Hi @Xavier_Dupertio
I pulled all this information from documentation:
Policy Enforcement and Custom Policies
- Out-of-the-Box Policy Enforcement:
- Adobe Experience Platform (AEP) provides built-in policy enforcement mechanisms to manage data privacy and compliance. This typically involves predefined rules for data access, retention, and deletion based on regulatory requirements like GDPR or CCPA.
- Custom Policy Enforcement:
- You can create custom policy enforcements using Adobe's Policy Service. Custom policies might include specific rules for handling customer governance labels or unique organizational requirements. These policies are defined and managed through the Adobe Experience Platform's Privacy Service configuration interface, where you can set up custom rules and apply them to data based on labels or other attributes.
Use of Data Governance Labels
- Privacy Service and Data Governance Labels:
- The Privacy Service uses data governance labels to identify and manage different types of data. Labels help categorize data according to its sensitivity or compliance requirements. When a request for data removal is made, the Privacy Service uses these labels to determine which records to process.
- Removing Customer Data:
- When you request the removal of a customer, the Privacy Service typically deletes or anonymizes data based on the configured policies and labels. However, if data remains in other systems like Eloqua, it might not be removed unless those systems are synchronized or updated accordingly.
- Data from Eloqua and RTCDP:
- If you remove a record from Eloqua, it may not automatically be deleted from RTCDP unless there is a synchronization process in place. The RTCDP may still have the email address or other data if the deletion hasn’t been reflected in RTCDP. Deletion in Eloqua doesn’t automatically sync with RTCDP; they operate independently unless explicitly integrated for data synchronization.
- Removing All Email Addresses:
- To remove all instances of email addresses, you need to ensure that deletion requests are processed across all systems where the data resides. This usually involves coordinating with data sources and ensuring that the Privacy Service effectively updates or removes the data from all linked platforms, including RTCDP.
Labeling and Privacy Service
- Labeling and Privacy Service Integration:
- Labeling helps the Privacy Service identify which data needs to be handled according to specific privacy regulations. The expectation is that the Privacy Service will act on data labeled as PII (Personally Identifiable Information) to ensure compliance with deletion or access requests.
Documentation and Namespace Types
- Namespaces and Regulation Types:
- The Privacy Service documentation details different namespace types and their effects. Regulation types influence how data is processed and handled for deletions or access requests. For instance, GDPR might have different requirements compared to CCPA, affecting how data is managed.
- Changing Regulation Types:
- Selecting different regulation types may alter the processing rules for deletions and access requests. Different regulations have unique requirements for how data must be handled, and changing the regulation type adjusts the Privacy Service's behavior accordingly.
Actions of Privacy Service
- Privacy Service Actions:
- The Privacy Service typically supports actions such as delete and access. These actions align with common privacy requirements where users can request deletion of their data or access to it.
Syncing Data and Reporting
- Syncing Data Back to Eloqua:
- AEP can sync data back to Eloqua after processing, but this depends on the integration setup. You may need to configure synchronization settings to ensure that changes in AEP reflect in Eloqua.
- Governance Labeling Report:
- To get a report of all governance labeling within a schema, you would typically use the Adobe Experience Platform’s reporting tools or APIs. Check Adobe’s documentation or dashboard options for generating such reports.