Zaius has a process for honoring data subject requests related to various compliance frameworks, including CCPA and GDPR. These frameworks entitle customers to more control of their personal information. The customers subject to these frameworks have the right to request actions like:

• Deletion: The right of deletion gives customers the ability to direct a business to delete or anonymize all of their personally identifiable information.
• Opt-out: The right to opt-out gives customers the ability to direct a business not to sell their personal information to a third party. 
• Access: The right of access gives customers the ability to direct a business to provide all of the information that they have collected on them. 

Typically, these requests must be processed within 30 days. That said, these rights are not absolute and can depend on the context of the request, so it is essential to be familiar with your current business situation and local privacy laws. Learn more about Data Subject Access Rights by visiting our privacy policy.

Deletion request

To perform a compliant customer deletion:

• In your Zaius account, click the Account Settings icon in the main navigation bar.
• In the sidebar, select the Compliance Request option. 
• Select the regulation type, then the Delete option. 
• Select the identifier you'd like to use to locate the customer from the drop-down menu. The most common identifier is an email.
• Input a value for the selected customer identifier. 
• Click the Submit request button and then Delete in the confirmation prompt. 

Following the submission, all of the customer's personally identifiable information will be scrubbed within 30 minutes. The customer's Zaius ID, which is the ID shown in the browser URL when viewing their profile, is retained for reporting purposes. However, any references to the Zaius ID are completely anonymized or redacted. If the ID is used to return directly to a previous profile, a deletion event will be present. 

It's important to note that if an identifier (e.g., Email) associated with a compliance deletion moves from one profile to another, each profile the identifier touches will be opted out. An event indicating this as the reason for the customer's ineligibility will appear in the profile’s activity feed.

Opt-out request

This action is currently only available for CCPA requests. To perform a compliant customer opt-out:

• In your Zaius account, click the Account Settings icon in the main navigation bar.
• In the sidebar, select the Compliance Request option. 
• Select the CCPA regulation type, then the Opt-out option. 
• Select the identifier you'd like to use to locate the customer from the drop-down menu. The most common identifier is an email.
• Input a value for the selected customer identifier. 
• Click the Submit request button and then Opt-out in the confirmation prompt. 

Following the submission, an opt-out identifier will be attached to the customer's profile within 30 minutes. If you return to the customer profile, an opt-out event will be present. The opt-out also removes the customer from all marketing activities (e.g., Emails and Segment syncing) to ensure the broadest level of compliance. 

It's important to note that if an identifier (e.g., Email) associated with a compliance opt-out moves from one profile to another, only the most recent profile the identifier touched will be opted out. An event indicating this as the reason for the customer's current ineligibility will appear in the profile’s activity feed.

Access request

To perform a compliant data access request:

• In your Zaius account, click the Account Settings icon in the main navigation bar.
• In the sidebar, select the Compliance Request option. 
• Select the regulation type, then the Access option.
• Click the Submit request button and then complete the subsequent form.

Following the submission, a request will be sent to Zaius and processed within two weeks. Following this review, you will be emailed a collection of CSVs containing the customer information.