After a Data Request is received, it goes through two verification steps:
- Email verification
- Company Approval
As soon as the Data Request is created, an email is sent to the user's account. The user must then click on the verification button within the message to pass this verification step. That way you are more certain that the Data Request you received was created by the owner of the email account provided.
You as a company must approve the processing of the Data Request. This can be done manually by clicking on the "Approve" button (really useful when you want your DPO to check the information first) or automatically by integrating your API via webhooks.
You can also reject the Data Request at this step. Once rejected, no further action is needed. You can always come back to this Data Request and check the activity log at any time.
Other verification steps
Our experience shows us that these two verification mechanisms are usually enough to ensure a Data Request should be processed, maily because, in ultimate circumstances, our Webhooks feature provides you with 100% flexibility to make the approval on your side as complex a process as you need.
Having said that, if you feel that there is room for improvement or a built-in verification step could be quite useful, please reach out to us at firstname.lastname@example.org.
Next -> Processing data request.