Submit Data Subject Privacy Requests

GDPR

Consumer data protection is regulated in many places around the world. A notable example is the European Union's General Data Protection Regulation (GDPR). Because GDPR is a template for many other regulations, CXone uses its requirements as the template for privacy features. These regulations require companies that collect personal information about consumers to provide certain rights for those consumers.

Because CXone stores and processes this type of information, you might need to respond to privacy requests from your customers, including erasure. This page guides you through the process of submitting erasure requests to NICE CXone. If you have other types of requests, contact your CXone Account Representative.

Data erasure requests must include a corresponding data subjectClosed Access to India Integrated Softphone is not available to all customers. For agents to connect through India, you must have a dedicated connection within the India border. Agents will not have the India Custom URL option unless you satisfy this country requirement. identifier. This is information that identifies the data subject, such as an email address. CXone supports both email addresses and telephone numbers for erasure requests. CXone also supports various methods for submitting requests. The methods described on this page are manual methods. You can also create an integration where your back-end systems submit the requests automatically. See the DEVone help for more information.

Two main CXone systems manage consumer information. To ensure complete erasure, you must submit requests separately to both systems.

CXone Platform Erasure Process

You can submit erasure requests in the CXone platform. These requests cover the majority of CXone data, but do not currently include Digital Experience data. See the CXone Digital Experience Erasure Process section of this page for instructions on completing those erasure steps.

Submit Manual Requests

When a customer subject to data privacy regulations requests to have information removed, you must remove it. To do this, submit a request on the Privacy page in Admin. Alternatively, you can submit several requests at once with the bulk upload template. Once a request is submitted, CXone will remove that contact's information. CXone only supports erasure requests on the Privacy page. You can only have 500 active requests at a time. The number of requests displays at the top of the page. It will show the number of successfully processed, failed, and skipped requests.

  1. Click the app selector and select Admin.

  2. Go to Security > Privacy.

  3. Select Phone or Email as the Identifier Type.

  4. Enter the Subject Identifier. If you selected Phone as the Identifier Type, enter your contact's phone number. If you selected Email as the Identifier Type, enter your contact's email address.

  5. Click Submit New. CXone will use this request to identify and delete your contact's information.

Submit Requests in Bulk

When a customer who is subject to data privacy regulations requests to have information removed, you must remove it. To do so, you can submit several requests at once with the bulk upload template. Alternatively, you can submit a request on the Privacy page in Admin. Once a request is submitted, CXone will remove that contact's information. CXone only supports erasure requests on the Privacy page. You can only have 500 active requests at a time. The number of requests displays at the top of the page. It will show the number of successfully processed, failed, and skipped requests.

  1. Click the app selector and select Admin.

  2. Go to Security > Privacy.

  3. Click Bulk Upload.

  4. Click Download Template. A CSV file will download to your device.

  5. Open the CSV file.

  6. In the first row of the file enter the following:

    1. In the Identifier Type column, enter Phone or Email.

    2. In the Subject Identifier column, enter the contact's phone number or email address. If you selected Phone as the Identifier Type, enter your contact's phone number. If you selected Email as the Identifier Type, enter your contact's email address.

  7. Repeat the process for each erasure request, with one request per row. CXone only supports 500 active requests at a time.

  8. Once finished, save the edited file and upload it on the Privacy page. CXone will use this request to identify and delete your contact's information.

CXone Digital Experience Erasure Process

The process for submitting erasure requests for Digital Experience is currently separate from the CXone platform process. You must follow both processes for complete erasure.

Set Up the Erasure Process

To process erasure requests for Digital Experience you need to configure automation jobs that periodically scan messages and delete information as required. To do this efficiently, you need a set of tags.

Complete each of these tasks in the order given.

Create Tags

  1. Click the app selector and select ACD.
  2. Go to DigitalTags.
  3. Click + Add tag.
  4. In the tag creation form:
    1. Enter Privacy Erasure Requested for the Title.  
    2. Select your preferred Color for the tag.
    3. Set Active to Yes.
    4. Click Save.

  5. Click + Add tag again.

  6. In the tag creation form:

    1. Enter Privacy Erasure Completed for the Title.

    2. Select your preferred Color for the tag.

    3. Set Active to Yes.

    4. Click Save.

Create Jobs

  1. Click the app selector and select ACD.
  2. Go to DigitalAutomation Jobs.
  3. Click + Add.
  4. In the job creation form:
    1. Enter Privacy Erase Content for the Name.
    2. In the Action field, select Delete content of a message.
    3. For the Content removed reason, select GDPR.
    4. Click Save.

  5. Click + Add again.

  6. In the job creation form:
    1. Enter Privacy Erase Name for the name Name.
    2. In the Action field, select Delete author's name of a message.
    3. For the Content removed reason, select GDPR.
    4. Click Save.

  7. Click + Add again.

  8. In the job creation form:
    1. Enter Privacy Tag Completed as the Name.
    2. In the Action field, select Add tag to message.
    3. For the Message tag, select Privacy Erasure Completed.
    4. Click Save.

Create Scheduler

The purpose of this scheduler is to locate messages that are flagged for erasure and that have not already been processed.

  1. Click the app selector and select ACD.
  2. Go to DigitalAutomation Schedulers.
  3. Click + Add Scheduler.
  4. In the scheduler creation form:
    1. Enter Privacy Erasure Processor for the Name.
    2. For the Scheduler type, select Repetitive.
    3. For the Interval to execute, enter 0 0 * * *. This will run at midnight every day, but you can select any schedule to fit your needs.
    4. For Data set, select Messages.
    5. Click Save.
  5. On the next page, click + Add condition.
  6. For the Condition type, select Included tags condition. Click Create condition for selected type.
  7. On the row for Privacy Erasure Requested, click Add.
  8. In the breadcrumbs at the top of the page, click Detail "Privacy Erasure Processor".
  9. Click + Add condition.
  10. For the Condition type field, select Excluded tags condition. Click Create condition for selected type.
  11. On the row for Privacy Erasure Completed, click Add.
  12. In the breadcrumbs at the top of the page, click Detail "Privacy Erasure Processor".
  13. Click + Add existing job.
  14. Select Privacy Erase Content from the Select drop-down. Click Add.
  15. Click + Add existing job again.
  16. Select Privacy Erase Name from the Select drop-down. Click Add.
  17. Click + Add existing job again.
  18. Select Privacy Tag Completed from the Select drop-down. Click Add.
  19. In the top right corner of the page, click Activate.

Process Erasure Requests

You must identify all Digital Experience messages that correspond to the data subject of the erasure request. For each interactionClosed The full conversation with an agent through a channel. For example, an interaction can be a voice call, email, chat, or social media conversation. where the data subjectClosed Access to India Integrated Softphone is not available to all customers. For agents to connect through India, you must have a dedicated connection within the India border. Agents will not have the India Custom URL option unless you satisfy this country requirement. appears, you need to add the Privacy Erasure Requested tag to just one message in the interaction. You can find the appropriate messages through any CXone search capability. The most flexible option is to use the CXone Agent interface.

Assuming your request is for a contact with email address elizabeth.bennet@classics.com and that you have a customer card created with that email address, you can do the following:

  1. Click the app selector and select Agent.
  2. In CXone Agent, click the search icon icon: a magnifying glass. in the left navigation.
  3. Click the Customers tab.
  4. In the Search field, enter the identifying information for the user requesting erasure. In this example, elizabeth.bennet@classics.com.
  5. Click the user's entry in the search results.
  6. In the contact details, click Contact History to expand that section.
  7. Click one of the entries to open the interaction.
  8. Above one of the messages from the contact, click the add tag icon icon: tag with a plus sign inside and then click + Add New. From the Message tags drop-down, select Privacy Erasure Requested.
  9. Repeat this process for a message in each necessary interaction.

This example is specific to a particular way of finding messages. You should use all methods to find and tag interactions associated with the data subject.