How To: Test a "Delete Your Data" Request

Step-by-step guide for QA'ing your connected integrations with Ethyca

Once your integrations have been added to the Ethyca Control Panel and Atlas has been deployed, you can use this guide for a walkthrough of the end to end testing and validation process.

Prerequisites

  1. You must have a user account with both UAT and production access to the Ethyca Control Panel
  2. Access to your Ethyca privacy center at https://<yourcompany>.ethyca.com
  3. A handful of test users created with an accessible email address in each database and 3rd party SaaS integration system
  4. You must have NOT run an Erasure Request yet for the test users' email addresses
  5. We highly recommend having run an Access Request for these test users prior to starting the erasure test.

End to end testing for Erasure Requests

Pro tip: We do not recommend testing "Delete Your Data" until you know your Subject Access Requests (SAR) are working as expected - otherwise you will have to re-create each test user across your databases and 3rd party systems.

Step 1: Go to your Ethyca Privacy Center at https://<yourcompany>.ethyca.com and click "Delete Your Data"

28802880

Step 2: Complete the 2FA challenge using an accessible email address for a test user

You will want to make sure you have access to the email address in which you submitted the request, so that you can complete the MFA process and receive email confirmation that your request is in process.

28802880

Once your identity has been verified as the test user, the details of the data subject request are sent to your Ethyca Control Panel on the backend. You will automatically receive an email confirming that your company has received their request, that your team is processing it, and you will be updated with a follow up email as soon as the request has been completed.

Step 3: Use your UAT credentials and log into your Ethyca Control Panel at https://cp.ethyca.com

Step 4: Click "Subject Request" on the left navigation bar. Your pending "Right to Forget" request should be visible in the "For Review" column.

30263026

Step 5: Click "Approve" to approve the request. You will want to make sure you are seeing the data erased from all known systems.

Step 6: Once Ethyca has processed the request, you will automatically receive a confirmation email. As soon as the request has been completed, you will receive an email verifying that the data has been deleted. If no records are found, you will instead receive an automated email confirming there is no data associated with the account details provided.

28802880

DSR Customization Pro tip: During the testing phase, we recommend adjusting the configurations of your DSR Customization the Control Panel to make sure all data is being erased. This may include working with the data operations lead to add additional context around the impact of the erasure.

600600

Selecting the "User Can Erase" checkbox will indicate a field of data can be deleted.

Step 7: Log into each of the 3rd party SaaS integrations to confirm that the user was in fact deleted per your deletion preferences set in the DSR Customization tab Additionally, log into the databases connected to Atlas and attempt to search for your user by email address, user ID or other identifier to ensure that the data has been deleted from your databases.

Support

Throughout the process, we are available to help with QA and validation. Please contact [email protected] or your dedicated Customer Success Manager if you require any technical assistance.