Synchronous vs. Asynchronous Integrations
DataGrail's API integrations execute access and deletion using either synchronous or asynchronous requests. These API request types can impact the time it takes for an integration to process. This article describes the differences between these API request types and how it affects your DataGrail workflow.
Synchronous Integrations
Synchronous API integrations operate in a real-time manner, where each request is processed immediately by the system, while the DataGrail client waits for a response. Since the system processes DataGrail's API requests immediately, these integrations generally complete access and deletion most quickly, usually in a few minutes.
DataGrail utilizes an internal queue for synchronous API requests, to ensure fairness in processing across all customers.
For high volume privacy request processors, synchronous API requests may be rate limited by source systems to prevent overloading their servers. This rate limiting can result in longer processing times for access and deletion requests, as the DataGrail client must back off and wait for the rate limit to reset before continuing to send requests. Please check with the support team for your connected systems to confirm the rate limits for your various plans.
Asynchronous Integrations
Asynchronous API integrations do not provide DataGrail with an immediate response to API requests. These processors accept the API request from DataGrail, and the DataGrail integration will automatically "poll", or check the status of the request, in the system hourly.
Asynchronous integrations will show a "processing" status in DataGrail until the API returns a complete status during one of these hourly polls. The processing times of asynchronous integrations are completely dependent on the processor, and in some cases, can take up to two weeks to complete.
Processing Privacy Requests With Asynchronous Integrations
Since additional time is generally needed to process asynchronous integrations, there are a few steps you can take to ensure privacy requests are actioned efficiently.
Moving Through The Workflow
It is important to give asynchronous APIs the most time possible to complete requests. To do this, it is crucial to execute any manual steps in the DataGrail workflow as soon as possible, so API requests can be made:
- As soon as a Data Subject verifies their email, complete the "Wizard" step of the DataGrail workflow. Completing this step will allow your API integrations to initialize and make their first requests.
- Review deletion requests in the "Pending Action" state quickly. Deletion requests initiate PII deletion immediately after this state. To ensure asynchronous integrations have the most time to process, it is critical that requests are not kept in the "Pending Action" state for an extended period of time.
Deletion Behavior Configuration
Some asynchronous integrations offer a Deletion Behavior configuration option on the integrations page to allow you to expedite your Privacy Requests.
Mark integration as complete when a deletion request is successfully submitted:
- This configuration option allows the integration to be marked as "complete" in DataGrail as soon as the asynchronous process accepts the API request from DataGrail. DataGrail will not poll asynchronous integrations with this option enabled.
Continue processing until the deletion request is completed:
- This is the standard deletion behavior for an asynchronous integration. DataGrail will show a "processing" status for the integration until the system indicates the request has been actioned.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.