Data Management Portal Guide

For Data Controllers and Privacy Teams

Product Information and Onboarding Guide

At Revoke we care about helping people keep their data secure wherever they chose to store it. Often the whereabouts of data only becomes a real issue for people when their data has been misused or is subject to a data breach and causes distress or financial loss.  

Revoke gives users a platform to manage the process of keeping their data safe and secure with those they chose to share it with.

This guide aims to give friendly support, advice, and tips to Privacy leads and their teams on how to use the Revoke Data Management Portal also referred to as the DM Portal Guide. The Portal has been designed to help Privacy Teams manage DSARs received from Revoke users.

We appreciate that depending on the location, size and legislation governing the Privacy function of a business, job titles in Data Protection/Privacy Teams vary. To harmonise the various job titles which include “Data Protection Officer” and “Chief Privacy Officer” we refer to these individuals throughout the guide as Privacy Leads or Teams.

Walso acknowledge that for some organisations a formal “DPO” or “CPO” does not need to be appointed. While these individuals can coordinate the activities of the data protection function within an organisation, it is the ultimate responsibility of the data controller to ensure that an organisation operates in compliance with the applicable data protection law.

Table of Contents

  1. Introduction
    1. DM Portal Objectives
    2. DM Portal Benefits
    3. Terms & Conditions
  2. Data Subject Access Requests (DSARs)
    1. Request Header
    2. Verified Information
    3. Email Response Links
    4. Manage Request
    5. Access Portal
  3. What is the Data Management Portal?
    1. How Do We Share Information?
    2. Standard Information
    3. Sensitive Information
  4. Which Plan Best Suits Your Organisation?
    1. Essential Benefits
    2. Plus Benefits
  5. Key Generation
    1. Why This Process Takes Up To 24 Hours
    2. Encryption Process Flow Explained
  6. Onboarding
  7. Essential Plan Features
    1. Mark As Complete
    2. Reject Request
    3. Request More Info
    4. Verified Information
    5. Photo ID
    6. Deadline
    7. Upgrade to Plus
  8. Plus Plan Features
    1. Registration
    2. Plus Portal
    3. Dashboard
    4. Requests
    5. Email Address and Phone Number
    6. Photo ID
    7. Upload Data and Complete
    8. Reject Request
    9. Request More Info
    10. My Company
    11. Search Filter
    12. Corner Menu
  9. Troubleshooting
    1. Access Denied
    2. Outdated Browser Version
    3. Invalid Link
    4. Registration Failed

1      Introduction

Firstly, thank you for engaging with Revoke. We designed and developed datmanagement platform to help dramatically reduce the time and effort it can take for data controllers and their Privacy Teams to fulfil data subject access requests (DSARs) 

Our software utilises the highest security standards in communication technology and data storage to protect Privacy Leadstheir Teamstheir organisation and the data subject’s personal data. When data is imported into and stored in the Revoke platform organisations can be confident that they are complying with regulatory requirements in the provision of a secure system to allow an individual to access and store their personal data.

1.1      DM Portal Objectives

  • Secure and efficient DSAR process for data controllers and their Privacy Teams
  • Expertly verified user ID
  • Automatic record and evidence of DSAR fulfilment
  • Proactive management of DSARs
  • Easy task coordination for Privacy Teams
  • API available to fast-track matching of DSARs details to a company’s own database 

1.2      DM Portal Benefits

  • Efficient broker system between parties with military-grade encryption so only the data subject who requested their data will have access
  • An easy-to-navigate and intuitive platform
  • Straight forward response options embedded in DSARs allowing data controllers or their Privacy Teams to effectively manage requests
  • Additional features allow Privacy Teams to upload extra data or request more information to help verify a data subject

1.3      Terms and Conditions 

Revoke does not have any Terms & Conditions for free services provided to organisations. We offer access to our Service, including the DM Portal, for the purpose of facilitating responses to DSARs. 

The DM Portal allows Privacy Teams to transfer the required information to the data subject in an encrypted and secure manner. Revoke can neither view nor modify any data transferred by an organisation to the data subject via our Service. 

Any personal data processed by Revoke is handled in accordance with our Privacy Policy and Security Policy. 

If after reading this guide there are any questions or comments about the Service, please send feedback to help@revoke.com or contact our business helplines 

UK – 0208 158 8902 *

US – (279) 3560049 *

* Both BST – Monday to Friday, 09:00 to 17:00 (Excluding the UK and Channel Island bank holidays)

2      Data Subject Access Requests (DSARs)

Prior to sending any requests Revoke users must first verify their email address and digitally sign an eIDAS compatible “Letter of Authorisationwhich evidences a contractual agreement between Revoke and the user. Some DSARs require more information about the data subject in which case Revoke will prompt the user to also verify their phone number and nationally issued photo ID using biometric technology before these requests are sent. 

The “Letter of Authorisation” which Privacy Leads will see as a PDF document at the bottom of the DSAR email received includes the user’s digital signature and a list of the permissions they have granted for Revoke to act on their behalf.

Revoke DSARs will come from the email address: requests@dataprotection.revoke.com with request to either “Stop Marketing”, “Get Data” or “Delete Data”.   Each request contains a unique identifier and is prefixed by a 3-letter code; for ease of reference these are: 

 

TYPE OF REQUEST  REFERENCE PREFIX 
Get Data Request  GET – 
Stop Marketing Request*  STO – 
Deletion Request  DEL – 

*Under CCPA legislation, users can submit a “Stop Sharing” request instead of “Stop Marketing”. 

 

2.1      Request Header 

All requests will provide Privacy teams with the data subject’s full name and the type of DSAR received:

2.2      Verified Information 

Privacy Teams can access additional verified information by clicking on the link contained in the DSAR. The information included is classified as either “Standard” or “Sensitive” data; this classification is explained in more detail in section 3.1 How Do We Share Information? 

  • Primary email address (standard)
  • All email addresses (standard)
  • Primary phone number (standard)
  • All phone numbers (standard)
  • Current address (sensitive)
  • All addresses (sensitive)
  • IP address (standard)
  • Identity document and selfie (sensitive)
  • Authority to act letter (standard)

2.3      Email Response Links 

All requests include two options: Manage Request and Access Portal.

2.4      Manage Request 

Clicking on “Manage Request” will allow Privacy Teams to fulfill the DSAR without having to access the Portal and take them to the following screen:

  1. If no match for the Data Subject is found Privacy Teams can reject the DSAR and provide this reason
  2. If a match is found for a Data Subject the DSAR can be fulfilled and any additional notes can be added and uploaded
  3. View a Data Subject’s email address and phone number by simply click on the button “View” or “View All” after which a pop-up window will appear asking Privacy Teamto type in a One Time Code which will be sent to the designated Privacy Team email address
  4. If sensitive data is required to fulfill a request (such as Photo ID) it will be necessary to log in to the Revoke DM Portal; a process that is explained in more detail further on in this guide.
  5. If your organisation already has a straightforward online process that allows your customers to manage the personal data you hold about them, you can ask Revoke to activate the auto-responder functionality. This feature generates an automated response to Revoke customers’ GDPR/CCPA DSARs and includes a link to your company’s privacy management request form. Please note that Revoke’s autoresponder feature will not work without links; adding free text or an email address will not work. If you do not provide a link for all 3 request options, (Get Data, Stop Marketing and Delete Data) the autoresponder will only apply to those populated with your link. All other DSARs will be managed from Revoke’s Data Management Portal. Once you have completed the ‘auto-responder’ request form, Revoke will review the information you have provided and check that the link provided works. If everything is in order the functionality will be activated otherwise, we will contact you in the event that additional information is required, or some modification is necessary.

 

Once the Privacy Team has received and entered the One Time Code, access will be given to view the Data Subject’s verified information.

2.5      Access Portal 

Selecting “Access Portal” will open a window prompting the designated Privacy Team member to “create a unique password” which will allow them to access the Portal once a unique key has been generated to encrypt communications (this can take up to 24 hours but typically takes less than two hours if done during Revoke’s business hours).

If both a password and unique key has already been generated, the Privacy Team can access the Portal using their password.

By accessing the Portal Privacy Teams can get a complete view of the total requests they’ve received and respond to them one after the other without having to enter a One Time Code each time.

On top of seeing the Data Subject’s verified email address(es) and phone number(s) (which you can also see via the “Manage Request” button), the following options are uniquely available via the Portal:

  • Request to view the Data Subject’s photo ID (to be approved by the Data Subject)
  • Request more information from the Data Subject, eg account number

The Portal sign-up process varies depending on the plan chosen. The two plans currently available to organisations are Essential and Plus which is explained in section Which Plan Best Suits Your Organisation?

3      What is the Data Management Portal?

Once Privacy team members have created a “Unique Password”, they will be asked to choose between the two current plans available: “Essential” and “Plus”. Both are free for organisations. Each plan connects to the DM portal and allows Privacy teams to safely and securely action requests, (“Essential” offers limited features while “Plus” affords a greater range of functionality). The main difference between the two plans is that while “Essential” offers basic tools to deal with one request at a time, “Plus” gathers all the incoming requests into a dashboard table showing all key information and the status of each request. This is a practical feature for companies who receive a large number of Subject Access Requests. “Plus” also displays all processing statistics and allows other authorised members of a privacy team to use the portal.

3.1      How Do We Share Information? 

Sensitive and special category data is only held in Revoke’s DM portal; this data is never sent by email as email is simply not a secure way to transfer data. Sending data via email would mean that the data subject’s information could be compromised placing both the user and the company at risk. Using the DM portal keeps the information secure and reduces the volume of personal information being sent via email and stored on various servers and other computer devices. Revoke categorises the information shared by the data subject into two distinct levels of sensitivity. 

3.2      Standard

Includes personal information the data subject would be willing to share with a company via email whenever a request is made. This information includes email addresses and phone numbers. When the data subject is sharing such information, Revoke requires a one-time code to verify that the Privacy team member has access to the mailbox. Once this is confirmed, the data is made available.

3.3      Sensitive

Includes personal information which the data subject is sharing with a specific company. This includes legal documents and other information requested via the “Request More Info” feature. In this instance, the data subject would have consented for his or her personal information to be shared with the specified company. To view Sensitive data requires the Privacy team member to create a unique password.

4      Which Plan Best Suits Your Organisation?

4.1      Essential Benefits

  • This will allow your business to manage one individual request at a time
  • This is a practical choice if your organisation only receives a small number of DSARs and has a single member for its a Privacy Team

4.2      Plus Benefits

  • This plan allows organisations to manage multiple SARs
  • Can allow for multiple member access with individual log in
  • Includes a dashboard that shows DSAR metrics and pending requests

5      Key Generation

Revoke needs to generate a Key before giving data controllers or their Privacy Teams access to the Portal. This process can take up to 24 hours to be completed and is a fundamental step as it backs up the data in an offline vault affording the highest level of security and privacy. This process will only take place once a Privacy Team lead has created a unique password.

5.1      Why This Process Takes Up To 24 Hours

Any sensitive personal data the subject is sharing with a company is stored securely in a way that only the specified company can access. The data is encrypted with randomly generated cryptographic keys. Each company’s set of keys includes a public and a private key; the public key is used to encrypt data, (ensuring the data is stored securely) and the private key is used to decrypt data (which provides secure access to the data). For additional security, the company’s private key is generated and stored on a device which is not connected to the internet, (cold storage computer) to mitigate any risk of data being compromised. As a manual process this can take up to 24 hours depending on when the request was made, but every effort is made to ensure keys are generated as quickly as possible.

As a data controller or company Privacy team member needs access to the data subject’s personal information, the company’s private key is needed to access the data. During the onboarding process, the company’s private key needs to be made accessible to the Privacy team member. This process involves generating a separate keypair for the company and using the generated keys to encrypt the company’s private key, giving access to the Privacy team only. This process is completed using cold storage device. The securely encrypted company private key is then made available to the Privacy team.

5.2   Encryption Process Flow Explained

  • Revoke generates a keypair (public/private) for a company in an offline cold storage computer 
  • Company public key is exported and imported into the Revoke system 
  • Data Subject saves sensitive data which is encrypted with the company’s public key
  • Privacy team member begins the onboarding process to be able to view the data subject’s information– this involves generating a keypair (public/private) key for each member of the privacy team
  • The public key is sent to Revoke
  • Revoke exports the data controller’s public key from the Revoke system and imports it into the offline cold storage computer
  • The offline cold storage computer encrypts the company’s private key (for the data controller’s relevant company) with the company’s public key
  • Revoke exports this updated encrypted company private key from the offline cold storage computer and imports it into the Revoke system
  • The data controller or Privacy team member can now download the updated encrypted company private key and use this key on his/her device to decrypt the data subject’s information 

In summary, 24 hours are needed due to the exporting of the company’s private key (encrypted with the data controller public key created on signup) as this is a manual process and cannot be automated as the keys are stored in an offline device with no external connection.

6      Onboarding

Once the Key has been generated, your Privacy Lead will receive an email confirming sign-up is complete. 

Insert the unique password previously created.

A One Time Code email will then be sent to the primary Privacy Team email address. This is a two-factor authentication (2FA) process essential to guaranteeing that the Privacy Team member about to access the Portal is authorised to act on behalf of the organisation.

Insert the One Time Code found in the email to gain access to the Portal. The Privacy Lead will then be able to action DSARs sent to the company.

7      Essential Plan Features

Please note that this plan only allows businesses to manage one request at a time.

7.1      Mark as Complete

By clicking on this button, Privacy Teams can complete and close requests. This option also allows Privacy Teams to add text which will be directly delivered to the Data Subject and tick the checkbox if you wish to receive a receipt confirming that the DSAR has been completed.

7.2      Reject Request

If the data provided by the data subject does not match any of your records simply reject the DSAR providing the reason and tick the checkbox if you wish to receive a receipt confirming that the DSAR has been completed.

7.3      Request More Info

When the information provided by the user is not sufficient for your organisation to find a match in your records additional information from the user can be requested by clicking on this button. As in the previous sections, a receipt for this action can be selected.

7.4      Verified Information

Depending on the type of organisation, the DSAR can include the Data Subject’s email address(es) and/or phone number(s). This information is hidden by default, but Privacy Teams can view this data by simply clicking “reveal”.

7.5      Photo ID

In order to send DSARs to some organisations such as Banks and Health Institutions, Data Subjects must provide proof of identity with government-issued Photo ID (eg passport, driving licence or national identity card). These images are stored blurred by default and if an organisation requires these documents, a request for access can be sent to the Data Subject by clicking on the “REQUEST CONSENT” button.


7.6      Deadline

This section shows Privacy Teams the deadline to respond to the DSAR according to the legislation the organisation must comply with. Under Article 12 of the GDPR for instance, a data controller must respond to a DSAR “without undue delay and in any event within one month of receipt of the request.” This can be extended by a further two months if the request is complex, or a number of requests have been made by the Data Subject. As for CCPA, organisations must confirm receipt of a request within 10 business days and respond to the request within 45 calendar days from the time the request was received.

7.7      Upgrade to Plus

The Essential Portal only allows an organisation to manage one request at a time so if your organisation receives a high volume of DSARs an upgrade to Plus is recommended. Upgrading to Plus is free.

8      Plus Plan Features

8.1      Registration

Whether your business has chosen this plan from the DSAR email or opted to upgrade from Essential, the Privacy Team Lead will be asked to register and to provide two email addresses. One would need to be the official company DPO or CPO email address and the other would be the Privacy Team Lead’s individual work email address. Once you have finished the registration process, the members of your Privacy Team would be able to create their own accounts to access the Portal. For these accounts to become active you must verify and authorise their creation first.

Confirmation will be sent to the Privacy Team member’s individual work email address with a One Time Code as well as a link to complete the registration process. The One Time Code verifies the individual email address and is needed to allow Privacy Team members to create unique password.

Revoke will then send an email to the organisation’s official DPO or CPO email so they may confirm that the person with the individual work email address has the authority to respond to requests on their behalf.

After clicking “here” the following screen will be displayed asking to confirm access:

Clicking “CONFIRM” will allow the Privacy Team member access to the Portal (providing key generation is complete).

If this is the first time attempting to access the Portal a unique key will have to be generated with which to securely encrypt communications between the Privacy Team and the Data Subjects.

This process can take up to 24 hours but only needs to be done once. All subsequent Privacy Team members who create a personal log-in to the Portal will be able to access the Portal after confirmation is granted.

Once key generation has been completed Privacy Team members are able to access the Portal and start responding to DSARs.

8.2      Plus Portal

The Plus Portal consists of three main sections. On the left side of the screen there are tabs for “Dashboard”, “Requests” and “My Company as well as a hyperlink to Revoke’s Privacy Policy. The dashboard layout is totally configurable to show whatever information your organisation’s Privacy Team needs. The image below for an example shows the requests. On the right side of the screen is a Search Filter which is particularly helpful when the number of requests increases.

8.3      Dashboard

The dashboard provides helpful statistics including the number of requests that are pending, completed or rejected.

8.4      Requests

This section shows a table of all requests including the basic information for each and the date the DSAR was received. Requests can be actioned from this screen by clicking Action”.  

8.5      Email Address and Phone Number

The information included when responding to a request will either be email address(es), phone number(s), or both. This information is hidden by default but can be seen by simply clicking on the word “reveal”. 

8.6      Photo ID

For Revoke users to send data requests to some organisations such as Banks or Health Institutions, they must provide further proof of identity with additional government issued documentation (for example a Passport, driving licence or National Identity Card).

These images are stored blurred by default in the Portal. If company requires visibility of these documents a request can be sent to the Data Subject by clicking the “REQUEST CONSENT” button. Underneath the Photo ID section, the Data Subject’s email address(es), and phone number(s) will be visible. The number is hidden by default but this information can be viewed by clicking on “reveal”.  

Once the Data Subject’s data has been matched with company records, you will be able to either:

8.7      Upload Data and Complete

A pop-up window will appear where Privacy Team members can either upload a file or leave a link the user will receive via the App to get their data. Inserting additional notes for the Data Subject is optional.

8.8      Reject the Request

To reject a Data Subject’s request we ask that Privacy Teams select a reason so the Data Subject understands why their request was rejected.

8.9      Request More Info

If further information is required for Privacy Teams to fulfil the DSARsimply click on this option and select the type of information required.

8.10      My Company

Company profiles can be completed/updated here.

8.11      Search Filter

If the number of requests increases, the search filter becomes a useful tool to help locate all the information Privacy Teams require.  Searches can be filtered by the request reference, the name of the Data Subject, their email address(es), the status of the request, or the type of request which would be either “Get Data”, “Stop Marketing*” or a “Deletion Request”.

*Stop Sharing under CCPA legislation

8.12      Corner Menu

If the organisation you work for has subsidiaries that share the same DPO or CPO email addressPrivacy Teams can switch accounts to manage these requests 

9      Troubleshooting

9.1      Access Denied

The “Access Denied” message might appear when the security key has been compromised. If this message appears please contact us by email at help@revoke.com

9.2      Outdated Browser Version

This message might appear if there is an incompatibility between Revoke and the browser your organisation uses. Revoke supports the following browsers:

  • Internet Explorer 11+
  • Firefox
  • Chrome
  • Brave
  • Safari

If the company uses one of these browsers, please make sure that it is updated. If there are further issues please contact us by email at help@revoke.com

9.3      Invalid Link

link expires once the DSAR has been completed (or rejected with a valid reason) by the Privacy Team. If this message appears it is because the DSAR has already been completed.

9.4     Registration Failed

If this message appears it will be necessary to register again. Prolonged issues with Registration should be reported to help@revoke.com

We hope that this Guide to our Data Management Portal helps Privacy Teams execute DSARs from Revoke Data Subjects more easily.

If there are any suggestions on ways we may improve the service, please email help@revoke.com

Thank you,

Revoke Support Team

Cyber Essentials certified logo

Cyber Essentials Certified

We take security seriously which is why we’ve been assessed and certified for addressing cybersecurity effectively and mitigating the risk from Internet-based threats.