Skip to main content

Multiple Identifiers

In order to associate a Data Subject with a piece of personal data, DataGrail uses an Identifier. This is a unique string that that reliably identifies an individual in your systems.

By default, DataGrail collects and uses a Data Subject's email address as the primary identifier when querying connected systems for PII. However, some systems may utilize phone number or another unique ID as the primary key for users. In these cases, it's helpful to configure an additional identifier in DataGrail to ensure PII is queried effectively.

This article walks through configuring Multiple Identifiers ("Multi ID") in DataGrail.

DataGrail User Roles

Only the following User Roles will have access to configure Multiple Identifiers:

  • Super Admin
  • Connection Manager

Understanding Identifiers

An Identifier is a verifiable key that allows DataGrail to identify a unique data subject within a specific context. An effective identifier should be:

  • Verifiable: Data Subjects must be able to verify or prove that they are the owner of an identifier. This validation can happen directly (i.e. Email Verification) or indirectly (i.e. linked to another already verified identifier).
  • Unique: Identifiers should be able to identify only one unique data subject in a specific context.

DataGrail Identifier Categories

The following Identifier Categories are available for use in DataGrail:

  • Advertising ID: A Device ID used for ad-based purposes. Sub-categories include: iOS, Google, Amazon, Microsoft, and Roku.
  • App ID: A system-assigned ID to a customer application.
  • Browser ID: Something that identifies a user's browser, like a cookie.
  • Email Address: A personal, work, or other type of email address.
  • Phone Number: A personal, work, or other type of phone number.
  • Service ID: A system-assigned ID to a data subject record.
  • Social Media ID: An ID from a social media profile. Sub-categories include: Twitter, Facebook, Smooch, and Intercom.
  • User ID: A custom customer-controlled ID.

Modifying Identifiers

Approved User Roles can view configured identifiers by navigating to Settings and then Identifiers under the Request Manager heading.

On each Identifier card, you will see the following information:

  • The Identifier Name (i.e. Email)
  • Identifier Category
  • The Number of Integrations Mapped to The Identifier
  • A Button to View or Edit the Identifier

Adding a New Identifier

To add a new identifier:

  1. Select Add Identifier in the top-right of the page.
  2. Enter an Identifier Name and select the relevant Identifier Category and Sub-Category (if available).
  3. Select This identifier is required to process the request to require this identifier on all requests. If unchecked, Privacy Requests can proceed without this identifier provided.
  4. Select the Identifier Source:
    • Manually enter this identifier (Default): Manually input the identifier value for each Privacy Request during the Wizard State.
    • Automatically extract identifier through integrated systems: If you have an Internal Systems Integration configured to retrieve identifiers, select this option to fetch the identifier automatically.
  5. Configure the Integrations to utilize this identifier. All supported integrations will be listed in this section.
  6. Select Add Identifier.
Identifiers on The Intake Form

For identifiers configured with a Manual Source, it is helpful to ask the the Data Subject to provide the identifier on your Intake Form. To do this, add a Custom Question to your Intake Form to help retrieve identifiers that cannot be obtained automatically.

Editing an Identifier

To edit an existing identifier:

  1. Select Edit on any existing identifier. The default "Email" identifier cannot be edited.
  2. The following fields can be edited on any existing identifier: Processing Requests, Identifier Source, Integrations.
  3. Select Update Identifier to save your changes.
Active Requests

Edits to the Processing Requests or Identifier Source fields will be applied to active Privacy Requests. Edits to Integrations will only be applied to newly created Privacy Requests.

Deleting an Identifier

To delete an existing identifier:

  1. Select Edit on any existing identifier. The default "Email" identifier cannot be deleted.
  2. Select Delete Identifier in the bottom-right of the page.
Active Requests

Deleted identifiers will continue to show on active Privacy Requests. Deleted Identifiers will no longer be included on new Privacy Requests.

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.