Rights Request Flows

Rights Requests contain multiple steps and touchpoints. Within the workflow, your code may need to perform certain tasks such as retrieving customer data and sending emails.

4Comply implements Right Requests as a list of workflow steps.

Each workflow step has a “type”, which can be:

  • Automatic: this step will automatically occur in 4Comply, and move to the next step
  • Webhook: this step will send a webhook to your system based on the configuration, it is also automatic
  • Regular (Manual): this step will wait for manual input from you or your system
  • Indeterminate: his step accepts data until you tell it to proceed until you PUT /rightrequests and pass the step name of the step after the indeterminate step using the API

To Upload JSON Files during an indeterminate step, pass the current step (indeterminate step) name as the nextState value in the PUT request. Such as PUT /rightrequests?id={REQUEST_ID}&nextState={INDETERMINATE_STEP_NAME}

  • Fulfillment: this step automatically creates a fulfillment action for your right request, packaging, and sending the relevant data to the end-user via email
  • Choice: this is an automatic step that will route the request to a success or failure step

For each Regulation, 4Comply ships with a set of default rights request flows. Some regulations may not start with all of these flows, but they can be customized and added. The available workflows are:

  • Right To Access (RTA)
  • Right To Be Forgotten (RTBF)
  • Right To Portability (RTP)
  • Right To Update (RTU)

The following sections detail the default Rights Request flow, present a list of steps and webhooks, and show some pseudo-code that you can use on your implementation.

The 4Comply service uses webhooks to communicate with your code at various touch points. For a discussion of how to configure webhooks, see the Webhook page.