Privacy Requests Set Up

This Technical Setup Guide provides the configuration steps required to manage and execute Privacy Requests within the TRIFFT Cockpit.

Topic / functionPrivacy Requests
AudienceCRM / Marketing Ops / Implementation
GoalProvide step-by-step setup for executing and tracking data rights (GDPR/CCPA)
Prereq systemsTRIFFT Cockpit

What you will learn

This guide covers how to process member requests for data access and deletion (Right to be Forgotten) in the TRIFFT Cockpit, including managing the request lifecycle and maintaining an auditable compliance trail.


Prerequisites

  • Access: Ensure you have the Project Owner or Admin role to access the Privacy module and view full Member PII.
  • Verification Protocol: Establish an internal standard for verifying member identity before processing sensitive data requests.
  • Data Mapping: Confirm that all custom member attributes are correctly classified so that "Anonymization" effectively removes all PII while retaining business-critical transaction data.

Step-by-step setup

  1. Navigate to the Privacy Module: Log in to the TRIFFT Cockpit and go to Support Center > Privacy Requests.
  2. Initiate a New Request: * Click Create New Request.
    • Search for the member by Email, Phone, or Member ID.
  3. Select Request Type:
    • Data Access (SAR): To generate a portable export of all data stored for that member.
    • Data Deletion (Anonymization): To permanently remove PII and unlink the member profile from the loyalty program.
  4. Execute Data Export:
    • For Access requests, click Generate Export.
    • Once the system compiles the data, download the secure file and deliver it to the member via your brand's official support channel.
  5. Execute Anonymization:
    • For Deletion requests, click Anonymize Member.
    • Confirm the action; this process is permanent and replaces names, emails, and phone numbers with randomized strings while keeping transaction records for financial reporting.
  6. Update Request Status:
    • Manually update the request status to In Progress while awaiting verification or completion.
    • Mark as Completed once the data has been delivered or deleted.
  7. Log Internal Notes: Add comments to the request log (e.g., "Identity verified via support ticket #123") to ensure a full audit trail.
  8. Finalize Audit Log: Verify that the action—including the administrator's ID and the timestamp—is recorded in the global Audit Logs.

Configuration checklist

  • Role Restrictions: Only specific high-clearance administrators have the permission to "Execute Anonymization".
  • Audit Completeness: Every request includes an entry in the system audit log detailing who performed the action.
  • Anonymization Accuracy: Spot-check an anonymized profile in the Support Center to ensure no PII remains in the search indices.
  • Data Export Security: Exported files are handled according to your brand’s secure file transfer protocols.
  • SLA Compliance: Requests are processed within the legal timeframe (e.g., 30 days for GDPR).


Did this page help you?