Data Subject Rights

Automate and fulfill DSR requests

Teleskope's Data Subject Rights feature makes executing Deletion and Access requests simple and automated. Most DSR requests - otherwise known as the Rights to Know, Delete, or be Forgotten - enforce strict timelines as detailed at the bottom of this page.

First, configure your DSR ecosystem:

  1. Enrollment - Enroll specific tables that should be subject to deletion or access requests. Optionally, enroll date-sharded tables to propagate deletions to future tables.
  2. Integrations - Set up each 3rd party integration like Stripe, Hubspot, or Mailchimp in order to process deletion and access requests, and limit what sorts of requests can be performed on each.
  3. Webhooks - Create webhooks to Post access and deletion requests to services without integrations or custom data stores.
  4. Identifiers - Detail unique identifiers to enable deletion requests for company or industry-specific identity references.
  5. Settings - Configure DSR Customizations, emails to vendors where automation is not supported, and Slack notifications.

Then, process your request:

  1. Submit - Return to the Requests tab, and submit a new DSR request. Input the request type and identifiers and click submit.
  2. Tasks - In each subtab, you're able to click into a request to view which table or integration is currently being processed, when each succeeds, and which, if any, failed.

Regulatory DSR requirements

United States DSRs

FrameworkTime to Reply (days)Extension (days)
CA - CCPA & CPRA2525
VA - CDPA4545
CO - CPA4545
UT - UCPA4545
TX - TDPSA4545
CT - CTDPA4545
OR - OCPA4545
IA - ICDPA9045

International DSRs

FrameworkTime to Reply (days)Extension (days)
EU - GDPR2861
BR - LGPD"Immediately"15
UK - GDPR & DPA~2861
JP - APPI"Without delay"
AU - Cth & APPs~30