This article gives you an overview of what Privacy Management is and what tools Adobe Campaign provides.

Adobe Campaign offers a set of tools to help you with your Privacy Compliance for GDPR and CCPA. This article presents general information on what Privacy Management is and the features we provide to manage Right to Access, Right to be Forgotten, consent, data retention and user roles. You will also find best best practices, to help you with your Privacy compliance when using our service.

The implementation steps are detailed in these pages:

Turorials on privacy management are available here.


GDPR (General Data Protection Regulation) is the European Union’s (EU) privacy law that harmonizes and modernizes data protection requirements. GDPR applies to Adobe Campaign customers who hold data for Data Subjects residing in the EU.

CCPA (California Consumer Privacy Act) provides California residents new rights in regards to their personal information and imposes data protection responsibilities on certain entities whom conduct business in California.

In addition to the privacy capabilities already available in Adobe Campaign (including consent management, data retention settings, and rights management), we are taking this opportunity in our role as Data Processor to include additional capabilities, to help facilitate your readiness as Data Controller for certain Privacy requests.

Right to Access and Right to be Forgotten

In order to help you facilitate your Privacy readiness, Adobe Campaign now allows you to handle Access and Delete requests.

The Right to Access is the right for the Data Subject to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. The controller shall provide a copy of the personal data, free of charge, in an electronic format.

Also known as Data Erasure, the Right to be Forgotten (delete request) entitles the Data Subject to have the Data Controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.

To learn how you can create Access and Delete requests and how Adobe Campaign processes them, refer to these pages:

In addition to the new Right to Access and Right to be Forgotten capabilities, Adobe Campaign offers other important features that are essential to Privacy:

  • Consent management: subscription functionality for preference management
  • Data retention: data retention periods on all standard log tables, additional retention periods can be set up with workflows
  • Rights management: data access managed by named right (Classic) and roles (Standard)

Consent management

Consent signifies agreement by the Data Subject to the processing of personal data relating to a Data Subject. Obtaining any necessary consent for that processing is the responsibility of the Data Controller. While Adobe Campaign may provide some features to help a customer manage consent related to the service, Adobe is not responsible for consent. Customers should work with their own legal departments to determine their own processes and practices for any necessary consent.

The features to help manage some aspects of consent have been core to Adobe Campaign since the beginning. Through our subscription management process, customers can track which recipients have opted-in to which type of subscriptions whether it be newsletters, daily or weekly promotions, or any other type of marketing program.

Consent management in Campaign Classic (refer to the detailed documentation):

GDPR Monitoring Sub

Consent management in Campaign Standard (learn more on subscriptions and landing pages):

GDPR Monitoring Sub

In addition to the Consent Management tools provided by Campaign, you have the possibility to track whether a consummer has opted-out for the sale of Personal Information. Refer to these sections:

Data retention

Regarding retention, built-in log tables in Campaign have pre-set retention periods on them, generally limiting their data storage to 6 months or less.

The following are the default retention values for built-in tables. Be aware that the retention configuration is set by Adobe technical administrators during implementation and values may vary for each implementation, based on customer requirements.

Data retention in Campaign Classic:

  • Consolidated tracking: 1 year

  • Delivery logs: 6 months

  • Tracking logs: 1 year

  • Deleted deliveries: 1 week

  • Import rejects: 6 months

  • Visitor profiles: 1 month

  • Offer propositions: 1 year

  • Events: 1 month

  • Statistics of event processing: 1 year

  • Archived events: 1 year
  • Pipeline events ignored: 1 month

Data retention in Campaign Standard:

  • Consolidated tracking: 6 months
  • Delivery logs: 6 months
  • Tracking logs: 6 months
  • Events: 1 month
  • Statistics of event processing: 6 months
  • Archived events: 6 months
  • Temporary entities: 7 days
  • Ignored pipeline events: 1 month
  • Delivery alerts: 1 month
  • Export audit: 6 months

And similar to delete, using standard workflow functionality, it is possible to set up retention periods for any custom table.

Reach out to the Adobe consultants or technical administrators to learn more about retention or if you need to set retention for custom tables.

Rights management

Adobe Campaign provides you the ability to manage the rights assigned to the various Campaign operators via different pre-built or custom roles. One benefit is this allows you to manage who within your company can access different types of data. For example, you might have different marketers covering different geos and each marketer can only access data from their geo. Similarly, this functionality also allows you to configure different capabilities for each user, such as limiting who can send deliveries, or more relevant for Privacy management, who can modify or export data.

Right management in Campaign Classic (refer to the detailed documentation):

GDPR User management

User roles in Campaign Standard (refer to the detailed documentation):

GDPR User management

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy