Versions Compared

Old Version 4

changes.mady.by.user Silva, Carlos

Saved on

compared with

New Version 5

changes.mady.by.user da Mota Viana, Duarte Manuel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

This document provides the full list of systems that will be in scope of OneTrust’s Privacy Rights Automation module, for which there will be an automation of the process of data deletion and data access upon request by a guest through our mobile app/ website.

The list is subject to be updated over time, as RBI business evolves.

...

if other systems are added to the Privacy Rights scope.

Systems in scope:

  • AWS (RBI guest database)

  • Snowflake (RBI reporting)

  • Datadog (logging)

  • LogRocket (session replay)

  • mParticle (customer data platform)Braze

  • Customer engagement platform - if this system is contracted by the Franchisee

  • Amplitude - if this system is contracted by the Franchisee

  • Branch (deep links) - if this system is contracted by the Franchisee

  • Payment service providers - however, we are still investigating (a) whether PSP’s are in scope for data deletion and (b) if “yes” who is responsible for the deletion

  • Backups - however, we are still investigating whether we can implement a 30 days retention periodForter (fraud detection) - if this system is contracted by the Franchisee

Guest access requests:

  • AWS (RBI guest database)

  • Payment service providers - however, we are still investigating (a) whether PSP’s are in scope for data deletion and (b) if “yes” who is responsible for the deletionForter (fraud detection) - if this system is contracted by the Franchisee

Note: Forter is out of scope for Privacy Rights because it would interfere with their ability to detect fraud. They have a GDPR exemption