Authorized Agent
There are scenarios where a data subject will require a request to be submitted on their behalf. Generally, this requires a form to be signed by an authorized agent, verified by the data subject, processed, and then reviewed and stored. Within DataGrail, the Authorized Agent Workflow enables authorized agents to submit privacy requests on behalf of data subjects. For reporting, the approval from the data subject is tracked through the authorized agent request workflow available as part of the Request Wizard.
Bulk Actions
Bulk Actions is a new feature added to Request Manager that enables users to deny privacy requests in bulk within the DataGrail Platform. Previous to this feature, users were required to deny requests one by one so this feature provides significant time savings to Request Processors!
Close a Privacy Request
DataGrail offers 3 options, in the case a Privacy Request needs to be manually closed:
Email Notifications
Certain DataGrail Users will receive email notifications based on their User Role and responsibilities in the platform. Here, we will explain how to manage those notifications in the Email Notifications Settings tool.
Email Templates
Each email that DataGrail sends out to data subjects is accessible within the platform as a customizable template. DataGrail has built default email templates that are not required to have edits, should a customer opt to not make immediate changes.
File Upload
DataGrail offers multiple methods for manually uploading data on a Privacy Request.
Integration Approvers
What is the 'Approver' Role in DataGrail?
Integration Status
When processing a request, the status of the overall ticket, as well as the actions each integration takes to find and process data. Integration statuses offer insight into actions that can be taken to progress integrations.
Overview
The lifecycle of a Privacy Request and the integrations that are processed depends on the Privacy Right being exercised. The lifecycle for each Privacy Right in DataGrail can be found below:
Privacy Requests Export
Once you and your team start processing privacy requests through DataGrail, you may start to have questions about reporting on those requests outside of DataGrail.
Processing Multiple Identifiers
Personal data is sometimes keyed using different identifiers that are not email, such as unique identifiers, phone numbers or cookies. This article will walk through how the Multiple Identifier feature will be able to find all personal information from data subjects stored in their data systems, while eliminating the possibility of missing data and not be limited by email address alone.
Processor Requests
When processing requests, there are two options to select in step 3 of the Request Wizard: Controller and Processor. This article walks through the request flow if you select Processor during this step.
Request an Extension
Under the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), businesses have the option to extend the timeline of privacy requests by an additional 60 days (GDPR) or 45 days (CCPA) due to the complexity and number of requests. Businesses are responsible to assess whether they fulfill the conditions to extend compliance with privacy requests.
Request Assignment
Request Assignment is a Request Manager feature that allows organizations to manage and track the assignment of their Data Subject Requests across DataGrail team members.
Request Wizard Flow
Once a Data Subject has submitted a privacy request, you will need to complete the necessary steps within the Request Wizard to submit that request. In Request Manager, you can complete steps one through seven by clicking on a request that has the status of “Pending: Wizard.” This is required as a privacy request won’t move forward within DataGrail without doing so.
Wizard Workflow Automation
DataGrail's Request Manager Wizard Workflow gives Request processors the ability to confirm all Data Subject details before moving forward and approving the request. The new Workflow Automation Rules will help to automate privacy requests from Intake Forms and reduce time spent processing single and large amounts of requests, and minimize room for error.