Domains / Security and Compliance/ Data Aggregate

Data Subject Request Aggregate

Tracks the full lifecycle of a GDPR or CCPA data subject rights request from submission through completion, including downstream task coordination.

Data Aggregate Application active

Data Subject Request Aggregate enforces SLA compliance (30-day response window for GDPR Article 17). When a request moves to the processing state, deletion tasks are created for each owning system. The aggregate transitions to completed only when all tasks report success.

Relationships

Composes outgoing 1
Target Element Element Type
Compliance Policy Data Concept
Owns outgoing 2
Target Element Element Type
Data Privacy Controls Component
Privacy Rights API Software Subsystem
Owned by incoming 1
Source Element Element Type
Data Privacy Controls Component

Architecture Context

Diagrams

Not yet referenced in any diagram

Properties

Type Data Aggregate
Layer Application
Domain Security and Compliance
Status active
Owner Security Team

Additional Metadata

Lifecycle States submitted, validating, processing, completed, rejected, overdue
Archimate Type data-object
Ddd Type Aggregate
Togaf Type Logical Data Component

Meta Model

Business
Organization
Application current
Technology

Actions