your needs, you can also use the Users API endpoint to complete the tasks.

Data subject rights for visitors

The following table describes how Personalization product users administer the data subject rights for visitors:



Right to be informed

Personalization identifies visitors based on browser cookies, and Personalization users configure the visitor data obtained. Personalization users must communicate both the data gathered to website visitors and to the users’ privacy policies.

Right of access

Personalization users can use either the Visitor Query API endpoint or a file export from Personalization to view gathered information relating to a visitor profile.

Right to rectification

To change person fields, users can either use the updatePerson JavaScript function or do a file import with updatePerson as event_name. To change identifiers, users can use a combination of the PUT and DELETE endpoints of the capture identity API.

Right to erasure

Using the File Import API, users can import a purgePerson event to erase a specific visitor profile. The process removes any personal identifiers from the profile (including the tracking ID, email address, and name) and invalidates the profile by assigning it an anonymous tracking ID.

Right to restrict processing

Personalization provides a setDoNotTrack flag for visitors. Configuring the flag causes Personalization to gather no data for the profile.

Users can configure the setDoNotTrack flag with custom website code, by providing visitors a checkbox which will trigger turning on/off the value of the setDoNotTrack flag. For more information, see setDoNotTrack - Personalization JavaScript API.

Right to data portability

Personalization allows users to bulk export visitor data as comma-separated value (CSV) files to S3 storage on Amazon Web Services (AWS) by using either the Personalization interface or an API endpoint. Alternately, Personalization users can use the Visitor Query API endpoint to fetch data relating to individual visitor profiles.

Right to object

You can configure the setDoNotTrack flag for individual visitors when Personalization users want to pause processing for those visitors. For more information about the setDoNotTrack flag, see setDoNotTrack - Personalization JavaScript API.

Rights in relation to automated decision making and profiling

Personalization users define both the data collection parameters and how to use those parameters for defining segments. Users decide which content is served to which segment. Acquia suggests users (as a part of their own GDPR efforts) have their own policies answering profiling-and-decision-making-related queries from their data subjects.