Consumer Requests
Processes to support the following verified/authentication consumer requests are:
 
  • List of all stored PII for an individual
  • Option to delete all personal information
  • Opt-out for any selling of that information
 
Requests for lists or deletion of a consumer's information have to be processed within 45 business days. Should the consumer not complete necessary verification steps before the 45 day period, it can be denied. If the business cannot comply within the same period, it can be extended another 45 days so long as the consumer is notified as to the reason for the delay. 
 
Impact
From a Salesforce Administrators point of view, what CCPA calls ‘Consumer Requests’ translate to components within Consent or Preference Management. The legislation calls these Subject Access Requests (SAR). It’s similar to Data Subject Access Requests (DSAR) for GDPR.
 
Personal Inventory Solutions
Manual: Locate all customer data using flows or APEX to find records that contain personal data. 
Automated: Data Tagging & Inventory 
 
Deletion Request Solutions
Manual: Locate all customer data using flows or APEX to find records that require deletion.​
Automated: Data Tagging & Inventory

 
Opt Out Solutions
Manual: Report export or use APEX to create the appropriate report.
Automated: Data Portability
Next: Opt Outs
  • Grey Facebook Icon
  • Grey Twitter Icon
  • Grey LinkedIn Icon

All statements for informational purposes only

© 2020 Plumcloud Labs - All rights reserved