This article describes current and planned integration points for PowerReviews clients to submit data privacy requests to PowerReviews. Data privacy requests are also referred to as a Data Subject Access Request or DSAR. All integrations discussed here are intended only for contracted PowerReviews clients; all other non-client requests will be rejected. Please note when processing consumer Ratings and Reviews on behalf of a PowerReviews' client, PowerReviews acts as a Data Processor as that term is defined in data privacy laws. As a Data Processor, PowerReviews will provide our clients reasonable assistance in responding to Data Subject Access Requests received from their customers.
Integration options include:
- API (secure)
- Request Form (secure)
- Email (legacy)
Through each of these three integration options, you can make three types of DSARs:
- PII Deletion + Anonymization
- Information Request
- Data Correction
Before submitting any requests, please understand the following difference:
- Personal information PII Deletion+Anonymize requests will remove all personal information in your data we store for the identified people in your request, but the anonymized star rating reviews UGC content they’ve submitted will still be available for your display to help your customers.
Please note:- The anonymized star rating reviews will show to shoppers as by Anonymous
- Social UGC such as images and videos will be deleted to ensure personal information deletion. They can not be anonymized.
-
With the addition of Delete Associated UGC Content to your requests, all of your reviews associated with the personal information submitted will also be deleted.
Privacy API (secure)
The PowerReviews secure Privacy API endpoint allows our clients to connect programmatically to both make and confirm status of privacy requests.
-
The Privacy API is an extension of the Enterprise API. First, please follow steps 1 and 2 in the Getting Started section of the Enterprise API documentation to authenticate.
- Ensure the API credentials are configured with Read and Write access.
- Please note that if your organization runs multiple accounts/brands with PowerReviews, you will need to configure and use API credentials for each.
- Second, please see the Privacy API developer documentation for how to make ("POST") and confirm status of ("GET") data privacy requests.
- Please contact your Account Team for more information for implementation support and testing.
Request Form (secure)
Please read and follow these instructions carefully. Submissions with incorrect or extraneous data will not properly process and will be rejected.
PowerReviews takes your data security seriously. Before you submit a request, please work with your Account Team to confirm and configure in the PowerReviews Portal the email address from which your data privacy requests will be sent. Please note that if your organization runs multiple accounts/brands with PowerReviews, you will need to configure the email address for each otherwise they will not be processed.
To submit a secure form request, go to and complete the B2B request form. Please note that the form is hosted on the OneTrust domain at powerreviews-privacy.my.onetrust.com as PowerReviews uses their industry standard privacy management solutions. Form instructions for specific fields:
- Select Request Type: select either PII Deletion+Anonymize which works as described above, Information Request to request information in your data we store for the people submitted, or Data Correction to correct personal information in your data we store for the people submitted.
-
Contact Email: you must enter your company's work domain email to validate your request's legitimacy.
- You will receive an email asking you to confirm your submission which is mandatory. If you do not confirm, the request will be rejected.
- Email from other domains will result in a rejected request.
-
Company: enter your parent company name with whom PowerReviews has contracted.
- The request will be processed across all child accounts (merchants) of the parent company (merchant group).
- If a request is to be processed only on select child account(s), one request will need to be made per child account.
- Please note that if your child accounts or brands are configured as separate merchant groups in PowerReviews, you will always need to submit separate requests for each one.
-
Advanced Deletion Options: this optional field appears if your request type = PII Deletion+Anonymize. You may select either or both of the two options:
- Delete Associated UGC Content: this option additionally deletes the anonymized UGC formerly associated to the people in your request.
- Email Opt-Out from UGC Collection: this will place the all submitted people in the request on the do not contact list for Follow-Up Email so your program does not contact them again.
-
Request Details: there are two request formats. Both formats support up to a maximum of 500 data subjects as identified by their email address, one email per row in plain text with no formatting:
-
Format for PII Anonymize+Deletion or Information Request: you can send people's emails for processing either in the Request Details section or as an attached plain text .csv file (.csv default template file) using the Select a File button at the bottom (you must confirm you're 'not a robot' prior to attaching a file). If you are submitting a .csv file, please note that only one can be attached to each request.
person1@domain1.com
person2@domain2.com
person3@domain3.com
etc.
This is an example of the form with data properly entered and ready for submission.
-
Format for PII Anonymize+Deletion or Information Request: you can send people's emails for processing either in the Request Details section or as an attached plain text .csv file (.csv default template file) using the Select a File button at the bottom (you must confirm you're 'not a robot' prior to attaching a file). If you are submitting a .csv file, please note that only one can be attached to each request.
-
-
Format for Data Correction request ONLY: requests for data correction can only be made via an attached plain text .csv file in the format of this Data Correction template .csv file. Both the header row of the template file and an identifying email in field 1 of each subject row is required. There are three legitimate request formats given the data PowerReviews stores for our clients:
-
Email change only request row format (row 2 in data correction .csv template):
person1@domain1.com,,,newperson1@newdomain1.com,,,
etc.
-
Email + Name Change request row format (row 3 in data correction .csv template):
person2@domain2.com,firstname2,lastname2,,newperson2@newdomain2.com,newfirstname2,newlastname2,
etc.
-
Email change only request row format (row 2 in data correction .csv template):
-
Format for Data Correction request ONLY: requests for data correction can only be made via an attached plain text .csv file in the format of this Data Correction template .csv file. Both the header row of the template file and an identifying email in field 1 of each subject row is required. There are three legitimate request formats given the data PowerReviews stores for our clients:
After clicking Submit on the form, you will get an automated email from PowerReviews asking you to confirm your request. You must confirm your request for it to be processed. If you do not confirm your request, it will be rejected after 30 calendar days.
After your request has been processed, you will receive another automated email from PowerReviews asking you to log into our secure data privacy system to view details on whether the request was successfully processed or if additional actions are needed due to unsuccessful processing. While not mandatory, it is highly recommended you confirm the processing status of your request(s).
Email (legacy)
Please read and follow these instructions carefully. Submissions with incorrect or extraneous data will not properly process and will be rejected. Data Correction requests are not supported via email.
PowerReviews takes your data security seriously. Before you submit a request, please work with your Account Team to confirm and configure in the PowerReviews Portal the email address from which your data privacy requests will be sent. Please note that if your organization runs multiple accounts/brands with PowerReviews, you will need to configure the email address for each otherwise they will not be processed.
This is a legacy integration and is documented only for the support of grandfathered client implementations. Please note that as a general best practice, we recommend against transmitting personal information via email.
Email your Privacy requests to dataprotection@powerreviews.com.
- There is a limit of one email per day, per merchant group or brand merchant.
- You must send emails in a consistent manner, formatted in plain text as described below without extra characters or encodings which may cause your request to not be processed.
- Requests sent via password protected emails or with password protected attachments are not supported. Please use the form above for secure personal information transmission or reach out to your Customer Success Manager who can facilitate API discussions with our Engineering Team.
- Processing completion notifications will only be viewable in our secure data privacy portal built on OneTrust.
- If your request can not be automatically processed, your request will be rejected.
Email format:
- Email From: you must send the email from your work email domain. Email from other domains will result in a rejected request.
-
Subject: [COMPANY NAME] - [OPTION]
-
[COMPANY NAME]
- The request will be processed across all child accounts (merchants) of the parent company (merchant group).
- If a request is to be processed only on select child account(s), one request will need to be made per child account.
- Please note that if your child accounts or brands are configured as separate merchant groups in PowerReviews, you will always need to submit separate requests for each one.
- [OPTION] Enter only one of the following options in the subject line:
- ANONYMIZE
Please note that the ANONYMIZE option removes all personal information in your data we store for the identified people in your request but the anonymized star rating reviews UGC content they’ve submitted will still be available for your display to help your customers. - DELETE
- ANONYMIZE + EMAIL-OPT-OUT
- DELETE + EMAIL-OPT-OUT
- INFO
- ANONYMIZE
-
[COMPANY NAME]
-
You can send people's emails for processing either in the the email body or as an attached plain text .csv or .txt file (.csv default template file). If you are submitting a .csv or .txt file, please note that only one can be attached to each email request. Whether in the Details section or via an attached file, enter only one email per row in plain text (no formatting), up to a maximum of 500. For example:
person1@domain1.com
person2@domain2.com
person3@domain3.com
Please contact your Implementation Team or Account Team to further discuss our data privacy integrations.