How to handle data privacy requests in Zoho Backstage

Data Privacy Requests

Data privacy and data protection are important concerns worldwide. With Backstage, you can give your customers more control over how their data is used. Attendees can request for a copy of all their data that is in Backstage or ask for their data to be deleted. They can do this right from the event microsite. Irrespective of which event website data access or data deletion request is raised from, all the data from every event in the portal that the attendee has taken part in will be made accessible or removed, respectively.

Set up data privacy 

Allow users to have control over their data and email preferences by enabling the respective settings in Backstage.


 
  1. Go to Portal Settings > Data Privacy, from the Portal page. 
  2. Click on the Settings tab. The permissions with respect to data privacy will be displayed.
  3. Enable / Disable options using the associated toggle buttons.

Respond to data privacy requests

Any event participant or prospect who has an account in the event website can raise a request to access or delete data from the event website.  When a data access request is approved, a downloadable copy of the requester's data will be sent to their registered email address. Once a data deletion request is raised, you must manually review and approve it. After approval, the user’s data will first be anonymized in all events they were part of in the portal. Once this is done, their data will be permanently deleted from Backstage. A user can also revoke any data delete request they have placed anytime before the user's data is completely removed from Backstage.

A data access request can also be raised from the portal settings in Zoho Backstage. You can do this when you want to initiate the process on behalf of an event participant or a website user. Once the request is raised and approved, a downloadable copy of the person's data will be sent to their registered email address.

To approve a request



  1. Go to Settings > Data Privacy, from the Portal page. 
  2. Click the Requests tab. The data requests raised by event participants will be displayed.
    Note: You can click the Refresh link in the top of the tab to check for new requests
  3. Click the Approve button that is associated with a data request in the Action section. The Approve Request dialogue box will appear.
  4. Click Approve.

To deny a request



  1. Go to Settings > Data Privacy, from the Portal page. 
  2. Click on the Requests tab. The data requests raised by event participants will be displayed. 

    1. Note: You can click the Refresh link in the top of the tab to check for new requests
  3. Click the dropdown associated with a data request in the Active section and click the Cancel option. The Deny request to access data or Deny request to delete data panel will display depending on the request you want to deny.
  4. Enter a reason to be sent to the requester.
  5. Click the Done button. The request will be moved to the History section.

To revoke an approval



  1. Go to Settings > Data Privacy, from the Portal page. 
  2. Click on the Requests tab. The data requests raised by event participants will be displayed.
  3. Click the Cancel button that is associated with an approved data request.

To raise a request



  1. Go to Settings > Data Privacy, from the Portal page. 
  2. Click the Requests tab. The data requests raised by event participants will be displayed.
  3. Click the Add Request button on the top-right corner.
  4. Click the Access Data radio button.
  5. Enter the requester's registered email address.
  6. Click Add button to raise the request.
 
Notes
Note:
  1. When you deny data access and data delete requests, the reason you provide for denying the request will be sent to the requester's registered email address.
  2. Only microsite users or event participants can raise a request for data access or data deletion. If a user had previously been on the event member team for any event from your portal, they will not be able to raise a request for their data.