What do I do when I receive a Data Download request?

##Disclaimer: *We remind you that AdOpt only manages visitors' consents.

The only collection made by AdOpt happens if the visitor enters his contact information (e-mail) via a form in the client's opt-out environment.

So, AdOpt automatically sends it to the client. Then, within 30 (thirty) days, we delete the data from our records, keeping only the anonymous and encrypted CookieID.

In addition, it is important to note that:

Every interaction by Data Subjects generates 2 emails from AdOpt

** 1. AdOpt > AdOpt Client -** in order to proceed to the next steps with the proper legal obligations.

** 2. AdOpt > AdOpt Client's Visitor**, to let them know that the responsible parties have been notified, and serves as a "receipt" ensuring that your request has been processed.

Below we will talk about both emails and their processes, at the time of a Data Download request.

The process of checking and deleting of data is one of the most important topics of a privacy regulation! Because, they materialize the right acquired by the data subjects - thanks to the regulations, to decide what can or cannot be done with their data, and execute their rights as citizens.

With the email you can perform an internal scan, and prepare any information you may have about the visitor to send to him/her. Or, if you have a software that does this management of personal data, the software can be integrated into AdOpt for when there is a request and you already have the report ready, or use it for such a report.

1 - Go to your AdOpt dashboard and see which tags he eventually consented to. 2 - With the consent list and your data mapping, you can already know where the data will be stored/shared (your CRM, email marketing tool, logistics system, etc.). 3 - Prepare an institutional email to somebody@email, with this detailed list of what you eventually have on him: the email and other information you may have in his file within the other tools. 4 - Attach the AdOpt details with the Date/time that the opt-in occurred (look for this info with the cookie ID sent in the email, at the AdOpt's consent log). 5 - Send the Download report to the visitor

*These are only suggestions that may or may not apply to each business model with its singularities. Consult your DPO, or specialist, for a better understanding of the processes.

** In this article, you can also have a better understanding of the detailed process that takes place after the Opt-Out Request.

There are some hypotheses, technical ones: (In this case use the email, to proceed with the opt-out routines).

1. • The visitor has already cleared his browser's AdOpt cookies before making the request. Therefore, there is no way we can execute this query.
2. • The visitor never gave consent, but still requested the download.
3. • The visitor's browser blocks cookies, or some extension used, causing him to navigate "below the radars" through your site. (Ex. Ad Blocker, Ghostery, etc.) Item 1 on this list can be a consequence of this point as well.
4. • The visitor's browser has an automatic cookie cleaning flow, every X/Y months.
5. • There has been some loss of system data, between the browser and AdOpt. (Extremely rare)

Visitor side: Automatic email response for Data Download request

Client side: Automatic email for Data Download request