Prefilling Fields & URL Parameters
Pass data into the Privacy Center form via URL query parameters — prefill fields, preselect a right, filter visible rights, and attach metadata to submitted requests.
You can append query parameters to your Privacy Center URL to control how the form loads for a specific user or context. This is useful for embedding the Privacy Center in a specific page (e.g. a Do Not Sell page), linking from an email, or passing user data you already have.
Prefilling form fields
The following parameters prefill specific built-in fields when the form loads:
| Parameter | Field prefilled | Notes |
|---|---|---|
firstName | First name | |
lastName | Last name | |
email | ||
countryCode | Country | ISO 3166-1 2-digit code, e.g. US |
state | State | ISO 3166-2 2-digit code, e.g. CA |
mobileNumber | Mobile number | Digits only; spaces are replaced with + |
address | Address | Free text |
urlField | URL | Must be a valid URL |
Example:
https://acme.privacy.saymine.io/acme?firstName=Jane&lastName=Doe&[email protected]&countryCode=USPreselecting a privacy right
Use the privacyRightId parameter to preselect a specific right when the form loads. The value must be the right's unique ID, which you can find in your DSR setup. For the 5 default rights, the ID is a readable string:
| Right | ID |
|---|---|
| Delete my data | delete |
| Get a copy of my data | getcopy |
| Do not sell | donotsell |
| Do not mail | donotmail |
| Right to edit | righttoedit |
For any additional rights you've created, use their unique ID (e.g. pvguziygzk), found in DSR Setup → Privacy rights → within a specific right → 3-dot menu on the upper right side → Click Copy right ID
Example:
https://acme.privacy.saymine.io/acme?privacyRightId=donotsellFiltering which rights are visible
Use the supportedRight parameter to limit which privacy rights are shown on the form. When present, only the rights matching the provided values are displayed — subject to the country/state eligibility rules you've configured.
You can add supportedRight multiple times to allow more than one right:
https://acme.privacy.saymine.io/acme?supportedRight=delete
https://acme.privacy.saymine.io/acme?supportedRight=delete&supportedRight=getcopyWhen no supportedRight parameter is provided, all enabled rights are shown as usual.
This is useful for embedding the Privacy Center on a specific page — for example, a dedicated Do Not Sell page that should only show the
donotsellright.
Passing custom metadata
Any query parameter that isn't a recognized field name is automatically stored as a custom field on the submitted request. This lets you pass context — such as a campaign ID, source page, or internal reference — without it appearing on the form itself.
Example:
https://acme.privacy.saymine.io/acme?source=footer&campaignId=summer2025This creates a request with custom fields source = footer and campaignId = summer2025.
Query parameter values longer than 256 characters are ignored and not stored.