Data privacy management company DataGrail is gearing up to announce an integration with HubSpot, a go-to platform for marketing and sales. The company’s CEO and co-founder, Daniel Barber, tells VentureBeat the integration will help enterprises efficiently comply with the emerging data privacy laws, saving them time, money, and engineering resources.
Specifically, the integration will offer users an automated way to fulfill data subject requests (DSRs). It’s also aimed at streamlining the process for producing records of processing activities (ROPAs) and other data processing reports, which are key components of major privacy regulations like GDPR, CCPA, and forthcoming CPRA.
Like the advertising industry overall, HubSpot — which is an investor in DataGrail — finds itself in increasingly treacherous waters as consumers increasingly take issue with how their personal data is used for targeted advertising, and as regulators follow suit. Today’s data privacy regulatory landscape is not only fast-changing but varies widely between states and countries, which makes compliance challenging. And this is only the beginning.
“We’re at a crossroads for brands who’ve been relying on deep, unfettered access to PII [personally identifiable information] to fuel their growth strategies, [as] consumers and governments are clear that people want more control over their personal data,” Barber said, pointing to the fact that people exercised their rights to privacy more than 25 million times in 2020 with regards to just the core big tech platforms alone. “With scandals like Cambridge Analytica and Facebook, consumers are losing confidence in companies, and a proactive commitment to privacy is one way for brands to rebuild trust and loyalty.”
As marketers reckon with the changing tides, adopting the newly- and soon-to-be-required privacy practices is easier said than done. Barber said the big pain point today is that “everything is really manual, error-prone, and it’s hard to find and understand all the business systems in use that may contain PII.” Additionally, privacy folks are really strapped for resources, whether they’re on the security, compliance, or legal side, and the same goes for their marketing counterparts, he said. These processes can also be expensive. In a report earlier this year, DataGrail estimated that managing data subject access requests (DSAR) manually can cost upwards of $240,000 per million records.
Overall, these challenges have led to a spike in tools and services aimed at automating data privacy compliance. Cybersecurity company Imperva, for example, recently announced a tool the company says streamlines the process of identifying where personal data is stored in an environment and who is accessing it, minimizing the manual processes required to maintain continuous compliance. Data governance company Collibra has similar offerings as well.
The draw here is that over 100,000 businesses that need to become privacy-compliant are already using HubSpot. Barber says the integration will allow them to connect their HubSpot accounts to DataGrail with just a few clicks, no coding required. Additionally, the end-to-end automation of key privacy management capabilities can cut down on manual work to actually fulfill a data subject request.
“Typically we see time to fulfill a DSR go down from days or weeks, with multiple marketers or engineers touching the process, to just minutes, with one privacy admin approving automated requests,” he said.
The service also includes a Live Data Map, which acts as a single place privacy managers can go to understand their companies’ privacy footprints. DataGrail says the system identifies data stored across all sources, maps it across the entire organization, and continuously updates (not just with HubSpot, but all of an enterprise’s connected business systems that may contain PII) to help ensure compliance.