How to Generate and Customize a Data Subject Request (DSR) Portal

Edited

Captain Compliance allows you to create and manage Data Subject Request (DSR) portals with support for portal customization and request fulfillment workflows. This article explains how to create a DSR Portal, customize its content and appearance, and validate that requests are received correctly.

Step 1: Create a Data Subject Request (DSR) Portal

DSR Portals are typically created at the organization level.

To get started:

  • Navigate to DSR Portal → Settings in the Captain Compliance app

  • Click Add New DSR Portal

  • Enter a DSR Portal Name

This creates a DSR Portal instance that can be customized and published.

Step 2: Customize DSR Portal Details

Once the DSR Portal is created:

  • Click on your DSR Portal

  • Navigate to Details

Configure the following fields:

  • Company Name

  • Company Privacy Email

    • This field supports future functionality and should still be populated

  • Header Text

    • Used to display informational content at the top of the DSR Portal

  • Footer Text

    • Used to display supplemental information at the bottom of the portal

Email Notification Check (Important)

The DSR Portal sends email notifications to authorized personnel when new requests are submitted.

To ensure requests are received:

  • Navigate to Organization → Notifications → Destination Mail

  • Confirm that one or more valid email addresses are configured

Without this configuration, requests may be submitted successfully but not routed to the appropriate inbox.

Step 3: Customize Your DSR Portal Fields

Each DSR Portal loads with a default set of fields. These fields should be carefully reviewed and adjusted as needed.

Privacy laws generally require that organizations only request information that is necessary to verify identity and fulfill the request. As a result:

  • Remove any fields that are not required for your organization

  • Add fields only when they are necessary for request fulfillment

To add a new field:

  • Navigate to Fields

  • Select Add Field → Create Field

  • Configure the Field Label, Description, and Field Type

Fields can be reordered using drag-and-drop.

Default Fields Commonly Included

  • First name

  • Last name

  • Email address

  • Relationship to the data controller

  • Whether the request is submitted by a third party

  • Relationship to the data subject (if applicable)

  • Country of residence

  • State or province of residence

  • Type of data subject request being exercised

  • Description of the request

For example, phone number is not included by default, but may be added if required for your verification or response process.

Step 4: Customize DSR Portal Appearance

To customize the look and feel of the portal:

  • Navigate to Appearance

Configure the following options:

  • Logo Image (upload your organization’s logo)

  • Theme Color

  • Font Color

  • Border Width

  • Border Radius

  • Portal Type

    • Structured (all fields visible at once)

    • Linear (step-by-step sequence of questions)

These settings control the visual presentation of the DSR Portal but do not affect request processing logic.

Step 5: Test DSR Portal Functionality

Before publishing, test the portal end to end.

  • Open the DSR Portal URL

  • Submit a test request

  • Navigate to DSR Portal → Requests in the Captain Compliance app

Confirm that the request appears in the queue. Open the request and test updating the request status:

  • Pending

  • In Progress

  • Completed

  • Not Applicable

While request fulfillment can be automated through API integration, this step focuses on validating manual request intake and status management.

Step 6: Legal Review

Before publishing, Captain Compliance strongly recommends submitting the DSR Portal for internal and legal review.

While Captain Compliance simplifies DSR intake and workflow management, ultimate responsibility for privacy request fulfillment rests with your organization. Any required changes can be made using the steps above.

Step 7: Publish the DSR Portal

Captain Compliance DSR Portals are easy to deploy.

  • Most organizations link directly to the hosted DSR Portal

  • Some organizations embed the DSR Portal using an iframe

Once published, the portal is ready to receive live data subject requests.