The document outlines eight principles of consumer data privacy, which address regulations across various regions including the GDPR and CCPA. It emphasizes the rights of consumers regarding their personal data, including the right to be forgotten, right to access, and right to data portability, among others, alongside the role of SolixCloud's data management solutions in achieving compliance. The document concludes with a note on the importance of a unified approach to data privacy that adheres to global regulations.

1. Eight principles of
Consumer Data
Privacy

2. Overview
Consumer data privacy is experiencing a wave of concern
and coverage over the last few years as nation-states and
judicial entities continue to roll out new regulations to
protect the privacy rights of Internet users. Numerous
regulations are now in place across different geographies
including the General Data Protection Regulation (GDPR) in
the EU, California Consumer Privacy Act (CCPA), Virginia’s
Consumer Data Privacy Act (CDPA), New York’s Department
of Financial Services Cybersecurity Regulation (NYDFS),
Brazil’s Lei Geral de Proteção de Dados Pessoais and
others.
2

3. 1. Right to be Forgotten
Businesses that manage PII must respond to consumer requests
to remove unfavorable information. This seemingly
straightforward requirement is in fact not straightforward at all, as
organizations must first be able to find the data requested within
silos of enterprise data or even hidden as orphaned objects
within database tables. Through Sensitive Data Discovery,
SOLIXCloud Consumer Data Privacy scans and locates any
and all requested data instances to be deleted.
3

4. 2. Right to Object
The right to object empowers consumers to stop or prevent
processing of their personal data at any time. SOLIXCloud Sensitive
Data Discovery enables controllers and processors of consumer data
to search multi-cloud landscapes for all instances of the data so it
may be removed from processing. Subject Rights Requests (SRR)
forms can be submitted as part of the Data Compliance module to
obtain reports on all data associated with the consumer.
4

5. 3. Right to Rectification
A consumer’s rights over their data includes the right to have
inaccurate personal data rectified, or completed if it is incomplete.
SolixCloud Sensitive Data Discovery locates all instances of the
requested data and stages the request for edit by data admins. A
comprehensive search and discovery capability is once again an
essential capability for data processors, but since the rectification
process also requires that data be updated, processors require role
based access control to limit privileged access to sensitive personal
information.
5

6. 4. Right not to be profiled
Personal data about individuals is collected from a variety of sources and
may be analyzed to classify people into different groups or categories
using algorithms such as machine learning. SOLIXCloud Common Data
Platform (CDP) provides robust metadata management, data lineage,
data catalogue, business glossary and data profiling features that enable
you to explore and understand your data better, so you may be equipped
to target and promote your products successfully without infringing on
consumer rights.
6

7. 5. Right of Access
Subject access gives individuals the right to obtain a copy of their
personal data from you, as well as other supplementary information. Solix
Data Compliance enables Subject Rights Requests (SRR) forms to be
submitted to obtain the personal data. Solix Metadata Management
provides a centralized approach to not only locate specific data objects,
but to identify related objects as well.
7

8. 6. Right to Data Portability
The right to data portability involves individuals being able to obtain and
reuse their own personal data for their own purposes. This obligation
necessitates that processors be able to move, copy or transfer personal
data easily from one IT environment to another in a safe and secure way
without affecting its usability. Solix Data Compliance & Solix Search
enable Subject Rights Request forms and data query results to be
exported in a PDF format. Audit reports including logs of all personal data
activities are also available.
8

9. 7. Right to Data Minimization
Metadata management and data catalogs help administrators explore
their data landscape to confirm the scope of data to be processed and
Information Lifecycle Management (ILM) provides data retention policies
to ensure that the data is purged (deleted) once it is no longer needed.
Solix Data Masking obfuscates data not relevant to a specific purpose,
and Solix Data Governance deploys data retention policies that ensure
erasure after a specific purpose is met. SOLIXCloud Enterprise Archiving
moves personally identifiable information through ‘legal hold’ or other
regulatory purposes into a centralized nearline archive repository.
9

10. 8. Right to be Informed
When organizations collect personal data directly from the individual, they
are able to inform the individual directly regarding the collection and use
of their personal data. When organizations collect data from third-party
sources, they still need to take the ownership to inform individuals when
the data is collected. Informing the individual can be done through
layering, dashboards and just-in-time notices (emails / smart devices), no
later than one month from when the data is collected. Solix Data
Compliance provides management tools to inform data subjects how
their information is used with preference controls to manage what data
they allow the organization to process.
10

11. The Solution - SOLIXCloud
Consumer Data Privacy
Data privacy by design is an architected approach to cloud data
management that ensures all data privacy regulations globally are met
instead of requiring different solutions for different geographies and
jurisdictions.
SOLIXCloud Consumer Data Privacy is a suite of three powerful tools
that complement the W3C open standards based security, SOLIXCloud
Common Data Platform (CDP) and the Eight Principles of Consumer
Data Privacy.
SOLIXCloud data management solutions support the eight principles of
consumer data privacy. Through privacy by design, W3C industry
standard architecture and the SOLIXCloud Consumer Data privacy
solution suite, controllers and data processors are better able to
achieve regulatory compliance.
11

12. Copyright ©2020, Solix Technologies and/or its affiliates. All rights reserved.This document is provided for information purposes only
and the contents hereof are subject to change without notice.This document is not warranted to be error-free, nor subject to any other
warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchant- ability or
fitness for a particular purpose.We specially disclaim any liability with respect to this document and no contractual obligations are
formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any
means, electronic or mechanical, for any purpose, without our prior written permission.Solix is a registered trademark of Solix
Technologies and/or its affiliates. Other names may be trademarks of their respectively
SOLIX TECHNOLOGIES, INC.
4701 Patrick Henry Dr., Bldg 20, Santa Clara, CA 95054
Toll Free:+1.888.GO.SOLIX(+1.888.467.6549)
Telephone: +1.408.654.6400
Fax: +1.408.562.0048
URL:https://www.solix.com