From the Subject Request section of the Ethyca Control Panel, your team can efficiently organize, process, and respond to the data subject requests that your company receives. We’ll now take a look at what a typical data subject request flow looks like using Ethyca.
On the backend of this Privacy Center, the Ethyca Control Panel empowers your business to manage data privacy effectively and automatically. From the Subject Request section of the Ethyca Control Panel, your team can efficiently organize, process, and respond to the data subject requests that your company receives. We’ll now take a look at what a typical data subject request flow looks like using Ethyca.
The expectation here, on the user’s side, is that they will be provided with all of the personal data that your company is currently processing about them. The obligation is that your company will provide this within a reasonable timeframe according to the specific data privacy law that applies in the user’s jurisdiction.
3. As soon as the user submits the details of their access request and verifies their identity through your Privacy Center, your team will receive the request in their Ethyca-powered Control Panel on the backend.
You can review all requests and their statuses in the “Subject Request” section of the Control Panel.
4. Once Ethyca has processed the user’s request, they will automatically receive an email confirming that it has been processed and providing them with a link to view and download all of the personal data that your company is currently processing. If no records of the user can be found in your databases, then the user will receive an automated email informing them that there is no data associated with the details that they have provided. They’ll also be prompted to provide alternative details if they still believe that their data is being processed by your company (for example, they may choose to enter a different email address when submitting the request).
5. After the user clicks on the download option in the email, they will be redirected to your company’s privacy centre. From here they will have access to view and download a copy of each category of personally identifiable information that your organization is processing about them.
If you have any questions about processing data subject requests or about using Ethyca’s data privacy platform, please feel free to reach out and we’d be happy to help!
A ‘data subject request’ is a request that a user can make in relation to the personal data which are being ‘processed’ about them by an organization. These requests are a fundamental part of a data subject’s rights and they are enforced by prominent data privacy law all over the world, such as General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Brazil’s Lei Geral de Proteção de Dados (LGPD). Failure to address data subject requests can result in serious fines and severely damage your company’s reputation. For these reasons, it’s crucial that every organization that processes personal data has an efficient system in place to manage them effectively.
Below is a list of the data subject rights imposed by GDPR, CCPA, and LGPD which afford the user certain entitlements that they can exercise by making a data subject request.
|• The right to be informed
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object to processing
• The rights in relation to automated decision making and profiling
|• The right to notice
• The right to know
• The right to delete
• The right to data portability
• The right to opt-out
• The right to opt in (for minors)
• The right not to be subject to discrimination for the exercise of rights
|• The right to confirmation of the existence of the processing
• The right to access the data
• The right to correct incomplete, inaccurate or out-of-date data
• The right to anonymize, block, or delete unnecessary or excessive data or data that is not being processed in compliance with the LGPD
• The right to the portability of data to another service or product provider, by means of an express request
• The right to delete personal data processed with the consent of the data subject
• The right to information about public and private entities with which the controller has shared data
• The right to information about the possibility of denying consent and the consequences of such denial
• The right to revoke consent
Introducing consent management in Fides 2.0. With the coming state privacy laws in 2023, your business needs to have granular control over users’ data and their consent preferences. Learn more about how Fides can enable this for your business, for free.
Ethyca launched its privacy engineering meetup, P.x, where Fides Slack Community members met and interacted with the Fides developer team. Two of our Senior Software Engineers, Dawn and Steve, gave presentations and demos on the importance of data minimization, and how Fides can make data minimization easier for teams. Here, we’ll recap the three main points of discussion.
We enjoyed two great days of security and privacy talks at this year’s Symposium on Usable Privacy and Security, aka SOUPS Conference! Presenters from all over the world spoke both in-person and virtually on the latest findings in privacy and security research.
At Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
The UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Our team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!Get a Demo