HomeEngagementOther resources
Guides

Individual rights

Suggest Edits

When customers exercise their data privacy rights—requesting copies of their data, corrections, or deletion—you need to respond within one month. Bloomreach Engagement provides tools to handle these requests efficiently while staying compliant with GDPR and similar regulations.

This guide covers six types of requests and shows you exactly how to fulfill each one:

  • Access: Download customer data.
  • Portability: Export data in machine-readable format.
  • Rectification: Update incorrect or incomplete data.
  • Erasure: Anonymize or delete customer data.
  • Restriction: Temporarily stop processing data.
  • Objection: Permanently stop processing data.

Receive and manage requests

To stay compliant, provide a clear channel (commonly an email address) where customers can send requests. You don't need to create a dedicated inbox - your general contact address works.

If you create a specific communication channel for these requests, you still need to respond appropriately to requests made through other channels. Make sure you have a reliable system to:

  • Recognize requests (which can vary in form).
  • Handle requests within the deadline regardless of channel.
  • Archive all requests (email, phone, in-person) as evidence of compliance.

👍

Best practice

Archive all requests so you can provide evidence of compliance if a customer complains to your local authority.

Right of access

Anyone who reasonably believes you hold their data can raise a subject access request for:

  • Confirmation that you hold their data.
  • Access to all their personal data you hold.
  • Information about how you gather, store, and process their data (include this in your privacy policy).

What data to provide

Provide customer data in an intelligible and easily accessible form. The line between intelligible and not intelligible isn't entirely clear, so it's good practice to convert the .json file into a more accessible format using automatic conversion software or manual conversion.

Download customer data

You can download customer data two ways:

  • Customer profile: Go to Data & Assets > Customers, find the customer, and download their data directly from their customer profile.

Handle data changes

Personal data probably changes between when a customer makes a request and when you comply with it.

Amendment

The customer continues activity on your website after making the request. New customer data gets added and some gets rewritten.

Deletion

Events are deleted based on your retention periods.

Which version to provide

Send the most up-to-date version of the customer's data at the time you comply with their request. It's fine that the data changed since the request. However, all changes must be natural ones that would have happened regardless of the request. Making intentional adjustments to hide data from the customer is a breach of GDPR.

Right to data portability

Customers can request their data in a format they can reuse on different platforms.

How to comply:

  1. Download the customer's data (see Download customer data above).
  2. Send them a copy.

Unlike subject access requests, you don't need to provide data in a human-readable format. A commonly used structured machine-readable format is sufficient, so you don't need to adjust the exported .json file.

Right to rectification

Customers can request corrections to incorrect data or completion of incomplete data.

Rectify data in customer profile

  1. Go to the Data & Assets > Customers.
  2. Select a customer's profile.
  3. Click Edit properties.
  4. Manually update their customer properties.
  5. Click Save and view.

Rectify data via API

See the Update customer properties section in the API documentation.

Right to erasure

Customers can request erasure of their personally identifiable information (PII). You have two options in Bloomreach Engagement: anonymize the customer or delete them completely.

Recommendation: Anonymization is usually sufficient. However, you must be completely sure all PII is flagged as such. Otherwise, you risk breaching GDPR.

Anonymization

Anonymization deletes all customer attributes marked as PII and replaces the old IDs with randomly generated ones. This preserves anonymous data for analytical purposes not connected to the individual.

Anonymize through customer profile

  1. Go to Data & Assets > Customers.
  2. Use the customer filter to find the relevant customer.
  3. Enter their profile and click ....
  4. Click Anonymize customer.

    ❗️

    Warning

    The customer loses all IDs and private information in properties and events. This action can't be undone.

  5. Review the confirmation message and click Anonymize.

Anonymizing through API

You can anonymize a single customer or multiple ones in bulk.

Why we recommend anonymization over deletion:

  • Automated deletion (via API) increases risk of accidental deletion through malformed API use (manual deletion requires confirmation).
  • Deletion destroys the customer profile structure, so aggregated tracked data (like open and click data) is lost.
  • Anonymization essentially deletes the customer (all PII) but leaves anonymous tracked data available for aggregated reporting.

Deletion

Deletion removes all customer attributes and event data. This impacts your overall analytics.

Example: If you delete a customer who made a purchase on Monday, your overall revenue for that day drops.

Recommendation: Consider anonymization first. If you need to delete a customer, use the same process as anonymization through their customer profile.

Right to restrict processing

Customers can ask you to temporarily restrict processing of their data. This means you can continue storing the data, but you can't use it for analytics or track new data for that customer.

When to restrict processing:

  • Customer expressly asks you to restrict processing.
  • Customer complains about the lawfulness or accuracy of your storage and processing methods.

How to comply: Ask your consultant to set up a suppression list.

Right to object

Customers can object to their personal data being processed and permanently stop you from doing so.

How to comply:

  • Anonymize their data (see Right to erasure above)
  • Ask your consultant to set up a suppression list

Updated 21 days ago