Perform CCPA and GDPR Right of Access with Acoustic Campaign Automation APIs

Retrieving Personal data for end customers from and Acoustic Campaign database with the gdpraccess REST API

Acoustic Campaign provides APIs for data controllers to fetch contact's data as part of Right of Access processing and submit erasure requests as part of Right to Erasure processing through a batched asynchronous job API. The responses from the asynchronous job are available for download for up to three (3) days after which the CCPA and GDPR job responses are deleted as they can have personal data.

Prerequisites

GDPR Lookup Keys must be specified within Acoustic Campaign. It is recommended to collate the requests so that minimum calls are made to Acoustic Campaign. Doing so will ensure that overall performance is not impacted by your organization.

Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation and California Consumer Privacy Act. Clients are solely responsible for obtaining
the advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations. The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. Acoustic does not provide legal, accounting, or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.

Database GDPR Lookup Key Setup

Within your database, you are able to select up to 5 fields from the
GDPR LookUp Fields screen that you will use for GDPR lookups. To
configure this setup, take these steps:

  1. Click Settings on the Database details screen.

  2. Select up to 5 fields that you want to use as GDPR LookUp Fields by
    clicking the GDPR LookUp Fields tab.

    ![](https://dw1.s81c.com/customer-engagement/wp-content/uploads/sites/106/2018/01/GDPRLookup5fields.jpg)
    
    **Note:** Lookup keys are a feature of Flexible Key databases and Email
    

    is used for the GDPR Lookup on Restricted databases.

Step-by-step

1. Job Submission

API Request
Use the following API requests to call the GDPR Right of Access API.
POST /databases/{databaseId}/gdpr_access

  1. A Database Id must be provided in the path to identify the Database which the data subject will be located in. If the contact may exist in more than one database, a unique call must be made for each Database Id.

  2. The body of the POST must contain a CSV with one or more column names and the identifiers to be looked up for each column name. The content-type will be ‘text/csv’.
    See the example below:

2. GDPR Right Of Access Job Submission Against a Marketing Database

Request Method
POST

Request URI
/databases/{databaseId}/gdpr_access

Sample URL
https://api-campaign-us-5.goacoustic.com/rest/databases/10091/gdpr\_access

Request Headers

  • Authorization: Bearer WCA_ACCESS_TOKEN
  • Content-Type: text/csv

Request Body – one identifier name-value pair on each line
GDPR Lookup Key Column Name, GDPR Identifier Value

Sample Request Body

Successful Response

  • Status code: 202
  • Response Header includes Location to poll for job status

Sample value
Location:
https://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/32/status

Response Body

{
        “location”:
“https://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/32/status”,

        “id”: 32
 }

3. Status Check

The Acoustic Campaign /gdpr_access API will respond synchronously with a 202 - Accepted along with a response header named location which will have the URI for job status. (e.g. http://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/{jobId}/status)

The GET method for /gdpr_jobs/{jobId} status returns a high level status that indicates whether processing is:

  • SUBMITTED
  • IN_PROGRESS
  • SUCCESS
  • FAILED

When processing completes with a status of SUCCESS, the WCA status API response will also include a response header named ‘location’ having the URL for job results. (e.g. http://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/{jobId}/response)

Note: An audit record of the GDPR request will be stored.

For each identifier that was provided in the source file, a json body will indicate whether the contact was found and processed. If multiple contacts are found for the identifier, each result will be returned
separately.

The response will include the following:

  • An indication (true/false) of whether a contact was found
  • Columns organized as follows:
    • GDPR identifiers
    • Other known identifiers (Lookup Keys that are not marked as GDPR lookup keys)
    • Remaining database columns
  • Consent details for all relevant channels including
    • Channel (Email, SMS, Push)
    • Status (OPTED-IN, OPTED-OUT)
    • Consent Date
    • Qualifier (SMS Program Id or Mobile Push App Key)
  • Emails sent to the contact including:
    • Subject (not personalized)
    • Date/time of send
    • Whether the email was opened
    • Whether any links were clicked
  • Landing pages visited by the contact including:
    • Host
    • Number of visits
    • Date/time of first visit
    • Data/time of last visit
  • Universal Behaviors associated with a contact including:
    • Universal Behavior name
    • Number of behaviors
    • Date/time of first UB
    • Data/time of last UB

Note: Universal Behaviors will include SMS and Mobile Push events that are stored as Universal Behaviors.

4. Get Job Status

Request Method
GET

Request URI
/gdpr_jobs/{jobId}/status

Sample URL
https://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/32/status

Request Headers
Authorization: Bearer AcousticCampaign_ACCESS_TOKEN

Successful Response

  • Status code: 303
  • Response Header includes Location to fetch job result/response

Sample value
Location:
https://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/32/response

{
        “location”: “http://localhost:8081/rest/gdpr\_jobs/32/response”,

        “status”: “SUCCESS”
}

5. Possible values for status: SUBMITTED, IN_PROGRESS, SUCCESS, FAILED

Response Fetch

Request Method
GET

Request URI
/gdpr_jobs/{jobId}/response

Sample URL
https://api-campaign-us-5.goacoustic.com/rest/gdpr\_jobs/32/response

Request Headers
Authorization: Bearer AcousticCampaign_ACCESS_TOKEN

Successful Response

  • Status code: 200

Response Fetch

{
    “databaseId”: 10091,
    “timestamp”: “2018-03-21T20:04:14.963Z”,
    “contacts”: [
        {
            “contactFound”: true,
            “gdprIdentifiers”: [
                {
                    “name”: “EMAIL”,
                    “value”: “[email protected]”
                }
            ],
            “data”: {
                “otherIdentifiers”: [
                    {
                        “name”: “MobileNumber”,
                        “value”: “9500059000”
                    }
                ],
                “attributes”: [
                    {
                        “name”: “PackageName”,
                        “value”: “PLAN299”
                    },
                    {
                        “name”: “CustomerId”,
                        “value”: “1001”
                    }
                ],
                “consents”: [
                    {
                        “qualifier”: “”,
                        “channel”: “EMAIL”,
                        “consentDate”: “2018-02-06T19:48:35.000+00:00”,
                        “status”: “OPTED-IN”
                    },
                    {
                        “qualifier”: “500050”,
                        “channel”: “SMS”,
                        “consentDate”: “2018-02-19T17:29:59.000+00:00”,
                        “status”: “OPTED-IN”
                    }
                ],
                “emails”: [
                    {
                        “latestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “subject”: “Welcome %%CustomerId%%”,
                        “earliestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                        “subject”: “NewsLetter %%MAILING\_NAME%%
%%MAILING\_SEND\_DAY%%”,
                        “earliestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “subject”: “%%MAILING\_NAME%% –
%%MAILING\_SEND\_DATE%%”,
                        “earliestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: true,
                        “clicked”: true
                    }
                ],
                “webVisits”: [
                    {
                        “visitCount”: 2,
                        “host”: “localhost”,
                        “firstVisitDate”:
“2018-03-12T08:23:52.914+00:00”,
                        “lastVisitDate”: “2018-03-12T08:28:26.635+00:00”
                    }
                ]
            }
        },
        {
            “contactFound”: true,
            “gdprIdentifiers”: [
                {
                    “name”: “EMAIL”,
                    “value”: “[email protected]”
                }
            ],
            “data”: {
                “otherIdentifiers”: [],
                “attributes”: [
                    {
                        “name”: “PackageName”,
                        “value”: “PLAN499”
                    },
                    {
                        “name”: “CustomerId”,
                        “value”: “1002”
                    }
                ],
                “consents”: [
                    {
                        “qualifier”: “”,
                        “channel”: “EMAIL”,
                        “consentDate”: “2018-02-06T19:48:46.000+00:00”,
                        “status”: “OPTED-IN”
                    }
                ],
                “emails”: [
                    {
                        “latestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “subject”: “Welcome %%CustomerId%%”,
                        “earliestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                        “subject”: “NewsLetter %%MAILING\_NAME%%
%%MAILING\_SEND\_DAY%%”,
                        “earliestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “subject”: “%%MAILING\_NAME%% –
%%MAILING\_SEND\_DATE%%”,
                        “earliestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    }
                ],
                “webVisits”: [
                    {
                        “visitCount”: 2,
                        “host”: “localhost”,
                        “firstVisitDate”:
“2018-03-12T08:23:52.914+00:00”,
                        “lastVisitDate”: “2018-03-12T08:28:26.635+00:00”
                    }
                ]
            }
        },
        {
            “contactFound”: true,
            “gdprIdentifiers”: [
                {
                    “name”: “EMAIL”,
                    “value”: “[email protected]”
                }
            ],
            “data”: {
                “otherIdentifiers”: [],
                “attributes”: [
                    {
                        “name”: “PackageName”,
                        “value”: “PLAN499”
                    },
                    {
                        “name”: “CustomerId”,
                        “value”: “1999”
                    }
                ],
                “consents”: [
                    {
                        “qualifier”: “”,
                        “channel”: “EMAIL”,
                        “consentDate”: “2018-02-06T19:48:56.000+00:00”,
                        “status”: “OPTED-IN”
                    }
                ],
                “emails”: [
                    {
                        “latestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “subject”: “Welcome %%CustomerId%%”,
                        “earliestSendDate”:
“2018-02-06T20:01:11.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                       “subject”: “NewsLetter %%MAILING\_NAME%%
%%MAILING\_SEND\_DAY%%”,
                        “earliestSendDate”:
“2018-02-06T20:45:48.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    },
                    {
                        “latestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “subject”: “%%MAILING\_NAME%% –
%%MAILING\_SEND\_DATE%%”,
                        “earliestSendDate”:
“2018-03-12T08:09:25.000+00:00”,
                        “fromName”: “Team Agni Admin”,
                        “fromAddress”: “[email protected]”,
                        “opened”: false,
                        “clicked”: false
                    }
                ],
                “universalBehaviors”: [
                    {
                        “lastBehaviorDate”:
“2017-01-10T22:11:55.090+00:00”,
                        “count”: 1,
                        “firstBehaviorDate”:
“2017-01-10T22:11:55.090+00:00”,
                        “Name”: “Twitter – Mentioned”
                    },
                    {
                        “lastBehaviorDate”:
“2018-02-02T05:10:15.100+00:00”,
                        “count”: 4,
                        “firstBehaviorDate”:
“2018-01-01T11:22:44.000+00:00”,
                        “Name”: “Twitter – Shared”
                    }
                ],
                “webVisits”: [
                    {
                        “visitCount”: 2,
                        “host”: “localhost”,
                        “firstVisitDate”:
“2018-03-12T08:23:52.914+00:00”,
                        “lastVisitDate”: “2018-03-12T08:28:26.635+00:00”
                    }
                ]
            }
        },
        {
            “contactFound”: true,
            “gdprIdentifiers”: [
                {
                    “name”: “EMAIL”,
                    “value”: “[email protected]”
                }
            ],
            “data”: {
                “otherIdentifiers”: [],
                “attributes”: [
                    {
                        “name”: “PackageName”,
                        “value”: “PLAN99”
                    },
                    {
                        “name”: “CustomerId”,
                        “value”: “1100”
                    }
                ],
                “consents”: [
                    {
                        “qualifier”: “”,
                        “channel”: “EMAIL”,
                        “consentDate”: “2018-02-06T19:49:02.000+00:00”,
                        “status”: “OPTED-IN”
                    }
                ],
                “universalBehaviors”: [
                   {
                        “lastBehaviorDate”:
“2017-11-30T03:40:55.010+00:00”,
                        “count”: 2,
                        “firstBehaviorDate”:
“2017-11-04T09:00:30.010+00:00”,
                        “Name”: “Twitter – Favorited”
                    },
                    {
                        “lastBehaviorDate”:
“2017-12-30T01:00:30.000+00:00”,
                        “count”: 2,
                        “firstBehaviorDate”:
“2017-11-01T01:00:30.000+00:00”,
                        “Name”: “Twitter – Tweeted”
                    }
                ],
                “webVisits”: [
                    {
                        “visitCount”: 2,
                        “host”: “localhost”,
                        “firstVisitDate”:
“2018-03-12T08:23:52.914+00:00”,
                        “lastVisitDate”: “2018-03-12T08:28:26.635+00:00”
                    }
                ]
            }
        },
        {
            “contactFound”: false,
            “gdprIdentifiers”: [
                {
                    “name”: “EMAIL”,
                    “value”: “[email protected]”
                }
            ]
        }
    ]
}

Did this page help you?