Put simply, a Data Use Case is a business purpose for which data is collected, transformed, processed, or stored. It is the term Ethyca uses to refer to what GDPR calls Data Processing Activities and CCPA refers to as the building blocks of Data Inventory.
Put simply, a Data Use Case is a business purpose for which data is collected, transformed, processed, or stored. It is the term Ethyca uses to refer to what GDPR calls Data Processing Activities and CCPA refers to as the building blocks of Data Inventory. To comply with regulation, many companies define a similar term in their Data Processing Addenda.
A Data Use Case is the primary unit that Ethyca uses to map flows of data in your business. The sum total of all the Use Cases in your business is equivalent to the entirety of your business’s data map.
Put differently, Ethyca builds your data map by by visualizing all the different systems in all the different Data Use Cases for your business. In the data map diagram below (stylized for illustrative purposes) we show how a single Use Case can include multiple data integration and data lifecycle phases.
Once you’ve created an account with Ethyca, you’ll be prompted to create Data Use Cases for your organization. Each one is a descriptive name of the business purpose for which your organization uses certain data. Some common examples may include “SMS Marketing”, “Payment Processing” or “Account Management”.
Next, you’ll fill in details about each DUC, and by doing this, you’ll give Ethyca the information it needs to plot your business data map. The required fields you’ll need to fill out are:
Consent Required? | Does this DUC require consent from users in order to be executed? |
Personal Data Fields | What fields of personal data are involved in the execution of this DUC? |
Data Lifecycle Field(s) | What phases of data’s journey through your business does this DUC touch? You can learn more about classifying Data Lifecycle phases here. |
Opt-In Required? | As a second layer on top of the consent question, does this DUC require users to actively opt into the use of their data in order to be executed? |
Ethyca’s self-service onboarding flow will prompt you to set up Data Use Cases, but if you’re part of a large business, it’s unlikely you’ll be able to configure all the different ways your business uses data in one sitting.
Luckily, you can also create Data Uses Cases from the control panel in Ethyca’s app. In the Control Panel interface, you’ll see the same field options from above, along with a section for adding consent flags to the Data Use Case.
Consent flags are linked to users’ consent preferences in your company’s dedicated Privacy Center. If a user withdraws consent from an activity on the flag list – say “Marketing “SMS” – their data will no longer be used in this Data Use Case.
At Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
The UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Our team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
For privacy engineers to build privacy directly into the codebase, they need agreed-upon definitions for translating policy into code. Ethyca CEO Cillian unveils an open source system to standardize definitions for personal data living in the tech stack.
Masking data is an essential part of modern privacy engineering. We highlight a handful of masking strategies made possible with the Fides open-source platform, and we explain the difference between key terms: pseudonymization and anonymization.
The American Data Privacy and Protection Act is gaining attention as one of the most promising federal privacy bills in recent history. We highlight some of the key provisions with an emphasis on their relationship to privacy engineering.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Book a Demo