General Data Protection Regulation (GDPR) is a data privacy regulation that enables individuals to have more control over how organizations use their data. The “Right to be Forgotten” is a regulation that enables individuals to request that an organization delete any data about them. This means that the identities that are deleted using the GDPR delete request cannot be restored again.   This is article 5 in the GDPR delete of Identity data in SAS ® Customer Intelligence 360 series, which covers the frequently asked questions on GDPR Delete of Identity Data. Here is the list of questions with links to their answers: When I delete the customer_id or subject_id using a GDPR (General Data Protection Regulation) delete request and reimport the same IDs again in SAS® Customer Intelligence 360, will these IDs be associated with old datahub_ids or will new datahub_ids be created? If I deleted the identity data (e.g., subject_id) by mistake while working on the GDPR delete API, is there any functionality in SAS Customer Intelligence 360 where I can restore it? Is it sufficient to check the number of records in the UDM table identity_attributes to verify how many subject IDs are still active in the cloud? How can I verify whether identity data was deleted using the GDPR delete process? How do you check the total processing time taken for the GDPR delete request? What are the identity types that can be deleted using a GDPR delete request?   When I delete the customer_id or subject_id using a GDPR (General Data Protection Regulation) delete request and reimport the same IDs again in SAS ® Customer Intelligence 360, will these IDs be associated with old datahub_ids or will new datahub_ids be created? The datahub_id is a Universally Unique Identifier (UUID). Hence, there is no chance that the datahub_id of a deleted user might be reused later.   If I deleted the identity data (e.g., subject_id) by mistake while working on the GDPR delete API, is there any functionality in SAS Customer Intelligence 360 where I can restore it? The subject IDs cannot be restored once they are deleted using the GDPR delete API. You must upload the subject IDs again. The reason for this behavior is because the cloud does not store data about deleted identity data records. GDPR is an EU regulation that allows customers to be forgotten, and the software ensures that the subject IDs are completely forgotten, so that they cannot be restored.    Is it sufficient to check the number of records in the UDM table identity_attributes to verify how many subject IDs are still active in the cloud? Yes, you can get the active subject IDs detail from the UDM identity_attributes data set.   How can I verify whether identity data was deleted using the GDPR delete process? There are two ways to verify: Use the SAS Customer Intelligence 360 Download API to download the identity data files to verify whether identities are being deleted. If they still appear in the IDENTITY_ATTRIBUTES table, it means that the data is not being deleted. Go to the Diagnostics tool in General Settings à Content Delivery à Diagnostics, search for the subject_id, and make sure that they are removed from the system. Refer to the screenshot below:                          How do you check the total processing time taken for the GDPR delete request? You can see how long it takes by calculating the time between Start Time and End Time of imports under General Settings à Table Management à GDPR delete table à Import History:     What are the identity types that can be deleted using a GDPR delete request? A GDPR delete request works only with three identity types: customer_id, subject_id, and login_id. These three identity types are considered strong identifiers for an individual. It does not work with device_id or visitor_id.     For additional help, contact SAS Technical Support by creating a track with the Contact Support option in the SAS Customer Intelligence 360 UI.   Related Article Links: Create Data Descriptor of Type DELETELIST GDPR Delete of Identity Data Using the SAS® Customer Intelligence 360 UI GDPR Delete of Identity Data Using the REST API Performance and Limitations of GDPR Delete Requests ... View more

General Data Protection Regulation (GDPR) is a data privacy regulation that enables individuals to have more control over how organizations use their data. The “Right to be Forgotten” is a regulation that enables individuals to request that an organization delete any data about them. This means that the identities that are deleted using the GDPR delete request cannot be restored again.   This is article 4 in the GDPR delete of Identity data in SAS ® Customer Intelligence 360 series, which covers the performance and limitations of GDPR delete requests. Here is a list of questions with links to their answers. What is the maximum limit on identities that are deleted with the REST API and SAS Customer Intelligence 360 UI (User Interface)? Can we submit multiple POST delete requests at a time? What happens if we submit two delete requests at the same time? What is the best approach for deleting identity data if we have multiple identity types in the system? What is the maximum limit on identities that are deleted with the REST API and SAS Customer Intelligence 360 UI (User Interface)? If you use the POST method, there is a hard limit of 50,000.  If you use DELETELIST via the UI, you are not restricted in terms of the amount of data in your input file. However, there have been performance issues with large DELETELIST imports. The recommendation is to delete large amounts of data via several DELETELIST imports, each using 50,000 chunks of data. Can we submit multiple POST delete requests at a time? Only one delete POST request can be processed at a time. If you need to submit more than one request, the first request must be completed before any subsequent requests can be processed. Refer documentation to check the status of import request before sending the next request.   What happens if we submit two delete requests at the same time? If you submit two requests at same time, the first request is processed and the second delete request fails to process with an error. You can only submit the second request after the first one has completed. Here is an example in which the import request id 505b0284-46a0-4f18-a235-3adf7d5f363c fails with an error:  “Import request has been rejected, due to a conflicting, already running import with id 505b0284-46a0-4f18-a235-3adf7d5f363c”.                       What is the best approach for deleting identity data if we have multiple identity types in the system? When you have multiple identity types in the system, it is highly recommended to delete all of them even if it seems redundant. There are situations where only deleting by a single identity type might leave unwanted data behind.     For additional help, contact SAS Technical Support by creating a track with the Contact Support option in the SAS Customer Intelligence 360 UI.   Related Article Links: Create Data Descriptor of Type DELETELIST  GDPR Delete of Identity Data Using the SAS® Customer Intelligence 360 UI   GDPR Delete of Identity Data Using the REST API  Frequently Asked Questions about GDPR Delete of Identity Data in SAS Customer Intelligence 360 ... View more

General Data Protection Regulation (GDPR) is a data privacy regulation that enables individuals to have more control over how organizations use their data. The “Right to be Forgotten” is a regulation that enables individuals to request that an organization delete any data about them. This means that the identities that are deleted using the GDPR delete request cannot be restored again.   This is article 3 in a series of ‘GDPR delete of Identity data in SAS ® Customer Intelligence 360’ that covers how to perform a GDPR delete of Identity data in SAS ® CI360 using REST API.  You can do a GDPR delete of identity data using either the REST API or SAS ® Customer Intelligence 360 user interface (UI). If you want to automate the process, you could use the POST method.  The UI is a more manual process. For more detail about delete the identity data using SAS Customer Intelligence 360 UI, refer to GDPR Delete of Identity Data Using the SAS® Customer Intelligence 360 UI   In this article, we will cover how to delete the identity data using the REST API to submit a request to delete identity data:   Create a General Access Point and a JSON Web Token(JWT)  as described in Prerequisites for Importing and Exporting Data.   Go to the REST Client (Postman) u Authorization, select the Bearer Token from the Type drop-down list, and paste the token for the specific server, which you obtained in step 1:                               Submit a POST request to the customerJobs endpoint to delete data:                     POST https://extapigwservice-<server>/marketingData/customerJobs         Include the following code in the body:       {            "jobType": "GDPR_DELETE",            "identityType": "subject_id",            "identityList": [                 "1",”2”             ]       }    The response to the POST call contains the request ID i-dbb21ab2-7e0c-41c2-8dc3-c4232e69594a for the delete job with the 201 created status code, as shown below:                            Submit a GET request with the request ID i-dbb21ab2-7e0c-41c2-8dc3-c4232e69594a to view the status of delete request.   Here is an example:     GET https://extapigwservice-<server>/marketingData/customerJobs/<delete_request_ID>    Here is a screenshot that shows the successful deletion of identity data. The status shows “DELETED_IDENTITIES”:                              For additional help, contact SAS Technical Support by creating a track with the Contact Support option in the SAS Customer Intelligence 360 UI   Related Article Links: Create Data Descriptor of Type DELETELIST  GDPR Delete of Identity Data Using the SAS® Customer Intelligence 360 UI Performance and Limitations of GDPR Delete Requests Frequently Asked Questions about GDPR Delete of Identity Data in SAS Customer Intelligence 360   ... View more

General Data Protection Regulation (GDPR) is a data privacy regulation that enables individuals to have more control over how organizations use their data. The “Right to be Forgotten” is a regulation that enables individuals to request that an organization delete any data about them. This means that the identities that are deleted using the GDPR delete request cannot be restored again.   This is article 2 in a series of ‘GDPR delete of Identity data in SAS ® Customer Intelligence 360’ that covers how to perform a GDPR delete of identity data using the SAS Customer Intelligence 360 UI.   First create a data descriptor of type DELETELIST as described in the section Create a Data Descriptor Using the SAS Customer Intelligence 360 UI        2. Create the CSV format file with one column for identity Type subject_id:             a. Collate all the subject IDs in a column.                   b. Ensure that CSV file MUST have a header row. The first row is always interpreted as a           header.            c. The input data in the CSV is limited to a maximum of 256 characters.            d. Each row in the CSV file should be unique.           For example, the CSV file could look like this:                         Go to General Setting -> Table Management and select the check box of table created in step 1. Click the Upload File icon to upload the CSV file.   To check the status of the delete request, select the table and go to Import History. Click the Details view icon in the Details column. The Deleted Identities status indicates that the delete request is successful, as shown below:                            For additional help, contact SAS Technical Support by creating a track with the Contact Support option in the SAS Customer Intelligence 360 UI   Related Article Links: Create Data Descriptor of Type DELETELIST GDPR Delete of Identity Data Using the REST API Performance and Limitations of GDPR Delete Requests Frequently Asked Questions about GDPR Delete of Identity Data in SAS Customer Intelligence 360 ... View more

General Data Protection Regulation (GDPR) is a data privacy regulation that enables individuals to have more control over how organizations use their data. The “Right to be Forgotten” is a regulation that enables individuals to request that an organization delete any data about them. This means that the identities that are deleted using the GDPR delete request cannot be restored again.   This is article 1 in a series of ‘GDPR delete of Identity data in SAS ® Customer Intelligence 360’. In this article, you learn how to create a data descriptor of type DELETELIST in the SAS ® Customer Intelligence 360 user interface (UI) and using REST API client. A data descriptor of type DELETELIST is used to delete identity data from the system. You can create this descriptor if you need to consistently delete a set of IDs. You need separate descriptors for each identity type (subject_id, login_id and customer_id). DELETELIST is not limited to the UI. You can also use API calls to upload a file into the DELETELIST descriptor.    Create a Data Descriptor Using the SAS Customer Intelligence 360 UI   Go to General Settings -->Data Collection --> Table Management. Select the New Table option on the right.                Provide a table name and select DELETELIST in the Type drop-down list. Provide the data item name and label, select the type, select the Identity check box, and select the Identity Type from the drop-down list, as shown in the example screenshot. The newly created table is available under Table Management:                       Create a Data Descriptor Using the REST API   Create a General Access Point and a JSON Web Token (JWT) following the instructions in Prerequisites for Importing and Exporting Data.    Go to the REST Client (Postman) --> Authorization and select Bearer Token from the Type drop-down list, and enter the token that you obtained in step 1.                   In the body of the REST call, select the raw and content type as JSON. Paste below JSON in the body section to create the data descriptor of type DELETELIST, as shown in the following code block:   {     "name": "GDPR_delete_subject_id_test",     "description": "GDPR DELETE descriptor",     "type": "DELETELIST",     "makeAvailableForTargeting": false,     "dataItems": [         {             "name": "GDPR_delete_subject_id_test",             "label": "GDPR_delete_subject_id_test",             "type": "STRING",             "charLength": 256,             "tags": [],             "excludeFromAnalytics": true,             "identityType": "subject_id",             "key": true,             "identity": true,             "segmentation": false,             "segmentProfilingField": false,             "uniqueValuesAvailable": false,             "availableForTargeting": false,             "identityAttribute": false,             "channelContactInformation": false         }     ] }   Submit a POST request. The response status is 201 when the customer table is created successfully, which returns the data descriptor ID with metadata information (createdTimeStamp, createdBy, and so on).                     POST https://extapigwservice-<server>/marketingData/tables                   Here is an example screenshot:                           For additional help, contact SAS Technical Support by creating a track with the Contact Support option in the SAS Customer Intelligence 360 UI   Related Article Links: GDPR Delete of Identity Data Using the SAS® Customer Intelligence 360 UI   GDPR Delete of Identity Data Using the REST API  Performance and Limitations of GDPR Delete Requests Frequently Asked Questions about GDPR Delete of Identity Data in SAS Customer Intelligence 360   ... View more