Many global privacy regulations, including the GDPR and CCPA, grant users control over their personal data. Often referred to as “Data Subject Access Requests (DSARs)” or “access requests,” website visitors can make a request related to their personal data (for example, the CCPA’s “Do Not Sell” request) and your organization will need a way to manage the incoming requests.
The UCP includes a simple way for your organization to take incoming requests, verify the visitor’s identity via email, and manage the status of existing requests. Your organization also has the option to use your own form or a third-party management tool. You will make this selection when setting up your options dialogue.
Access Request Workflow
Managing Access Requests within UCP
Navigate to the Access Requests tab in the main menu of UCP. The access request menu has three sections to work off of designed to help you easily manages your requests:
Active Requests: Requests that have been verified through email. These requests can be marked as New and In-Progress
Unverified Requests: Requests that are awaiting verification of the requestor through email
Completed Requests: Requests marked as complete
Each section here can be filtered by Regulation, Request Type, and Status. Additionally, each field can be searched via a wildcard search.
If you need to export your requests, click the checkboxes for the records you want to include and select Export Selected from the top right. This feature is helpful if you need to share the requests with other people within your organization or submit records as required by a specific privacy law.
You can view additional details about a specific request by clicking on Details. You can also add any notes about the request and change the status here.