Managing Privacy Requests

When your users submit Privacy Requests, your team will need to work on and finalize those requests in a timely fashion. You can easily handle these requests within Concord in the Request Log reporting section by selecting and editing an individual request. We recommend that organizations make careful and accurate use of this functionality in order to ensure seamless and error-free compliance with applicable regulations. To learn more about using Privacy Request Log report, refer to this article: Privacy Requests Request Log

Managing & Fulfilling a Compliance Request

1. Click on the Privacy Requests drop-down menu and choose Request Log.

2. Click on the Edit button to the right of the Privacy Request you would like to edit.

Notes:

• Privacy Requests can only be edited once the user has verified their identity and the request status has moved to the “Submitted” state.
• When a request’s status is changed, this is displayed to the user in the Privacy Center widget.

3. To change the status of the request, click Mark as Acknowledged.

4. Once the request has been acknowledged, you may add any Internal Notes regarding this status change. These are not shown or sent to the user and are for internal use only.

5. Insert details regarding the actions taken to resolve the user’s request under Resolution. When a Privacy Request is resolved, these details will be included in a resolution notification email to the user. Concord recommends consistent language here to avoid confusion and proper governance is highly encouraged to ensure effective regulatory compliance. If your organization requires assistance establishing best practices like governance, speak to your Concord representative about our available services.
6. If your Project has active Data Systems, you will also see a Data System Tasks section within the Edit Compliance Request workflow and any Data Systems that were active when the Privacy Request was received will have an associated Task that needs to be completed. To resolve the Privacy Request, complete and mark each Task as completed. We also recommend adding the details for each completed Task to the Resolution field. Once all Tasks are complete and checked off, the request can be resolved by clicking Mark as Resolved.

Automation for Get a Copy Requests

For Get a Copy (View) requests, you will have the additional option on the Edit Compliance Request form to upload data related to this compliance request. All files attached to a Get a Copy request will securely sent to the requestor when the request is resolved.

To upload data related to a specific view compliance request, go to the Data Uploads section on the Edit Compliance Request form, click the Upload button, and browse to the file(s) to add them to the request.

Note that the data files must meet the following requirements:

• File type: csv, json, txt, xls, pdf, doc
• Maximum individual file size: 10MB
• Maximum combined file size per request: 50MB

When the request is marked as resolved, an email will be sent to the email address associated to the request with instruction on how to access their data. The link will only be active for 24 hours. If the link has expired, the user will be prompted to request another valid secure access link.

When the the user clicks the link in the email, they will be taken to Concord secure Privacy Portal where they can download a copy of their data.

‍