Product News | Privacy Request Portal (PRP) | What does this new portal do?

Product News
By 17. April 2020May 19th, 2020No Comments
Privacy Request Portal, Connectid Business

Connectid Business has a new feature:

The Privacy Request Portal (PRP) also known as a Data Subject Request Portal. We call it the request portal.

Data requests can now come to you in just one simple, structured format, making the request process less frustrating on all sides.

How does it work?

Place the request portal’s link on your privacy policy. When a person opens it they will see a short list of the different types of personal data you collect.

Many potential data requesters have no problem allowing you to collect their contact information, etc, and will exit back to your site with no need to make a request at all.

Others will quickly find the categories of personal data they are concerned with and make a simple request that is easy for your company to respond to.

Suppose a person wants to know if your company has access to specific personal information, for example, about their race, religion, or preferences. If that category appears on the list as data you collect, they can select just that one, rather than needlessly requesting all their data.

Whether or not a person ends up making a data request, offering the request link on your privacy page shows that you protect their rights and the personal information they share with you.

You can see a demo of the Request Portal here.

Why did we make this Request Portal?

Our customers saw the need to streamline their request process to more effectively handle the variety of data subject requests allowed by new regulations.

The CCPC, GDPR and other privacy regulations allow individuals to make privacy requests by phone or email, on social media, in person; in fact, any way they choose. This presents a compliance challenge for companies, who must keep track of and respond to all requests promptly.

Responding to requests without the appropriate tools is cumbersome because it requires a variety of steps, including:

  • Logging and tracking requests received
  • Verifying the identity of the person requesting
  • Task coordination between internal departments, e.g., DPO, Legal and IT
  • Finding data requested throughout your systems
  • Communicating in a timely manner with requesters as required by law
  • Formatting the data to make it readable and transferable
  • Finding deviations in the extracted data before delivering it
  • Ensuring the correct people approve the data before delivery
  • Protecting the data in transit
  • Delivering the data in time to the right person
  • Ensuring all actions are logged for audits
  • Doing it all again when the next request arrives

Juggling all these tasks is time-consuming and costly; and even if everything is done properly and on time, it is tedious to track and log your processes for internal and external audits.

We built Connectid Business with the capacity to handle all the tasks mentioned above, and adding the PRP to your privacy page is the first step to make the entire process smooth and simple.

What can the PRP do for your company?

The types of data requests that a person now has the right to make as per privacy regulations (GDPR, CCPA) are many and varied. You can see some examples listed below or read more about the GDPR regulations here.

  • Exercise of the rights of the data subject (article 12)
  • Right to be informed (article 13, 14)
  • Right of access (article 15)
  • Right to rectification (article 16)
  • Right to erasure (‘right to be forgotten’) (article 17)
  • Right to restriction of processing (article 18)
  • Right to data portability (article 20)
  • Right to object (article 21)

What type of requests will your company receive from people?

The Connectid Business PRP helps keep all of them simple, specific, organized and easy to respond to. It lets people see the types of information you’ve collected about them first. Then, if they do choose to make a request, they select only the information they really want access to.

All requests received through the PRP are automatically logged, verified and organized by due date. This makes the whole process easier to handle for your company.

Will the PRP fit my company’s needs?

Everything in Connectid Business is easy to customize. Add your company’s logo in settings and it will automatically appear on the portal, on emails and text notifications; creating trust and brand recognition for your company.

Request portal settings

Workflows are automated and the wording of the standard Request Portal is prepared in collaboration with DAHL – one of Denmark’s largest law firms. For more complex messaging, it can easily be customized in the portal. Do you need additional legal advice concerning data requests, we recommend you to contact a law firm, such as DAHL.

You can also choose and customize the options you offer in the portal in Settings. It takes just a few minutes to set everything up and you can make changes at any time.

Request categories for the request portal

Is Connectid Business expensive?

We’d like all companies to have access to Connectid Business, so we’ve made a freemium version called Starter Free.

Some companies may not expect to receive a lot of data privacy requests, but want to prevent potential breaches and have a system in place to handle requests properly when they do arrive. In that case, choose our Stater Free version to receive, log and verify requests for free, for as long as you like.

The Starter Free version of Connectid Business is like a firewall set up to prevent a breach before it happens. You can upgrade at any time if needed.

This is a quick overview of each version:

Starter Free: Receive all requests in the same structured, simple format through your personal request portal; logged, verified, and organized by due date.

Professional: Respond to requests with tagged and structured data, plus national authentication added to the standard verification you get with the free version.

Enterprise: Automate all processes involved with access to pre-built API’s.

Read more about our different versions and their benefits here.

Why offer a request portal on my site, won't that make it too easy to make requests?

Placing the link to a request portal on your privacy policy shows that your company is transparent and data-ethical; that you protect the rights of people and the personal data they share with you.

Connectid Business always authenticates requesters with SMS and e-mail verification, so you’ll know that requests from employees, customers or others are really from them, which helps you make sure you deliver the data with the right person.

Give privacy. Gain trust.

Being open and transparent about how your company collects, uses and protects personal data creates trust.

Trust, transparency and data-ethics are elements that strengthen a positive perception of your company’s brand.

Privacy matters. Studies have shown that consumers increasingly prefer to buy products and services from companies that prioritize the security of their data.

Did you find the answer you were looking for?

Please don’t hesitate to contact us if you are looking for more information about our request portal.

Contact us