Information for: DEVELOPERS   PARTNERS   SUPPORT

Data Erasure Requests

Purpose

With this feature, you can purge or anonymize the personally identifiable information (PII) of individuals to have GDPR, CCPA, or other regulatory compliance. To erase the data of even a single individual in CDP, the system reads all PII data across all data stores, and rewrites a significant volume of data. This is a resource intensive process that should not be used for data rectification purposes, as rectifying data does not require updating all PII data across all data stores and can be performed in an efficient manner. Acquia recommends against misusing this feature for purposes other than the regulatory compliance.

Timelines

Acquia is committed to act on GDPR and CCPA data erasure requests in a reasonable time of receiving the request. You must provide a sufficient lead time to process data erasure requests. Since purging PII data is a resource intensive process, data erasure requests process in batches. Completion timelines vary across requests.

Data erasure requests from data subjects

By default, Acquia acts on data erasure requests from a data subject in 30 days of receiving a request. This happens unless the client requests for additional urgency. CDP needs at least 14 days to validate, schedule, and process data erasure requests.

Lapse in lawfulness of processing (GDPR only)

CDP considers the data erasure requests from data subjects as urgent. A lapse in lawfulness of processing cannot be considered as a reason for urgency because these situations should be properly planned and communicated in advance. To allow sufficient time to purge the data, submit data erasure requests at least 60 days before a lapse in lawfulness of processing.

Data handling

What data is purged or anonymized

The following data is purged:

  • Customer and customer address cross-reference
  • Event
  • Campaign history
  • Campaign output
  • Report output
  • Data export output
  • Custom entities containing PII

The following data is anonymized:

  • Transactions: Anonymized by removing customer identifiers and marking the transaction as anonymous.

Where

The following CDP data stores are managed:

  • Data Warehouse Layer
  • Business Intelligence Layer
  • Campaigns, Reports, and Exports
  • Metrics and Interactive Queries
  • 360 Search
  • 360 Profiles

The following CDP data stores are unmanaged, so they enforce less than 30 days retention policies:

  • CDP SFTP
  • CDP AWS S3 Buckets
  • Sparse Layer

Enabling GDPR data erasure

To enable GDPR data erasure, contact Acquia support. CDP users with the CDP production access role: Vega-full prod access are the only users who can request access to this feature. After getting access, CDP users can grant access to other users.

Making a data erasure request

CDP offers a simple and self-service process for filing data erasure requests, and provides visibility to the status of data erasure requests.

A data erasure request can include a maximum of 200 identities. If you try to include more than 200 identiies in a request, the system displays an error. For more information, see Unable to create a batch with more than 200 records in data erasure.

These identities can belong to one or more customer profiles. Therefore, CDP allows you to create data erasure requests to delete identities that belong to one or more customers.

As a CDP user, you can make unlimited data erasure requests to manage compliance.

You can make a GDPR data erasure request in the following ways:

Creating a data erasure request for a single customer

You can create data erasure requests to delete one or more identities of your customers.

To delete customer identities:

  1. Sign in to the CDP user interface.

  2. In the navigation pane, click 360 Profiles.

    filter

  3. Search for a specific customer profile by using filters.

    Based on your search criteria, CDP displays the results at the bottom of the page.

    filter-results

  4. Select a specific customer from the search results.

  5. Click the Identities tab.

    CDP displays a card for each source system containing the customer, including details of the customer’s profile.

    identities

  6. To delete a single identity, click Delete corresponding to the identity.

    To delete multiple identities of a single customer, click Delete Multiple.

  7. In Date of Customer Request, select the date when your customer requested for deletion of data. Note that CDP allows you to select a date no later than a month old.

  8. In Reason, do one of the following:

    • Select GDPR Compliance.
    • Select Other and specify the reason.
  9. In Review Identities, select the customer identities that you want to delete. Alternatively, you must clear all the identities that you do not want to delete.

    Note

    If a customer profile has a single identity, you cannot clear the selection of that identity. In other words, you cannot create a data erasure request without any identity.

  10. Click Submit Request to initiate the data erasure process. After you submit the request, CDP displays a message with a request ID, the number of identities that are registered for deletion, and the number of profiles that are skipped. Identities are skipped if they are already submitted earlier.

  11. Access the status page to view the request in the Pending status. After all the records are deleted, the status is updated to Completed. The system removes all customer records from all data stores.

Creating a data erasure request for multiple customers

To delete identities for multiple customers:

  1. Sign in to the CDP user interface.

  2. In the navigation pane, click Data Erasure.

  3. Click Create Delete Request to start a data erasure request.

    delete-request

  4. Search for one or more customer profiles by using filters. Note that CDP uses the AND operator for more than one filter. If you do not find the profiles you are looking for, adjust the filters.

  5. Select the checkbox next to each profile in your results, and click Add to Request.

    add-to-request

    As you select additional profiles, the number of total selected profiles is displayed at the top of the New Delete Request page. In addition, the selected profiles are disabled.

    total-profiles

  6. To add more profiles, repeat the preceding steps. You cannot submit more than 200 identities at a time. For more information, see Unable to create a batch with more than 200 records in data erasure.

  7. After you add all the profiles that you want to delete, click Review and Submit Request to review and complete the required fields.

    review-and-submit

    CDP displays the Profile Delete Review page. You can view the total number of profiles and the identities in each profile. You can update the request to include or exclude specific profiles or identities. To update your request, do one of the following:

    • Clear the checkbox next to any customer profile or identity.
    • Click the Kebab menu icon next to a profile and remove all of the customer’s identities associated with that profile.

    profiles-identities

  8. In Date of Customer Request, select the date when your customer requested for deletion of data. Note that CDP allows you to select a date no later than a month old.

  9. In Reason for Request, do one of the following:

    • Select GDPR Compliance.
    • Select Other and specify the reason.
  10. Click Submit to initiate the data erasure process. After you submit the request, CDP displays a message with a request ID, the number of identities that are registered for deletion, and the number of profiles that are skipped. Identities are skipped if they are already submitted earlier.

  11. Access the status page to view the request in the Pending status. After all the records are deleted, the status is updated to Completed. The system removes all customer records from all data stores.

Note

After the retention period:

  • GDPR status is removed from the GDPR request status list.
  • If a new request is received when a request with identical profiles or identities already exists, the new request is skipped.
  • If a new request is received after the completion of the earlier request, the new version of the record is created. The data erasure request store retains the last five versions of the records. However, only the latest data erasure request status is available to users.

Filtering data erasure requests

CDP allows you to leverage multiple filtering options to locate your data erasure requests.

To filter your results:

  1. Sign in to the CDP user interface.

  2. In the navigation pane, click Data Erasure.

    filtering-results

  3. In Request ID, specify the ID for your data erasure request.

  4. In Customer ID, specify your customer ID.

  5. In Created On, specify the date when the data erasure request is created.

  6. In Expiration Date, specify the date by which the system fulfills the request. By default, the expiration date is 30 days from the Created On date.

  7. In Status, select one of the following:

    • Pending: The data erasure request is pending. A data erasure request can only be canceled or changed when it is in the Pending status. After a request is complete, you cannot restore the data.
    • In Progress: The data erasure request is currently in progress.
    • Completed: The data erasure request is complete and data is deleted.
  8. Click Apply.

    CDP displays the data erasure request according to the specified filter criteria. Note that CDP uses the AND operator for more than one filter. If you do not find your request, adjust the filters.

Canceling a data erasure request

You can cancel a data erasure request when its status is Pending.

To cancel a request:

  1. Sign in to the CDP user interface.

  2. In the navigation pane, click Data Erasure.

  3. Locate the data erasure request that you want to cancel. Note that the status of the request must be Pending. You can also use filters to locate all the requests with Pending status. For more information, see Filtering data erasure requests.

    cancelling-data-erasure-request

  4. Click the Kebab menu icon next to the data erasure request.

  5. Click Cancel Request.

    CDP displays a confirmation message.

  6. Click Continue and Remove.

    CDP cancels the request.

Viewing data erasure requests

To view data erasure requests created through the Data Erasure or 360 Profiles tab:

  1. Sign in to the CDP user interface.

  2. In the navigation pane, click Data Erasure.

  3. Filter your results. For more information, see Filtering data erasure requests.

    Based on your filter criteria, the system displays the relevant data erasure requests with the following information:

    • Request ID
    • Customer ID
    • Created On
    • Requested On
    • Expiration Date
    • Created By
    • Status
    • Reason
    • Origin
    • Completed On

Limitations

CDP cannot process bulk data erasure requests. For bulk requests due to lapse in lawfulness, data rectification, or any other reason requiring purging high volume of data, use the bulk purge process.

Relevant articles