Skip to main content

Do Not Sell or Share Overview

CPRA gives data subjects the Right to Opt-Out of the Sale of their Personal Information to third parties. DataGrail customers have the ability to handle Do Not Sell or Share (DNSS) requests through an intake form, verify those requests, and maintain a record log for compliance.

DataGrail User Roles

Only the following User Roles will have access to the Do Not Sell or Share tab:

  • Super Admin
  • Request Admin
  • Request Approver
  • Request Agent
Multiple Roles

Combining any user roles that do not have access to this UI with any of the above user roles that do have access to this functionality will grant a user access to these updates. e.g. If a user had a Request Admin Role, adding a Super Admin role to their user record would then allow them access to the Do Not Sell or Share page.

Request Creation Methods

Intake Form

The Intake Form provides the ability to have an immediate understanding of location and enables Authorized Agent.

Opt-Out Form

note

Request policies are now tied to opt-outs. This is not a required field, and the older form version will remain compatible even if a location is NOT tied to the opt-out. If your DNSS form has any customizations (including text), reach out to your CSM about when these changes will be reflected for you.

Manually

Requests can also be created manually within the Do Not Sell or Share tab in DataGrail. To do so, click Add Request in the upper right corner of the Opt Out Queue.

Opt Out Add Request

The following information is required during creation:

  • First Name
  • Last Name
  • Email - Requestor email; used for verification process

Optional fields:

  • Country - Location of the requestor
  • Subregion - Appears when a country has been specified and a subregion is available (e.g. State)
  • Additional Info - Used for notes

Opt Out Queue

Opt Out Details View

Click on the individual request to view more information, including:

  • User Information (first name, last name, email, and location)
  • Verification Status
  • Date Submitted
  • Due Date
  • Request Policy

You have the ability to take the following actions on the request

  • Complete Request (after all configured integrations have completed)
  • Deny Request
  • Request Extension

Filtering Requests

Do Not Sell or Share requests can be filtered by the following:

  • Verification Status
  • Ticket Status
  • Location

Verification status filters: Verified and Unverified. Verified means the requestor or authorized agent has verified the request.

Opt Out Verification States

Ticket status filters: Complete, Not Started, In Progress, Canceled and Incomplete.

Opt Out Worklow States

The Location filter lists all available countries and states (subregion), not just those associated with request policies. You can search for the country or state (subregion) to filter by that single location.

Opt Out Location

Request States

A request can have the following states:

StatusDefinition
Not StartedRequest has been submitted to the queue. No verification has occurred on this request
In ProgressIntegrations for DNSS request have started
CompleteIntegrations have completed for the request, the request has been verified and the
user has completed the request
CancelledA user has denied the request

Bulk Management

To manage multiple requests, select the requests and then use one of the following actions:

  • Mark as Complete
  • Request Deadline Extension

Bulk Manage

note

Users are not able to bulk deny requests.

Exporting Requests

Privacy teams can export a copy of all DNSS requests to a .tsv file by clicking the Download .tsv button in the top right

Automation Rules

Users have the ability to configure automation rules for Do Not Sell or Share requests by going to the Settings tab in the navigation menu, then under Request Manager click Automation.

Once a Do Not Sell or Share request has been completed

OptionDescription
Send the Do Not Sell or Share confirmation emailConfirmation email sent to the requestor. The confirmation email template can be updated.
Do not send the Do Not Sell or Share confirmation emailNo confirmation email is sent.

Once a Do Not Sell or Share request is submitted

OptionDescription
Don't send a verification emailVerification will be skipped, and the request will automatically start processing.
Send a verification emailRequest will start processing after the requestor has verified their email.

When all integrations have finished processing a Do Not Sell or Share request

OptionDescription
Automatically mark the request completeRequest status updated to Complete. No further action required.
Manually mark the request completeYou will need to manually update the request status.

Integrations

Integrations that support Do Not Sell or Share:

  • Braze
  • Facebook Marketing
  • Internal Systems Integration
  • mParticle
  • Picsart
  • Sailthru
  • Segment
  • SparkPost

Integration States

Do Not Sell or Share Integrations return a True or False signal when the integration is processed. If a False signal is returned, you can retry the integration or contact support if there are issues with the integration can be retried.

Integration States

note

Users cannot cancel the processing of a DNSS integration.

Tag Managers

Tag managers -- most commonly, Google Tag Manager (GTM) -- are a tool that allow you to manage and deploy tags (snippets of code or tracking pixels) on your website without changing the code. Common uses include inserting JavaScript for analytics tools like Google Analytics or Amplitude, retargeting solutions like AdRoll, and trackers like Marketo or HubSpot. Moz has a more in-depth explanation.

GTM consists of three components:

  • Tag - the JavaScript or tracking code that is inserted
  • Trigger - a rule for when to insert a tag
  • Variable - contains a value

For example, if you want to log all pageviews to Google Analytics, you would use a Google Analytics tag and tell it to trigger on all page views.

To learn more about setting up GTM for Do Not Sell or share, click here.

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.