Skip to content
  • There are no suggestions because the search field is empty.

Custom Storage for DSR Copy Reports

Using your own cloud storage for Copy reports and related files

When processing Copy requests (data access), MineOS generates a Copy report containing the subject's data. By default, this report is stored temporarily in MineOS, using a private Google Cloud bucket. Setting custom storage allows you to use your own storage solution, giving you full control over where that data lives and how long it's retained.

Note: This storage setting applies to Copy requests only. Other DSR types (such as Delete or Opt-out) are not affected by this configuration.

  MineOS Default Storage Your own storage
Location EU or US Managed by you
Retention Period 45 days Managed by you
Managed By MineOS  Managed by you

What data is stored?

When a Copy request is processed, the following is saved to the defined storage:

  • Uploaded files attached to the request
  • Copies of files found by unstructured integrations (e.g. Google Drive, OneDrive)
  • A JSON data file from structured integrations containing:
    • Data retrieved from integrations (e.g. Kustomer, Intercom)
    • Integration metadata used to generate the Copy report (integration ID, display name, data types, description, and more)

Retention periods (MineOS default storage):

  • Uploaded files & integration files: 90 days from upload time or integration's search time
  • JSON data report: 45 days from compiling the Copy report

Using your own storage with Google Cloud Storage

Step 1: Creating and setting up the storage bucket

Whether you are using an existing storage bucket, or creating a new one for this purpose, here are a few best practices to follow for a correct setup:

  • Use multi-region or dual-region for high availability.
  • Use Standard storage class.
  • Use uniform bucket ACL.
  • Disable versioning (this is important for compliance).
  • Use a retention policy, and have it set for 45 days or more.
  • Configure CORS to allow access from your privacy center.

Bucket Permissions:

  1. Open Cloud Storage on your Google Cloud Console.
  2. From the top bar choose the project with the bucket you'd like to use.
  3. On the Cloud Storage page, choose the storage bucket you would like to use.
  4. Inside the storage bucket go to Permissions and click Grant Access
  5. Paste your MineOS principal account ID. This is shown on the DSR Storage setup page after selecting Custom and Google Cloud as the provider.
  6. Under Assign roles, add the following roles:
    • Storage Admin (under Resource Manager)
  • Click Save

Note:

  • MineOS requires a Storage Admin role to correctly set the bucket's CORS policy.
  • MineOS only manages bucket objects, and will not modify any other settings such as lifecycle, permissions, policies, etc.

Step 2: Setup in MineOS 

  1. Go to the DSR Storage page in your MineOS account (under Settings -> Developers).
  2. Select "Custom".
  3. Select "Google Cloud" as the storage provider.
  4. Enter the project ID and bucket name
  5. Click Test & Save. MineOS will now check the bucket selected can properly be connected to, and has the required permissions.

Screenshot 2023-11-14 at 19.29.43

Caution: Do not edit or change existing requests regarding file or data attachments as these will adhere to the new DSR storage configuration.