• Blog

How To Talk To Users About Their Privacy Requests

One of the first questions a business asks when they receive a privacy-related request from a user is: “how do we respond”? This guide contains templates for different types of privacy communication between privacy teams and their customers.

Communicating with your users regarding their privacy requests is an important part of running a best-practice privacy operation. But if you’re just getting started managing these requests, simply choosing the correct language can be its own unique challenge. We’ve prepared some examples that can serve any business hoping to smoothly manage subject requests. Each can be used to communicate with a subject that has filed any type of DSR…

One of the first questions a business asks when they receive a privacy-related request from a user is: “how do we respond”? This guide contains templates for different types of privacy communication between teams and their customers.

Confirmation of Request

Used to officially confirm to the user that their request has been received.

Identity Verification – Device/Inbox

It may be sufficient to demonstrate or ensure that the Subject has access to the inbox or device for which they are claiming access. For instance, if a Subject requests to access or erase their data for john.smith@gmail.com, this may be verified by sending them an email and asking them to reply from this address to confirm approval of the request. The following message should be used to verify the user has ownership/access to the inbox or device associated with the identity for which they have made the subject request.

Identity Verification – Known Points of Information

If the business feels greater caution than Inbox Verification is necessary, a set of fixed questions may be asked to verify information the business already knows about the user. For example, as an e-commerce business,  you might ask the user to confirm the date of their last order, the order number, and the dollar value.

Confirmation of Identity

Use this template to confirm successful identity verification and that processing will continue.

 

Conclusion

The topics these templates cover will often be the first interaction with users regarding their privacy relationship with your business. Adapting each of these templates to your company’s needs will ensure that a positive foundation is in place for ongoing respectful privacy management.

  • Ethyca announces fundraise, doubles annual revenue with new enterprise clients, and reveals new brand.

    Read More
  • Today we’re announcing faster and more powerful Data Privacy and AI Governance support

    Read More
  • See new feature releases enhancing user experience, adding new integrations and support for IAB GPP

    Read More
  • Learn more about the privacy and data governance enhancements in Fides 2.27 here.

    Read More
  • Read Ethyca’s CEO Cillian Kieran describe why and how an open data governance ontology enables companies to comply with data privacy regulations and frameworks.

    Read More
  • Ethyca sponsored the Unpacking Privacy Engineering for Lawyers webinar for the Interactive Advertising Bureau (IAB) on December 14, 2023. Our CEO Cillian Kieran moderated the event and ran a practical discussion about how lawyers and engineers can work together to solve the technical challenges of privacy compliance. Read a summary of the webinar here.

    Read More

Ready to get started?

Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!

Speak with Us

Sign up to our Newsletter

Stay informed with the latest in privacy compliance. Get expert insights, updates on evolving regulations, and tips on automating data protection with Ethyca’s trusted solutions.