June 2026
This page documents all customer-facing changes to the DataGrail application made in June 2026. Additional entries will be added every week on Friday.
Week of June 22
🚀 Features Added
- Language selector for privacy requests — agents can now set or change the language on any request submitted by email, phone, or API, and the correct translated email template goes out automatically. Selectable languages match those you've already enabled for email communications.
- Multi-brand sender aliases — multi-brand customers can now configure different sender names and email addresses for each brand or group within a single transactional mailer integration, so consumers immediately recognize which brand is contacting them. Email logs now capture the sender address used, making it easy to confirm each request went out from the right identity.
- Claude Compliance system detection — a new integration that tracks which MCP servers and tools are connected and used across your Claude enterprise environment, giving you visibility into your AI data sources.
- Assessment assignment lifecycle — assessment work assigned to teammates can now be resolved, unresolved, or cancelled, giving contributors clear direction on what's still outstanding.
- Domain-level email blocking — block entire email domains to prevent spam submissions to your privacy request intake.
🛠 Changes Made
- Vera response persistence — Vera now keeps generating your answer even if your browser refreshes, disconnects, or navigates away; when you return, the completed response is waiting, with a clear retry prompt if anything went wrong. The Stop button now reliably cancels generation even before streaming begins.
- Vera ROPA answers — Vera can now filter your processing activities by legal basis, country, system, and data owner ("which activities rely on legitimate interest?"), and surface the full ROPA record for any activity on demand — purposes, legal role, consent origins, special-category data, safeguards, retention, transfers, and DPIA status.
- Vera data discovery status — Vera can now look up your Data Discovery agent status in real time, including whether each agent is connected, when it last ran, and whether any scans are active.
- Smarter integration troubleshooting — the "Troubleshoot this error" banner now appears only when there's real error data to analyze, and the AI only sees actual status codes and response bodies. This eliminates fabricated diagnoses (like phantom "401 Unauthorized" errors) on integrations that never returned a response.
- Intelligence Library personal data accuracy — personal data in system metadata is now significantly more accurate, with far fewer false positives. Some fields may now be intentionally empty where the processed data genuinely can't be known. Applies to newly added systems.
- Consent banner accessibility — hidden screen-reader labels (such as "Close," "Consent preferences," and "Search vendors") now follow the banner's active locale across 25+ languages, with English as a fallback.
- Final email suppression warning — a compliance warning now appears before you suppress the final email to a data subject.
- Android consent banner styling — banner text elements now respect the
stylesettings in your configuration for proper title, header, and body sizing.
🐛 Bugs Squashed
- Resolved an issue where the ROPA CSV export left the Transfer Impact Assessment column blank for every customer.
- Resolved a crash on the API Credentials page for users with no active keys.
- Resolved an issue where email-based requests could incorrectly auto-skip a step in the request wizard.
- Resolved an issue where privacy requests could get stuck in a Pending Delete state due to a timing race.
- Resolved an issue where skipped result emails were incorrectly shown as sent to the requester, and where "send results email" copy appeared during the initializing phase.
- Resolved an issue where unpublishing an automation redirected you away from the page you were on.
- Resolved Amplitude failures when downloading results.
- Resolved an issue where comments on approved assessments were still editable.
- Resolved an issue where assessment deletion could fail when a contributor was also an assignee.
- Resolved an issue where the Agents navigation was hidden for certain customers.
- Resolved several Consent issues: cookie rules returning a 422 error on save, and consent layout updates being applied to the wrong project.
- Resolved an issue where inbound assessments recorded the wrong author in the creator, email sender, and change history.
- Resolved Vera failing to retrieve your processing activities when asked.
- Resolved a SQL Server failure on deletion and opt-out requests that use stored procedures.
- Resolved an Android consent banner issue where switching between light and dark mode could leave the banner blank, plus fixes for button text casing and category parsing.
Week of June 15
🚀 Features Added
- Assessment collaboration — two new permission-scoped roles control who can build and fill assessments: Creators build assessments and templates and manage the full lifecycle for assessments they own, while Contributors answer questions, upload documents, and request AI review on assessments they're a member of. You can also assign ownership of specific questions or sections to individual users, and read the full (view-only) comment history on approved assessments.
- Archive per-policy intake form customizations — admins can now revert a published per-policy Privacy Request Center form back to the default "All Policies" form with a single Archive action, directly in the customization editor. The live form immediately serves the All Policies content, new drafts pick up from the right starting point, and historical ticket answers still display the labels from when they were submitted.
🛠 Changes Made
- Google Consent Mode Auditor — Consent Scanner has been renamed to Google Consent Mode Auditor. The navigation tab is now "GCM Auditor" and "scan" wording is now "audit" throughout.
- Brevo integration — the SendinBlue integration has been migrated to Brevo following the rebrand and API change. The existing direct-contact integration was also renamed to "Brevo Direct Contact."
- Consent scan errors — when a scan fails because a URL can't be resolved, the page now shows exactly which URL failed and why, and keeps your list open so you can fix and resubmit.
- Assessment context copy — the Assessment Context description now accurately explains that Vera uses your provided context and documents to suggest answers.
🐛 Bugs Squashed
- Resolved an issue where large opt-out request exports could time out.
- Resolved an issue where privacy requests could silently get stuck in a pending state and never advance to completion.
- Resolved authentication failures in the Amplitude and Salesforce integrations that could cause access requests and processing to fail.
- Resolved an issue where first-time SAML/SSO logins in multibrand setups landed on a blank or forbidden page until a second login.
- Resolved an issue where the Create Assessment drawer lost system data after canceling and reopening, producing assessments with missing systems.
- Resolved several Consent issues on large accounts: cookies staying "Unmanaged" despite a matching rule, slow or incomplete cookie categorization, inaccurate counts in the bulk cookie-rule toast, and a consent banner that failed to render when its categories layer was missing.
- Resolved Consent Project scoping issues where records, publish errors, and policy categories could be saved to or surfaced from the wrong project.
Week of June 8
🛠 Changes Made
- Microsoft UET Consent Mode — new documentation walks you through configuring Consent Mode for the Microsoft Ad Platform.
- Arity — the Arity integration now supports Access (data disclosure) requests in addition to deletion.
- Consent Analytics — the analytics dashboard has a refreshed full-width layout with redesigned charts, clearer compliance tables, and CSV export.
- Accessibility — button keyboard-focus outlines now meet WCAG contrast requirements for clearer keyboard navigation.
🐛 Bugs Squashed
- Resolved an issue where one invalid URL could fail an entire Consent scan batch; invalid URLs are now validated up front and automatically disabled after repeated failures.
- Resolved an issue where the bulk Process Requests action reset your view to "All Requests" instead of preserving your filters.
- Resolved an issue where integrations could not be deselected on deletion requests; the include/exclude list is now editable until deletion runs.
- Resolved an issue where re-adding a previously deleted Consent scan URL returned a "URL has already been taken" error.
Week of June 1
🚀 Features Added
- Assessments API — programmatically create assessments from templates, submit answers with validation, monitor progress, and download finished assessments as PDFs. Requires an API key with the new
AssessmentandAssessmentTemplatescopes. - Assessment Change History — every edit, contributor action, document upload, AI suggestion, and status change is now automatically logged with a full audit trail. Filter by question, contributor, or activity type and export as CSV for audit documentation.
- Assessment approver assignment — restrict who can approve a Risk Monitor assessment by assigning a specific approver.
- Assessment @mention support in comments — tag contributors and admins directly in assessment comments to notify them of specific questions or discussions.
- Assessment # reference autocomplete — insert clickable cross-references to any question or section directly from within a comment.
- Assessment comment resolve/unresolve — close resolved comment threads to reduce noise; toggle a filter to view them again when needed.
- Assessment link support in comments — external links in assessment comments are now clickable, with a safety prompt before opening.
- Data Classification tab on System Profile — view Data Classification results scoped to a specific system directly from its profile page, with the same table, filters, and details drawer you already know from the main Data Classification page.
- Ironclad for Live Data Map — Ironclad is now available as a connectable integration for the Live Data Map.
- Self-service SAML/SSO domain management — add and remove email domains for SAML/SSO login directly from Settings > Additional Domains, without opening a support ticket. Supports bulk entry, real-time validation, and immediate effect.
- DG-hosted mailer custom domain setup — configure and validate custom email domains for DataGrail-hosted transactional mailers directly in settings, with step-by-step DNS configuration instructions.
- Vera Global Context — the Global Context editor is now available directly from the Vera home screen as its own dedicated tab.
🛠 Changes Made
- Vera real-time agent steps — Vera now surfaces each tool she uses as a collapsible step in the conversation, showing what she searched, fetched, or analyzed and how long it took. Steps collapse by default so the answer stays front and center.
- Consent layouts — the layouts page is dramatically faster and more reliable, eliminating the failure mode that caused multi-minute load times under database pressure.
- Request Manager email search — searching for a data subject by email in the privacy request inbox is now over 100× faster.
- System Detection on new authentication — configuring a new System Detection-capable authentication now immediately triggers detection jobs, so systems appear in your inventory in under an hour instead of 24–48 hours.
- Bulk system edit marks assessments as reviewed — bulk-editing systems in the Live Data Map now automatically marks their linked assessments as reviewed.
🐛 Bugs Squashed
- Resolved an issue where Consent Analytics CSV downloads were failing.
- Resolved an issue where the System Inventory page could time out under cold-cache conditions.
- Resolved an issue where dates in the Processing Activities table were displaying in an incorrect format.
- Resolved several UI issues in the Invite New User dialog.
- Resolved an issue where the Vera MCP Write Access toggle appeared to revert visually after being enabled.
- Resolved issues where cloned Consent Projects could have corrupted layer data or missing group assignments.
- Resolved an issue where the base taxonomy root node displayed "DataGrail Base Taxonomy" instead of the customer's account name.
- Resolved an issue where verification reminder emails were not sent for requests stuck in an initializing workflow state.
- Resolved an issue where direct contact requests remained stuck in a queued state after ticket closure.