Skip to main content
menu-icon.png

 

x
Optimizely Knowledge Base

Request or delete records for EU General Data Protection Regulation (GDPR)

 
relevant products:
  • All

THIS ARTICLE WILL HELP YOU:
  • Submit GDPR Subject Access Requests

Please keep in mind that:

  • Data cannot be recovered once it has been deleted. Read this article carefully to understand the implications for your account.

  • Data exports may contain information that your company considers confidential, such as the change history for a particular project. It is your responsibility to review this information before providing it to the requestor.

  • This process covers information that Optimizely processes on behalf of its customers as part of its online SaaS services. If you would like to file a request related to personal data that Optimizely controls, you should email legal@optimizely.com.  Please review our privacy policy for more information about this type of data and your options.

It is your responsibility to review this information before providing it to the requestor.

This article describes how Optimizely can help you respond to an EU data subject’s request for access, rectification, erasure, and portability of their personal data. It applies to the personal data that Optimizely processes on your behalf.

Please read this article carefully to understand how we can help you respond to a EU data subject’s requests for the data Optimizely is processing on their behalf, and the implications for your organization.

To learn more about the data Optimizely processes, please review our Privacy@Optimizely FAQ. To learn more about the GDPR and your role as a data controller, or for more detail about meeting your obligations for other Optimizely products, see our article on preparing for the GDPR.

The access and erasure obligation

Each EU citizen has a right of access to their personal data. Upon request, you (as the data controller) have an obligation, with certain exceptions, to inform the individual (often referred to as data subjects under GDPR) where their personal data is being held and for what purposes.

In addition, each EU citizen has a right to erasure (sometimes known as the right to be forgotten). Upon request, you have an obligation, with certain exceptions, to erase the personal data of a data subject.

To make the process easy for our customers, Optimizely offers two options for customers who receive a request to begin the erasure or access process:

  • A UI that is easy to use for a small number of requests.

  • A REST API to automatically submit access or erasure requests to Optimizely.

You may only make a request if you hold a collaborator role of Administrator on your company's Optimizely account.

Submitting a GDPR Subject Access Request through the Optimizely UI

Here's an example of how to use the UI to submit a request. Read on for step-by-step instructions.

subject-access-request.gif

  1. Navigate to Account Settings > Subject Access Requests.

  2. Click Create New Request.

  3. Fill in the following information:

  • Request type: There are two options for request type: 

    • Delete: Removes all data within an account that is associated to the identifier defined in the identifier field

    • Access: Finds all data stored in Optimizely systems associated to the identifier defined in the identifier field and exports it to an AWS S3 bucket for you to access.

  • Data type:  There are two types of data that can be accessed or deleted:

    • User data: End users (also known as collaborators) who are added to the accounts of our customers. A user can be a collaborator on multiple accounts.

    • Visitor data: Individuals who visit or use our customers’ websites, apps, and other digital products. Optimizely stores visitor data to calculate experiment results and to tailor content.

  • Identifier type: User data is identified by the email address used to create the end user account. The form does not display the Identifier type field (see below) if you selected User as your data type in the previous step. If you selected Visitor, the form will display these five options for personal identifier types:

    • DCP ID: Any ID used to identify targeting records in Optimizely.

    • Email Address: The email address of a visitor.

    • Full Stack ID: The unique identifier used for Full Stack experiments.

    • optimizely_end_user_id: An Optimizely-generated user cookie.

    • Other: Any other identifier that was uploaded to Optimizely.

  • Identifier: The identifier value  you would like us to use when searching. If you selected User in the previous step, the identifier will be the email address for the user.

    If you use DCP or list attributes, please submit the primary keys used to identify records in DCP data sources and list attributes. We need these keys to identify relevant records in these data sources; they cannot be searched using other identifiers. You may submit these keys using either the DCP ID or Other data type.

    Please note that under our current terms, email addresses and similar personally identifiable information should not be uploaded into DCP. For more information, see PII: Personally identifiable information in Optimizely.

  1. Click Submit Request.

Automating GDPR requests with the Optimizely REST API

Optimizely customers can automate the requests using the REST API. The API endpoints for GDPR are documented on our developer documentation.

The same considerations apply when using the API:

  • Data cannot be retrieved once it is deleted.

  • Data exports we provide may contain information that your company considers confidential, such as the change history for a particular project.

  • DCP users must provide the DCP ID for us to identify the applicable record. We cannot search these records with other identifier types.

The endpoints that Optimizely offers are:

  • List all the existing Subject Access Requests

GET https://api.optimizely.com/v2/subject-access-requests

  • Get an existing Subject Access Request

GET https://api.optimizely.com/v2/subjec...s/{request_id}

  • Create a new Subject Access Requests

POST https://api.optimizely.com/v2/subject-access-requests

Retrieving the data from a completed access request

Where we receive a data access request, we search the records for the identifiers you provide and place matching records in an Amazon S3 bucket. When an access request is completed, Optimizely will create an Amazon S3 data export bucket and upload all the data to a folder there. You can find the location of the bucket in the export_location field returned by the /v2/subject-access-requests/{request_id} REST API and displayed in the UI in the request overview on Account Settings > Subject Access Requests

Each Optimizely account has its own bucket. The URL is formatted like this:

s3://optimizely-export-ng/{account_id}/

To get access to your Optimizely export bucket, follow the steps outlined in our Knowledge Base article on accessing Optimizely raw data.

Confirmation of data deletion

Where we receive a data deletion request, we search the records for the identifiers you provide and overwrite any matching data. When the request is completed, you can get the status of your request in the UI or with the REST API.

Rectification Requests

Optimizely users may correct their own data by signing into http://app.optimizely.com and editing the data in User Settings.

Rectification is not applicable for visitor data because the nature of the requests—records of events for users’ interactions with websites and apps, such as clicking on a button—isn't compatible with the rectification process.

Disclaimer

This document is for informational purposes only and does not constitute legal advice. Readers should always seek legal advice before taking any action with respect to the matters discussed herein.