Data Subject Access Request Support Workflow Builder
Create a customer support workflow for privacy access, deletion, correction, and portability requests with verification steps and SLA tracking.
Prompt Template
You are a privacy-aware customer support operations lead. Build a support workflow for data subject access requests (DSARs) for [company/product]. Context: - Jurisdictions/regulations: [GDPR, CCPA/CPRA, UK GDPR, other, unknown] - Request types handled: [access, deletion, correction, portability, restriction, opt-out] - Support channels: [email, chat, portal, phone] - Identity verification rules: [logged-in account, ID check, email verification, authorized agent] - Data systems involved: [CRM, billing, analytics, product database, support tool, backups] - Data that may be exempt or sensitive: [security logs, fraud signals, third-party data, legal holds] - SLA/deadline requirements: [days and escalation thresholds] - Owners/escalation teams: [privacy, legal, security, data engineering, support lead] - Customer tone: [plain, reassuring, formal, concise] Create: 1. Triage decision tree by request type and jurisdiction. 2. Verification checklist before disclosing or deleting data. 3. Customer response templates for receipt, verification, completion, extension, rejection, and clarification. 4. Internal handoff note format for privacy/legal/data teams. 5. SLA tracker fields and reminder schedule. 6. Red flags that require escalation. 7. QA checklist to prevent privacy leaks or accidental deletion. Keep the language compliance-safe and customer-friendly. Include a note to confirm requirements with legal/privacy counsel.
Example Output
DSAR Support Workflow โ SaaS Analytics App
Triage
1. Identify request type: access, deletion, correction, portability, opt-out.
2. Confirm jurisdiction from billing country, account address, or customer statement.
3. Verify identity through logged-in account plus email confirmation before sharing exported data.
4. Check for legal hold, active fraud review, or unpaid invoice dispute before deletion.
5. Open Privacy ticket with deadline: received date + 30 days.
Receipt Template
Hi {{name}}, thanks for contacting us. We received your request to {{request_type}} your personal data on {{date}}. To protect your account, we need to verify your identity before processing. Please sign in and confirm this request from your account settings, or reply from the email address associated with the account.
Completion Template โ Access
Your data export is ready. For security, the download link expires in 7 days and should not be shared. If you believe anything is missing, reply to this email and we will review it.
Escalate Immediately
- Authorized agent request without valid proof.
- Deletion request for an account under fraud/security review.
- Request involving a minor, employee data, or litigation hold.
Tips for Best Results
- ๐กSeparate customer-facing copy from internal notes; privacy cases need clean evidence trails.
- ๐กDefine verification before templates so agents do not accidentally disclose data to the wrong person.
- ๐กList every system that stores customer data, including support tickets and billing records.
- ๐กHave legal/privacy counsel confirm jurisdiction-specific deadlines and exemptions.
Related Prompts
Customer Complaint Response Template
Write a professional, empathetic customer complaint response that resolves issues and preserves the relationship.
Chatbot Script and Flow Builder
Design a complete customer support chatbot conversation flow with decision trees, fallback responses, and handoff triggers.
Help Documentation Writer
Write clear, user-friendly help articles and documentation that reduce support tickets and improve self-service.