Data Subject Management¶
Manage individuals whose personal data is processed by your organization using privacy-preserving identifiers.
Overview¶
Data subjects represent individuals whose personal data is processed by your organization. The Dxtra platform tracks data subjects using privacy-preserving Decentralized Identifiers (DIDs) generated deterministically from PostgreSQL UUIDs via SHA3-256.
Core capabilities:
- Privacy-preserving identity management with DIDs
- Automated deduplication using hashed field matching
- Processing activity tracking and audit trails
- Integration with rights request workflows
Creating Data Subjects¶
Via Integrations¶
Data subjects are automatically created when you connect third-party platforms:
- Shopify -- Customer records from orders and accounts
- Stripe -- Payment customer profiles
- Mailchimp -- Email subscriber records
- Other integrations -- See Integration Guides
Via the Dashboard¶
- Navigate to Data Processing Activity Logs in the dashboard
- Data subjects appear as records are created through integrations or API calls
Via API¶
Create data subjects programmatically using the createDataSubject GraphQL mutation. See the API Reference for details.
Privacy-Preserving Identification¶
Data subjects are identified through privacy-preserving links rather than storing raw personal data.
How It Works¶
- When a data subject is created, field values (email, phone, etc.) are hashed
- These hashes are stored as privacy-preserving links
- Future records with matching hashes link to the same data subject
- Original values are not stored in the data subject record
Benefits¶
- Deduplication -- Same individual across platforms links to one record
- Privacy -- No raw PII stored in the data subject table
- Compliance -- Supports data minimization principles
- Cross-platform -- Works across all connected integrations
DID (Decentralized Identifier)¶
Each data subject receives a unique DID that serves as their privacy-compliant identifier:
- Format:
did:dep:<unique-hash> - Generated automatically when a data subject is created
- Used for audit trail tracking
- Enables cross-platform data subject recognition
Processing Activities¶
All data processing operations are tracked for each data subject. Activities are automatically recorded when:
- Integration webhooks receive customer events
- Rights requests are processed
- Consent preferences are updated
- Data exports or deletions occur
Rights Requests¶
Data subjects can exercise their privacy rights through your Transparency Center or via API:
| Right | Description |
|---|---|
| Access | Copy of personal data |
| Rectification | Correct inaccurate data |
| Erasure | Delete personal data |
| Portability | Export data in machine-readable format |
| Restriction | Limit processing |
| Objection | Stop specific processing |
See Rights Requests for details.
Dashboard Access¶
View and manage data subjects in the Dxtra Dashboard:
- Navigate to Data Processing Activity Logs
- Use global search to find by DID
- Click a data subject to view their profile
The profile includes:
- Basic information and creation date
- Processing activity timeline
- Rights request history
- Consent preferences
- Connected platform records
Best Practices¶
Data Minimization¶
- Hasura Event:
data_subjects_insert→ Conduit/hasura/events/data-subjects/insert - Conduit Handler: Publishes message to RabbitMQ
audit_register_exchange - dx-agent Consumer: Receives registration job from queue
- DID Generation: Agent generates DID deterministically from UUID via SHA3-256
- Callback: Agent publishes result to
audit_register_resultsexchange - DID Update: Conduit updates
data_subjects.didcolumn
Deduplication¶
- Provide consistent field values (normalize email case, trim whitespace)
- Use external IDs from integrations when available
- Review duplicate records periodically
Troubleshooting¶
Duplicate Data Subjects¶
If the same individual appears as multiple records:
- Check for whitespace differences in field values
- Verify email addresses use consistent casing
- Review if external IDs changed between submissions
Missing DIDs¶
If a data subject lacks a DID:
- Verify the parent data controller has a DID
- Use the
generateDataSubjectDIDmutation to trigger generation - DID generation typically completes within seconds
Related Documentation¶
- Rights Requests -- Submit and process data subject privacy rights
- Processing Activities -- Track data processing for compliance
- API Reference -- GraphQL schema documentation
For questions, contact support@dxtra.ai.