Chapter 9. Data Rights Governance Service

With the data now wrangled, we are ready to build insights. There is one additional step, as a wide majority of data used for extracting insights is gathered directly or indirectly from customer interactions. If the datasets include customer details, especially PII such as name, address, social security number, and so on, enterprises need to ensure that the use of the data is in compliance with the user’s data preferences. There is a growing number of data rights regulations like GDPR, CCPA, Brazilian General Data Protection Act, India Personal Data Protection Bill, and several others, as shown in Figure 9-1. These laws require the customer data to be collected, used, and deleted based on their preferences. There are different aspects to data rights, namely:

Collection of data rights

The right to be informed about the collection of personal data and the categories of information collected

Use of data rights

The right to restrict processing (i.e., how the data is used); the right to opt out of the sale of personal information; the identities of third parties to which information is sold

Deletion of data rights

The right to erasure of personal data shared with the application as well as data shared with any third party

Access to data rights

The right to access the customer’s personal data; the right to rectification if data is inaccurate or incomplete; the right to data portability, which allows individuals to obtain and reuse personal ...