20 docs tagged with "Portal"

There are scenarios where a data subject will require a request to be submitted on their behalf. Generally, this requires a form to be signed by an authorized agent, verified by the data subject, processed, and then reviewed and stored. Within DataGrail, the Authorized Agent Workflow enables authorized agents to submit privacy requests on behalf of data subjects. For reporting, the approval from the data subject is tracked through the authorized agent request workflow available as part of the Request Wizard.

Bulk Actions is a new feature added to Request Manager that enables users to deny privacy requests in bulk within the DataGrail Platform. Previous to this feature, users were required to deny requests one by one so this feature provides significant time savings to Request Processors!

Within DataGrail you can close a request as Nonresponsive at multiple points during the privacy request lifecycle (Access or Deletion). Closing a request as Nonresponsive allows you to stop processing a request and close it with or without an email notification to the data subject. Currently, you are able to close a request as Nonresponsive in the following states:

Spam is unavoidable on the internet, but there are a few places in DataGrail that help address spam requests submitted to your company. Within the DataGrail admin console there are two places to mark a request as spam.

When processing requests, there are two options to select in step 3 of the Request Wizard: Controller and Processor. This article walks through the request flow if you select Processor during this step.

Certain DataGrail Users will receive email notifications based on their User Role and responsibilities in the platform. Here, we will explain how to manage those notifications in the Email Notifications Settings tool.

Within DataGrail, there are a number of base email templates that are available for you to utilize and customize. The table below walks through each base email template that is available and when the template is used during the Access Request Lifecycle or the Deletion Request Lifecycle.

Each email that DataGrail sends out to data subjects is accessible within the platform as a customizable template. DataGrail has built default email templates that are not required to have edits, should a customer opt to not make immediate changes.

Under the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), businesses have the option to extend the timeline of privacy requests by an additional 60 days (GDPR) or 45 days (CCPA) due to the complexity and number of requests. Businesses are responsible to assess whether they fulfill the conditions to extend compliance with privacy requests.

DataGrail offers various file upload capabilities to add data subjects’ data to privacy requests and to verify Authorized Agents’ identities. Below are the scenarios where you can upload files along with the filetype and size restrictions for each:

When processing a request, the status of the overall ticket, as well as the actions each integration takes to find and process data. Integration statuses offer insight into actions that can be taken to progress integrations.

Personal data is sometimes keyed using different identifiers that are not email, such as unique identifiers, phone numbers or cookies. This article will walk through how the Multiple Identifier feature will be able to find all personal information from data subjects stored in their data systems, while eliminating the possibility of missing data and not be limited by email address alone.

Once you and your team start processing privacy requests through DataGrail, you may start to have questions about reporting on those requests outside of DataGrail.

Request Assignment is a Request Manager feature that allows organizations to manage and track the assignment of their Data Subject Requests across DataGrail team members.

Once a Data Subject has submitted a privacy request, you will need to complete the necessary steps within the Request Wizard to submit that request. In Request Manager, you can complete steps one through seven by clicking on a request that has the status of “Pending: Wizard.” This is required as a privacy request won’t move forward within DataGrail without doing so.

Once a request is received from a requestor, DataGrail's privacy request lifecycle kicks off. While a request goes through the process you will see a variety of different statuses.

A User can stop processing a Direct Contact system at any time during the data retrieval process by clicking into a request and selecting the '...' button > Stop Processing on the Direct Contact Integration.

What is the 'Approver' Role in DataGrail?

In order to ensure data privacy compliance, you must first understand your function in regard to the personal data you’re processing. Consider your role and responsibilities to determine whether you are a controller or processor.

DataGrail's Request Manager Wizard Workflow gives Request processors the ability to confirm all Data Subject details before moving forward and approving the request. The new Workflow Automation Rules will help to automate privacy requests from Intake Forms and reduce time spent processing single and large amounts of requests, and minimize room for error.