Request Manager Overview
DataGrail Request Manager expedites and automates management of access, deletion, opt-out, and other privacy rights. Your privacy team will use Request Manager to:
- Organize and action incoming data subject requests (DSRs) in order to meet compliance timelines mandated by data protection regulations such as GDPR and CCPA
- Automatically verify a data subject’s identity with DataGrail Smart Verification™ before working on a request
- Use the DataGrail 2,100+ integration network to monitor and report on requests as they are processed by internal teams and third party-vendors and construct Workflows to automate certain stages of request processing
- Customize your Do Not Sell or Share form (mandated by CCPA and CPRA) and review your request policies
Depending on your DataGrail agreement, your team may also have access to the DataGrail Internal Systems Integration (“ISI”). Once configured, ISI can automatically process subject requests within your infrastructure to significantly expedite request processing while offering far greater security and comprehensiveness compared to manual alternatives. Contact your customer success manager if you’re not sure what is included in your agreement.
Jump ahead
- How do I navigate Request Manager?
- Who uses Request Manager?
- What is involved in implementing Request Manager?
- What are the features of Request Manager?
- Further reading on DSR management
Tour Request Manager
Request Manager is composed of three main tools that work in parallel to classify, intake, and fulfill privacy requests. You will find these tools listed on the left-navigation menu in DataGrail.
Click the links below to jump to the details:
Request Manager Users
The following User Roles have access to the Request Manager product, each with varying ownership of request processing.
Request Approver
The Request Approver role is able to view and approve results for assigned requests and results for assigned system integrations.
Request Agent
The Request Agent role is able to perform all the actions that the Request Approver can. In addition, they can create requests and edit their details as well as interact with Do Not Sell requests.
Request Agents can also manage and track the assignment of their Data Subject Requests across DataGrail team members, with Request Assignment.
Request Admin
The Request Admin is able to perform all the actions that the Request Agent can, as well as view the Compliance Dashboard and approve results for any connection, regardless of assignment.
Implementation Summary
To get started using Request Manager as your privacy solution, the following components will need to be configured.
Intake Form
The intake form is a public web page that offers individuals the ability to submit data subject requests on behalf of themselves, or on behalf of others by submitting a request as an Authorized Agent. This is one of the primary methods for your customers to get their request into DataGrail.
-
Components
Email Communication
Email messages are used to communicate with and validate a data subject's identity, as well as service Direct Contact data operations and keep your team informed via notifications. A Transactional Mailer allows DataGrail to send email messages on your behalf, using an address hosted on your email provider.
-
Components
Cloud Storage
To ensure the security of all parties' information, PII is encrypted and stored on your systems, using one of our integrated storage solutions.
-
Components
Integrations
To meet the demands of automating data access and deletion, DataGrail integrates with thousands of systems and can create new integrations to service your infrastructure.
Further reading on DSR management
To better understand DSR management within and outside of DataGrail, we recommend these resources:
- Guide to State Privacy Laws: A comprehensive guide to United States privacy laws as they impact data subject requests
- Data Privacy Trends Report: Benchmark your DSR processing trends against others in your industry
- Do Not Sell or Share Opt-out Guide: More details on CCPA & CPRA requirements and best practices
- Bed Bath & Beyond case study: Learn how Bed Bath & Beyond reduced their DSR turnaround from weeks to just a few hours
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.