In order to comply with privacy laws affecting the management of a contact's data, Simon Data offers a tool to easily forward requests to delete, amend, or export data of a contact. The introduction of regulations such as General Data Protection Regulation (GDPR), create the need for businesses to have systems that are privacy by design and privacy by default. As a sub-processor of data, Simon Data makes it simple to comply with the requests of data subjects.

Request Types

• In support of the "Right to be Forgotten", submit a request to delete a contact.
• To rectify, update, or limit the scope of certain data being processed, submit a request to amend data.
• To give a contact access to the data they have shared with you, submit a request to export data.

How to Submit a Request

1. From the left navigation, expand Admin Center then click Privacy Requests.
2. Click Create Privacy Request in the upper right-hand corner.
3. From the list, select the appropriate action:
   • Amend data for contact
   • Delete contact
   • Export data
4. Complete the remaining fields based on your request type. See below:

Delete a Contact's Data

1. Enter the contact identifer you wish to delete. To delete multiple contacts, enter the identifiers as comma separated values.
2. You'll be presented with a prompt to confirm you wish to delete a contact. Enter the letters "DELETE" into the field and select "I UNDERSTAND" to delete the contact. Note: this action cannot be undone or cancelled.

Amend Data For a Contact

1. Enter the contact identifier you wish to amend data for. To amend data for multiple contacts, enter the identifiers as comma separated values.
2. In the Description field, enter summary of the data fields that need to be rectified or updated, including new values.

Export Data

1. Enter the contact identifier you wish to export data for. To export data for multiple contacts, enter the identifiers as comma separated values.
2. When you're notified by email that the export is ready, return to the Privacy Requests page and click View for the request.
3. At the top of the page, click Download the Exported Data to receive an export of the contact's data. The data will be in JSON format.

📘

Note for Organizations on Next-Gen Identity

If your organization is on Next-Gen Identity, you may submit privacy requests by any identifier that's available in your account.

If you choose to delete contacts by a non-stable identifier (i.e. an identifier that has a many:1 relationship with the stable identifier), multiple contact profiles could be deleted based on your organizations business rules for shared identifiers. If multiple profiles are deleted, the identifier submitted will not be able to reenter Simon. However, other identifiers that used to be on a deleted profile may reenter as associations of new or different profiles.

Example:
Let's say user_id is your organization's stable identifier, email addresses may be shared across profiles according to your business rules, and you submit a privacy request that contains a list of email addresses. If email_address123 exists on user_id123's profile AND user_id234's profile, both user_id123 and user_id234's entire profiles will be deleted. Email_address123 will not be able to reenter Simon because it was deleted in line with GDPR regulations, but any other identifiers (e.g. phone_number, device_id, etc.) that existed on user_id123 or user_id234's profiles may reenter Simon if they become associated with new or different user_ids.

Monitoring a Request

You can monitor the status of your request by returning to the Privacy Requests page. One of the following statuses will be displayed for each request:

• Requested: the request has been received
• In progress: the request is being processed
• Completed: the action you requested has been completed

Additionally, the submitting user will receive an email notification when your request is complete.