Responding to Individual Requests for Access, Correction, and Deletion of Data Under the GDPR

Knowledge Center > Zuora Central > Responding to Individual Requests for Access, Correction, and Deletion of Data Under the GDPR

Responding to Individual Requests for Access, Correction, and Deletion of Data Under the GDPR

Under the General Data Protection Regulation (GDPR), an EU resident may request that you provide access to, download, correct, or delete personal data processed by Zuora.

Zuora provides self-service functionality that enables you to:

  • Identify the personal data of your subscribers
  • Provide a copy of the data
  • Correct the data
  • Delete or anonymize the data

If you have technical questions about this article, submit a request at Zuora Global Support.

Identify and Download Personal Data

These actions are called "access" and "port" in the GDPR.

Personal data of subscribers is stored primarily in Customer Accounts and Contacts. You can identify and download this personal data by exporting data from the Account data source and the Contact data source. See Generate a Data Source Export for more information.

Depending on the configuration of your Zuora tenant, personal data of subscribers may also be stored in custom fields of other business objects. To identify the custom fields that may contain personal data, review the labels and descriptions of the custom fields that are defined in your tenant. See View Custom Fields for more information.

After identifying the custom fields that may contain personal data, you can download the personal data by exporting data from the relevant data sources.

Edit and Correct Personal Data

These actions are called "rectify" in the GDPR.

You can use the Zuora user interface to edit and correct personal data related to individual subscribers. See Manage Customer Accounts for more information.

You can use the REST API to edit and correct personal data on a batch basis. See the Zuora API Reference for information about the available REST API operations, including:

Delete or Anonymize Personal Data

These actions are called "be forgotten" in the GDPR.

Zuora makes available different mechanisms to perform deletion. You can use the following steps to permanently anonymize certain personal data related to an individual. Permanently anonymizing data is sometimes referred to as "scrubbing" the data.

However, Zuora is not advising that any or all of the steps below are required for deletion under the GDPR. You choose whether to export any data you want to retain or archive for business purposes and which methods you want to deploy for deletion. If you have questions about what data you need to delete when you receive a request from an individual subscriber, you should contact your legal counsel for guidance.

Once deleted or anonymized, the data cannot be recovered. If you change your mind about the deletion, Zuora is not responsible for retrieving or restoring data which you have deleted or anonymized.

After you delete or anonymize personal data, you will no longer have access to the personal data. In addition, functionality that relies on anonymized fields may no longer operate.

Procedure

  1. Anonymize the following Account fields:

    • Account Name
    • Account Number
    • CRM Account ID
    • PO Number
    • Tax Exempt Certificate ID
    • VAT ID
    • Any custom fields that contain personal data

    Certain fields (for example, CRM Account ID) may be used for the integration with other systems. Anonymizing these fields may impact the integration. If you want other systems to receive the anonymized data, do not anonymize these fields.

    See "Edit and Correct Personal Data" (above) for how to change the values of these fields.

  2. Anonymize the following Contact fields:

    • First Name
    • Last Name
    • Personal Email
    • Address fields, including Address 1, Address 2, and so on
    • Phone fields, including Home Phone, Mobile Phone, and so on

    See "Edit and Correct Personal Data" (above) for how to change the values of these fields.

  3. Use the REST API operation Scrub payment method to anonymize payment methods associated with the individual. See Scrub Payment Methods for more information.

  4. Remove Billing Documents:

    1. After you have anonymized Account and Contact data, regenerate all Invoices, Credit Memos, and Debit Memos.

    2. Use the REST API operation Create job to hard delete billing document files to start the deletion of Billing Documents for specific Accounts. You can use the REST API operation Get job of hard deleting billing document files to check the status of the deletion.

  5. Anonymize Payments by changing the Reference ID field for each transaction.

    You can use the following REST API operations:

    Currently, it is not possible to change the Reference ID field for Refunds.

  6. Remove email and callout notification history.

    If you would like to perform this step, submit a request at Zuora Global Support for further information.

  7. Use the REST API operation Delete to remove Export objects. Export objects correspond to data source exports.

    This step is optional because each exported file is only available for 7 days.

If you need to delete any other objects, you can use the REST API operation Delete.

Last modified

Tags

Classifications

(not set)