This article details the implementation steps for Privacy Management in Campaign Standard.

For a general presentation on Privacy Management, refer to this page.

Implementation steps for Adobe Campaign Classic are detailed in this page.

The configuration and usage of Access and Delete requests are common to both GDPR and CCPA.  The opt-out for the Sale of Personal Information, which is specific to CCPA, is explained in this section.

Turorials on privacy management are available here.

About Privacy Requests

In order to help you facilitate your Privacy readiness, Adobe Campaign now allows you to handle Access and Delete requests.

The Right to Access is the right for the Data Subject to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. The controller shall provide a copy of the personal data, free of charge, in an electronic format.

Also known as Data Erasure, the Right to be Forgotten (delete request) entitles the Data Subject to have the Data Controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.

Let's see how you can create Access and Delete requests and how Adobe Campaign processes them.

Principles

Adobe Campaign offers Data Controllers three possibilities for performing Privacy access and delete requests:

  • Via the Privacy Core Service integration: Privacy requests pushed from the Privacy Core Service to all Experience Cloud solutions are automatically handled by Campaign via a dedicated workflow.
  • Via the Adobe Campaign interface: for each Privacy request, the Data Controller creates a new privacy request in Adobe Campaign
  • Via the API: Adobe Campaign provides an API that allows the automatic process of Privacy requests using REST.

Caution:

The Privacy Core Service integration is the method you should use for all access and delete requests. Starting 19.4, the use of the Campaign API and interface for access and delete requests is deprecated. 

Prerequisites

Adobe Campaign offers Data Controllers tools to create and process Privacy requests for data stored in Adobe Campaign. However, it is the Data Controller's responsibility to handle the relationship with the Data Subject (email, customer care or a web portal). It is your responsibility as a Data Controller to confirm the identity of the Data Subject making the request and confirming the data returned to requester is about the Data Subject.

Managing Privacy Requests

Namespaces

Before creating Privacy requests, you need to define the namespace you will use. The namespace is the key that will be used to identify the Data Subject in the Adobe Campaign database. Out-of-the-box, two namespaces are available: email and mobile phone. If you need a different namespace (a profile custom field, for example), follow these steps.

Also refer to the tutorial on how to create a namespace.

Note:

If you use several namespaces, you will need to create one Privacy request per namespace.

  1. Click the Adobe Campaign logo in the top left corner, then select Administration > Namespaces.

    GDPR Namespace
  2. In the list of namespaces, click Create.

    GDPR Namespace 2
  3. Enter a Label.

    GDPR Namespace 3
  4. If you want to use an existing identity service namespace, choose Map from Identity Namespace Service and select a namespace in the Identity Service Namespaces field. If you want to create a new namespace in Identity Service and map it in Campaign, select Create new and enter a name in the Identity namespace name field. To learn more about identity namespaces, refer to this page.

  5. One Identity Service Namespace is mapped to one namespace in Campaign. You need to specify how the namespace will be reconciled in Campaign. Select a target mapping (Recipients, Real-time event or Subscriptions to an application). If you want to use several target mappings, you need to create one namespace per target mapping.

  6. Choose the Reconciliation key. This is the field that will be used to identify the Data Subject in the Adobe Campaign database.

     

  7. Click Create. You can now create Privacy requests based on your new namespace. If you use several namespaces, you will need to create one Privacy request per namespace.

     

Using the Privacy Core Service integration

Caution:

The Privacy Core Service integration is the method you should use for all access and delete requests. Starting 19.4, the use of the Campaign API and interface for access and delete requests is deprecated. 

Privacy Core Service Integration allows you to automate your Privacy requests in a multi-solution context through a single JSON API call. Privacy requests pushed from the Privacy Core Service to all Experience Cloud solutions are automatically handled by Campaign via a dedicated workflow.

Refer to https://adobe.io/apis/cloudplatform/gdpr.html to learn how to create Privacy requests from the Privacy Core Service.

Each Privacy core service job is split into multiple Privacy requests in Campaign based on how many namespaces are being used, one request corresponding to one namespace. Also, one job can be run on multiple instances. Therefore, multiple files are created for one job. For example, if a request has two namespaces and is running on three instances, then a total of six files are sent. One file per namespace and instance.

The pattern for a file name is : <InstanceName>-<NamespaceId>-<ReconciliationKey>.xml

InstanceName: the Campaign instance name

NamespaceId: Identity Service Namespace Id of the namespace used

Reconciliation key: Encoded reconciliation key

Create a Privacy request using Campaign's interface

Caution:

The Privacy Core Service integration is the method you should use for all access and delete requests. Starting 19.4, the use of the Campaign API and interface for access and delete requests is deprecated. 

Also refer to the tutorial on how to create and track your privacy requests.

Adobe Campaign allows you to create your Privacy requests and track their evolution. To create a new Privacy request, follow these instructions:

  1. Click the Adobe Campaign logo in the top left corner, then select Administration > Privacy tools.

    GDPR Creation
  2. This screen allows you to view all the current Privacy requests and their status. The left panel offers a search by label, status and type. Click Create to create a new Privacy request.

    GDPR Creation 2
  3. Enter a Label, select the Regulation (CCPA or GDPR), the Request type (Access or Delete), select a Namespace and enter the Reconciliation value. If you're using email as the namespace, type in the Data Subject's email.

    GDPR Creation 3

    The Privacy technical workflows run once every day and process each new request:

    • Delete request: the recipient's data stored in Adobe Campaign is erased.
    • Access requests: the recipient's data stored in Adobe Campaign is generated and made available as an XML file in the left part of the request screen.

    Also refer to the tutorial on privacy request worflows.

    GDPR Creation 7

List of resources

When performing a Delete or Access Privacy request, Adobe Campaign searches all the Data Subject's data based on the Reconciliation value in all the resources that have a link to the profiles resource (own type).

Here is the list of out-of-the-box resources that are taken into account when performing Privacy requests:

  • Profiles (recipient)

  • Profile delivery logs (broadLogRcp)

  • Profile tracking logs (trackingLogRcp)

  • Delivery logs (Subscriptions to an application) (broadLogAppSubRcp)

  • Tracking logs (Subscriptions to an application) (trackingLogAppSubRcp)

  • Subscriptions to an application (appSubscriptionRcp)

  • Subscription history of profiles (subHistoRcp)

  • Profile subscriptions (subscriptionRcp)

  • Visitors (visitor)

If you created custom resources that have a link to the profiles resource (own type), they will also be taken into account. For example, if you have a transaction resource linked to the profiles resource and a transaction details resource linked to the transaction resource, they will be both taken into account.

Also refer to the tutorial on how to modify custom resources.

For this to work, you need to select the Deleting the target record implies deleting records referenced by the link option in the custom resource:

  1. Click the Adobe Campaign logo in the top left corner, then select Administration > Development > Custom resources.

  2. Select a custom resource that has a link to the profiles resource (own type).

  3. Click on the Links section.

  4. For each link, click on the pencil icon (Edit properties).

  5. In the Behavior if deleted/duplicated section, select the Deleting the target record implies deleting records referenced by the link option.

    GDPR Custom resource

The different statuses of a request

Here are the different statuses for Privacy requests:

  • New / Retry pending: in progress, the workflow has not processed the request yet.
  • Processing / Retry in progress: the workflow is processing the request.
  • Delete pending: the workflow has identified all the recipient data to delete.
  • Delete in progress: the workflow is processing the deletion.
  • Delete Confirmation Pending: (Delete request in 2-steps process mode) the workflow has processed the Access request. Manual confirmation is requested to perform the deletion. The button is available for 15 days.
  • Complete: the processing of the request has finished without an error.
  • Error: the workflow has encountered an error. The reason appears in the list of privacy requests in the Request status column. For example, Error data not found means that no recipient data matching the Data Subject's Reconciliation value has been found in the database.

2-step process

By default, the 2-steps process is activated. When you create a new Delete request using this mode, Adobe Campaign always performs an Access request first. This allows you to check the data before confirming the deletion.

To change this mode, click Edit properties, in the top right corner of the Privacy Requests screen.

GDPR Creation 4

With the 2-steps mode activated, the status of a new Delete request changes to Delete confirmation pending. Download the generated XML file from the left panel of the request screen and check the data. To confirm erasing the data, click on the Confirm the deletion button.

GDPR Creation 6

Using the Campaign API

Caution:

The Privacy Core Service integration is the method you should use for all access and delete requests. Starting 19.4, the use of the Campaign API and interface for access and delete requests is deprecated. 

Adobe Campaign provides an API which allows you to setup an automatic Privacy request process.

With the API, the general Privacy process is the same as using the interface. The only difference is the creation of the Privacy request. Instead of creating the request in Adobe Campaign, a POST containing the request information is sent to Campaign. For every request, a new entry is added in the Privacy tools screen. The Privacy technical workflows then process the request, the same way as for a request added using the interface.

If you're using the API to submit Privacy requests, we recommend that you leave the 2-steps process activated for the first Delete requests, in order to test the returned data. When your tests are finished, you can deactivate the 2-steps process so that the Delete request process can run automatically.

See the API documentation.

Opt-out for the Sale of Personal Information (CCPA)

CCPA (California Consumer Privacy Rights) provides California residents new rights in regards to their personal information and imposes data protection responsibilities on certain entities whom conduct business in California.

The configuration and usage of Access and Delete requests are common to both GDPR and CCPA. This section presents the opt-out for the sale of personal data, which is specific to CCPA.

In addition to the Consent Management tools provided by Campaign (see this page), you also have the possibility to track whether a consumer has opted-out for the sale of Personal Information. 

A consumer decides, through your system, that he/she does not allow his/her personal information from being sold to a third-party. In Adobe Campaign, you will be able to store and leverage this information.

Note:

You can leverage the opt-out for the sale of personal information via the Campaign interface and through the API. You cannot use it through the Privacy Core Service.

Caution:

It is the responsibility of the customer to keep track of the request dates for CCPA. As a technology provider, we only provide a way to Opt-Out. It is the responsibility of the customer to receive the data subject's request and use the available capability.

Prerequisite

This configuration is only required for 19.3 environments. Starting 19.4, the CCPA Opt-Out field is provided out-of-the-box in the Campaign interface and API. You can check your version by clicking on the ? icon in the top right of the interface and selecting About.

To leverage this information, you need to create the Opt-Out for CCPA (optoutccpa) field in Adobe Campaign Standard. For this, you will add a boolean field to the Profile resource. When a new field is created, it is automatically supported by the Campaign API.

If you use a custom profiles table, you also need to perform this operation.

For more detailed information on how to extend a custom resource, refer to the documentation.

Caution:

Modifying resources is a sensitive operation which must be performed by expert users only.

  1. Go to Administration > Development > Custom Resources. Click on the Profile resource. If it is not available, you need to extend it. Read more

    ccpa1
  2. Click on Add field or Create Element, add the label, ID and choose the Boolean type. For the name, use Opt-Out for CCPA. For the ID, use: optOutCcpa.

    ccpa2bis
  3. In the Screen definition tab, under Detail screen configuration, add the field and select Input field. This will make the field available in the profiles list and details. Read more

    ccpa3bis
  4. Go to Administration > Development > Publishing, prepare the publication and publish the modifications. Read more

    ccpa4
  5. Verify that the field is available on a profile’s details (see the next section). 

    Note:

    Note that for 19.3 environments, the field's name is CCPA for Opt-Out (the one added in the previous section). Starting 19.4, the out-of-the-box field is named CCPA Opt-Out.

Usage

It’s the responsibility of the data controller to populate the value of the field and follow the CCPA guidelines and rules concerning data selling.

To populate the values, several methods can be used:

  • using Campaign’s interface by editing the profile’s details (see below)
  • using the Campaign Privacy API, see the API documentation.
  • via a data import workflow

You should then ensure that you never sell to any third party the personal information of profiles who have opted-out.

In Campaign's interface, edit a profile to change the opt-out status.

Note:

Note that for 19.3 environments, the field's name is CCPA for Opt-Out (the one added in the previous section). Starting 19.4, the out-of-the-box field is named CCPA Opt-Out.

ccpa6bis

The information appears on the profile's details.

ccpa5bis

You can configure the profiles list to display the op-out column. To learn how to configure lists, refer to the detailed documentation.  

ccpa8bis

You can click on the column to sort recipients according to the opt-out information. 

ccpa7bis

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy