GuidesAPI ReferenceSign-UpRecipes
Guides

Objection Management

Suggest Edits

Objection management is a critical aspect of data protection, particularly when processing personal data under the lawful basis of Legitimate Interest. DataGuard CPM provides robust tools to manage objections raised by Citizens, ensuring that their rights are respected and that your organisation remains compliant with relevant regulations.

Automatic vs. Manual Objection Review

Automatic Objection Handling

By default, DataGuard CPM automatically upholds all objections. This means that when a Citizen objects to their data being processed under Legitimate Interest, the system will automatically change the Permission state to "Objection Upheld." This approach requires no manual input and ensures that objections are handled promptly and in compliance with legal requirements.

Manual Objection Review

If your organisation prefers to manually review objections, this can be configured through the API. When manual review is enabled, objections will no longer be automatically upheld. Instead, they will be flagged for review, allowing your team to decide whether to uphold or reject each objection. To enable manual objection review, refer to the Objection Configurations API.

Manual Objection Review in the CPM UI

If you opt for manual objection management, you can handle objections directly within the CPM UI:

Accessing the Objection Management Screen

  • Navigation: To manage objections, go to the 'Objection Management' screen, which is nested under "Documents" in the Admin side of the CPM UI. This interface provides a comprehensive view of all pending objections, including key details about each case.

Reviewing Objections

  • Managing Single and Multiple Objections: Objections can be managed individually or as a group. To address a single objection, simply click on it to view the details. For batch processing, tick each objection you wish to handle with the same response. The UI will then display an overview of your selections, helping you to make informed decisions.

  • Transaction Information: Each objection will display information about the associated transaction, including a link to the specific Citizen involved. This provides the necessary context for making a decision on the objection.

  • Overdue Objections: Objections that are overdue for review will be highlighted in red, making it easy to prioritise urgent cases.

Upholding or Rejecting Objections

  • Uphold or Reject: After reviewing an objection, you can either uphold it or reject it by clicking the corresponding button. Upholding an objection will set the Permission state to "Objection Upheld," confirming that the Citizen's data will no longer be processed under Legitimate Interest. Rejecting the objection will revert the Permission state back to "Claimed" state.

  • Confirmation: Before finalising your decision, you will be asked to confirm your action, with the option to cancel if needed. Once confirmed, the new Permission states will be written back to the Citizen's record, ensuring that the system accurately reflects the current status.

API-Based Objection Management

For organisations that prefer to manually manage objections programmatically, the Objection Management API offers full control over the process. This API allows you to handle objections in bulk, automate responses, and integrate objection management into your existing workflows.

Conclusion

Objection management is a vital component of respecting Citizens' rights under data protection laws. Whether handled automatically or through manual review, DataGuard CPM provides the tools you need to ensure that objections are processed efficiently and in compliance with legal standards. By leveraging the flexibility of both the CPM UI and API, your organisation can tailor the objection management process to best fit your operational needs.

Updated about 2 months ago