The DSAR workflow includes three stages i.e., request intake stage, workflow management and the response generation process. We can broadly categorize the users, based on the above three mentioned stages that includes:
End User (Data Subject) – The End User is a potential customer whose confidential information is stored in an organization’s repository. The user will initiate the process by requesting the information through the authenticated company’s portal or via email. Upon the approval from Privacy DPO, the End User will either receive a rejection communication or approved request in the form of a report or erasure of data.
Privacy Admin – The Privacy Admin sets up the entire system for processing of the request, initiated by the end user. Here, the role of the Privacy Admin is to define the Identifiers, Groups, Data Subject, set up of Strong and Mandatory flags, etc.
Privacy DPO - The role of Privacy DPO is limited to view the Data Subject information. If the request raised by the End User is valid, then it is approved by DPO else it is rejected.