Documentation Experience Platform Privacy Service Guide

Privacy Service and Experience Cloud applications

Last update: Tue Nov 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Privacy

CREATED FOR:

Developer
User
Admin
Leader

Adobe Experience Platform Privacy Service is built to support privacy requests for several Adobe Experience Cloud applications. Each application supports different product values and IDs for identifying data subjects.

This document serves as a reference for Experience Cloud application documentation that outlines how to configure that application for privacy-related operations. This includes how to format and label your data. Two categories of applications are covered:

Applications integrated with Privacy Service: Applications that are able to send access, delete, or opt-out requests to Privacy Service.
Self-serve applications: Applications that must manage their privacy requests internally, and cannot communicate with Privacy Service directly.

Please review the documentation for your Experience Cloud applications to learn how to format your privacy requests, and which values are supported for those requests.

Applications integrated with Privacy Service integrated

The following is a list of Experience Cloud applications that are integrated with Privacy Service, including the Privacy Service capabilities they are compatible with, their protocols for processing delete requests, and links to documentation for more information.

NOTE

All integrated products respond to privacy requests in 30 days or less.

Application

Access/delete

Opt-out of sale

Delete behavior

Documentation and other considerations

Adobe Advertising Cloud

✓

The data subject’s cookie ID or device ID is deleted from the system, along with all cost, click, and revenue data associated with the cookie.

Adobe Analytics

✓

Adobe Analytics provides tools for labeling data according to its sensitivity and contractual restrictions. Labels are an important step for:

Identifying Data Subjects.
Determining which data to return as part of an access request.
Identifying data fields that must be deleted as part of a deletion request.

Adobe Audience Manager

✓

All traits and segments associated with the Audience Manager identifier included in the request are deleted. In addition, the respective identifiers for the individual are opted out of further data collection and the respective ID mappings are removed.

Adobe Campaign Classic

✓

The data subject’s stored data is deleted from the system.

Privacy management.

Adobe Campaign Standard

✓

The data subject’s stored data is deleted from the system.

Adobe Customer Attributes (CRS)

✓

N/A

The data subject’s attributes are deleted from the system.

Access/delete documentation for GDPR
Access/delete documentation for CCPA
Customer Attributes does not have the capability to transfer data, therefore opt-out-of-sale requests are not applicable.

Adobe Experience Platform

✓

When Experience Platform receives a delete request from Privacy Service, Platform sends confirmation to Privacy Service that the request has been received and affected data has been marked for deletion. The records are then removed from the Data Lake or Profile store once the privacy job has completed. Before the job completes, the data is soft-deleted and is therefore not accessible by any Platform service.

Access/delete documentation for the Data Lake
Access/delete documentation for Identity Service
Access/delete documentation for Real-Time Customer Profile
Experience Platform honors opt-out requests for audience segments.

Adobe Pass Authentication

✓

N/A

The data subject’s stored data is deleted from the system.

Access/delete documentation
Pass does not have the capability to transfer data, therefore opt-out-of-sale requests are not applicable.

Adobe Target

✓

N/A

All data associated with the data subject’s ID is deleted from their Visitor Profile. Aggregated or anonymized data that does not identify the individual or is otherwise unrelated (such as content data) does not apply to delete requests.

Access/delete documentation
Target does not have the capability to transfer data, therefore opt-out-of-sale requests are not applicable.

Marketo Engage

✓

N/A

The data subject’s stored data is deleted from the system.

Access/delete documentation
Marketo does not have the capability to transfer data, therefore opt-out-of-sale requests are not applicable.

Self-serve applications self-serve

The following is a list of Experience Cloud applications that are not integrated with Privacy Service and must manage their privacy concerns internally. Links to each application’s documentation are provided, along with descriptions of the documentation’s contents.

Application

Documentation description

Adobe Experience Manager

An overview of how a customer privacy administrator or AEM administrator can handle GDPR requests.

Adobe Experience Manager Livefyre

Steps for making GDPR access and delete requests using Livefyre.

Magento

Ensure that your Magento Commerce installations comply with the requirements of specific privacy legislations.

Tags in Adobe Experience Platform

How developers can use extensions and the rule builder to define opt-in and opt-out solutions.

Workfront

Learn how Workfront collects personal data, and how a data subject can submit a privacy request via a form.

recommendation-more-help

9cbf7061-a312-49f7-aaf8-a10885d53580