Skip to main content

Transactional Mailers Overview

To communicate with requesters from your dedicated privacy@ email alias, the DataGrail Platform will integrate with your Transactional Email system.

This transactional email system (i.e. a service that sends an email when a user completes an action, such as a purchase or password reset), will need to be able to send emails within the DataGrail Platform when a user makes a privacy request.

The email templates will be set by your team; DataGrail will never send an email without explicit approval and the opportunity to edit what is sent, and the chance to cancel. Copies of the emails are stored by DataGrail so that your user examining the request can see all communications.

Those will be purged upon your chosen schedule (typically 2 years for CCPA; can be any number of days you require after completion of the ticket).

Currently Supported Transactional Mailers

  • Mandrill

  • SendInBlue

  • Sparkpost

  • MailGun

  • SendGrid (If you are creating an account, we recommend the SendGrid Essentials plan)

  • Amazon SES

    • Most secure option; allows the customer to lock down DataGrail to only send from a specific email address
    • No ability to change the mailer

If there is a mailer not listed above, DataGrail will scope a possible integration.

Implementation

Connecting Your Transactional Mailer to DataGrail

The first step in setting up your transactional mailer is to create the API connection with DataGrail:

  1. Select the "Integrations" page from DataGrail's side menu.
  2. Select "Configure New Integration"
  3. Search for the mailer you would like to connect and select "Configure"
  4. Select the "View Connection Instructions" button and follow the steps to enter the credentials for your mailer.
  5. Click "Configure Integration"

Once connected, please email support@datagrail.io with the Sender Email ("privacy@mycompany.com") and Sender Name ("My Company Privacy Team") you would like to use with DataGrail. The DataGrail Support Team will work to configure your mailer and will test deliverability.

Deliverability Testing

In order for the DataGrail platform to function as intended, it is crucial that the messages sent from your transactional mailer are delivered consistently to your users. For this reason, DataGrail performs a deliverability test when you connect your mailer.

The goal of the deliverability test is to confirm the following:

  • DataGrail can trigger outbound emails from your transactional mailer successfully
  • Emails sent by your mailer to your users are properly signed and not delivered to spam

DataGrail will inform you with the status of the deliverability test once your mailer is connected.

Ensuring Successful Deliverability

Since your transactional mailer is sending on behalf of your company (and your domain), it is important emails are properly authenticated to avoid appearing malicious or as spam to recipients. As a result DataGrail recommends customers configure the following:

  • Sender Identity: Many transactional mailers, like SendGrid, offer the ability to verify a Sender Identity. This is often required and serves to uphold legitimate sending behavior. Setting this up usually requires domain verification and access to DNS records.
  • SPF (Sender Policy Framework): SPF is a form of email authentication that lets you to define what mail servers are allowed to send on behalf of your domain. It is highly recommended to configure SPF records for your transactional mailer with your domain to ensure successful deliverability. This will also require access to DNS records.
  • DKIM (DomainKeys Identified Mail): DKIM is another form of email authentication that uses a digital signature to verify an email was sent by the authorized owner of a domain. This is also an important step to ensuring that mail sent on your behalf is delivered reliably to your users.

Email Intake

Customer runs an email alias, typically privacy@customer.com or dpo@customer.com. To this list, they add customer@emailapi.datagrail.io. That service is run by DataGrail’s instance of SendGrid.

All customers intake emails go to [customername]@emailapi.datagrail.io. It receives emails. Right now, DataGrail only listen to text (not images, attachments, etc.).

Separately, communication from DataGrail (on behalf of requester) to requester is entirely separate. This is where the Customer’s Transactional Mailer comes in.

Screen_Shot_2020-04-20_at_8.06.28_PM.jpg

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.