Handle a DSAR (Data Subject Access Request)

Under GDPR Art. 15, users can request a copy of all data you hold about them — including their consent history. You must respond within 30 days.

What ConsentForge holds about a user

ConsentForge stores:

• Consent decisions (per category, per timestamp)
• Receipt HMAC chain
• Hashed IP and user agent (not reversible to PII)

Because identifiers are one-way hashed, ConsentForge cannot look up a user by email. You need to reconstruct the hash from the user's IP and browser.

Step 1: Get the user's hash

You'll need the user's:

• IP address at the time of the consent decision (from your server logs)
• User agent string (from your server logs or their browser)

Reconstruct the hash:

const crypto = require('crypto');
const hash = crypto
  .createHash('sha256')
  .update(`${ip}|${userAgent}|${propertyId}|${date}`)
  .digest('hex');

Step 2: Search for receipts

Dashboard → Evidence → Search → enter the hash → view all receipts for that identifier.

Or via API:

GET /api/v1/receipts?property_id=prop_abc&user_id={hash}
Authorization: Bearer YOUR_API_TOKEN

Step 3: Export the receipt chain

From the search results, click Export PDF to download a human-readable receipt chain to provide to the data subject.

Step 4: Erasure requests (Art. 17)

Because ConsentForge stores only hashes (not PII), there is nothing to erase — the hash cannot be linked back to the individual by anyone, including ConsentForge. You can note this in your DSAR response.

If the user insists, you can delete specific receipts via:

DELETE /api/v1/receipts/{receipt_id}
Authorization: Bearer YOUR_API_TOKEN

Note: deleting receipts may impact your ability to demonstrate compliance for that period.

See also: Consent Receipts · Data Processing