Privacy teams can tailor the external-facing Personal Data Rights (PDR) form per jurisdiction and data subject type. This customization allows them to control location specific content, authorized agent submission, and the available request types.

Privacy laws give data subjects, such as customers and ex-employees, specific rights over their personal data that an organization collects. These can include right to access, correct, delete, or opt out of certain uses. The local laws determine which privacy rights data subjects can exercise, who is allowed to submit a request on their behalf, what disclosures must appear when a request is submitted, and the information the organization can collect at intake to process the request.

Without a configurable layer, organizations either present the same set of rights to every requester regardless of their location. This can mislead requesters about what's actually available to them under local law, or maintain several disconnected forms that are hard to keep current.

The external-facing PDR form gives data subjects a single public channel to submit requests. The configurable form enables privacy teams to adapt that channel, its content, available request types, authorized agent option, and other settings, to the jurisdiction and data subject type the requester selects.