Privacy actions identify the data to process and define the type of processing to perform on it. Each action is defined in its own section. An action's name must be unique among all section names. Each action can be used by any number of rules.
When privacy actions are executed, the resulting changes are buffered.
is tested first, and if it evaluates to
true, its action is buffered for later
[Rule3], and all subsequent rules are tested,
and their actions are buffered in the order of evaluation as necessary. Each subsequent action is
taken on the data before it has been changed; it does not apply changes to data made by previous
There is one exception:
ReqDeleteactions, which make changes to the request data, the Privacy session agent examines buffered changes made by previous
ReqDeleteactions, as well as the existing data. For example, if two consecutive actions set a value for the request variable
[appdata]section of the request, the second action overrides the first. However, these actions cannot see any changes made by previous block or encrypt actions.