LET'S TALK
← All work
GDPR Art 17GDPR Art 21CCPA §1798.105FRCP Rule 37(e)Texas SCOPE ActDeep Prototype

DSARStandingOrder — Auto-Renewing DSAR Erasure Orders

24 standing orders that auto-execute every N days for opted-out subjects. Per order: trigger event, scope, cadence, downstream sub-process fan-out, last-execution proof, statutory-hold check. Surfaces 3 standing orders SUSPENDED by legal hold + 1 with sub-processor that needs manual reconfirmation. The artifact that converts one-shot DSARs into reliable ongoing erasure.

DSARStandingOrder — Auto-Renewing DSAR Erasure Orders preview
Open live →

What it is

The shape behind a working privacy-ops automation. RtbfFlow (batch 9) shipped one-shot DSAR fan-out. DSARStandingOrder ships the standing-order pattern — auto-renewing erasure for opt-out + churn + age-up + post-deletion sweeps that run forever.

What’s in it

  • 24 standing orders spanning 8 trigger classes:
    • GDPR Art 17 explicit + bulk (partner termination)
    • GDPR Art 21 marketing/analytics opt-out (daily sweep, 4,280 subjects)
    • CCPA §1798.135 + GPP signal (auto-honors saleOptOut across destinations, 18,420 subjects)
    • CPRA §1798.121 limit-use sensitive PI (148 subjects)
    • Account-deleted sweep (60-day post-deletion, soft→hard delete)
    • Churn-180d sweep (final notice + purge)
    • Minor age-up at 13 (re-consent prompt)
    • Subject-deceased (Quebec Loi 25 §40, California A.B. 568)
  • i18n triggers — Texas SCOPE Act, Vermont VPDP, Quebec Loi 25, LGPD, LFPDPPP.
  • 3 standing orders SUSPENDED by legal hold — DOJ subpoena, SEC TCR (cross-references RetentionPolicy R037 + R038 + WhistleblowerIntake WB-002447). Cannot delete; preserve until counsel releases.
  • 1 PARTIAL execution flagged — Segment Regulations API throttled; retry queued.
  • Per-order template showing cadence, downstream fan-out, on-failure handling, statutory-hold gate.

Why this shape

Most privacy programs handle DSARs as one-shot tickets. The reality: opt-outs accumulate continuously, account-deletions need post-grace-period purges, minors age up, churned customers eventually need full erasure. DSARStandingOrder prototypes the standing-order pattern — the auto-renewing erasure that handles those continuously, with the statutory-hold gate that prevents deletion when legal-hold is active.

How it ships

Single HTML file, ~19KB. Zero dependencies. 24 standing orders × 8 trigger classes × statutory-hold gate in 200 lines of vanilla JavaScript.

Open the tool →