How Opsware Solves Data Privacy Challenges for Modern Enterprise

Early in 2020, my co-founders Thomas, Andrew and I got together and made the decision to jump into the data privacy space to help millions of companies worldwide struggling to implement and adopt requirements for modern privacy legislation around the globe such as GDPR, CCPA, or PIPEDA.

Privacy Request was founded after we worked with a few of my consulting clients to help implement security and privacy measures across their engineering functions. After doing a project with a major telecom up in Canada, I realized that mapping to data and understanding the context around it was the hardest part of achieving compliance with any modern data privacy legislation. Fascinated by the challenge, the pain and opportunity was obvious, and many solutions in the market were either clunky or not oriented towards engineering and data teams.

While data privacy has been a topic at many large enterprises for years, the rush happened in 2018 after the EU rolled out a first-of-its-kind privacy legislation - the GDPR. Since the inception of the GDPR, we’ve seen over $300M in fines, and an aggressive roll-out of similar privacy laws around the globe such as Brazil’s LGPD, California’s CCPA, Colorado’s CPA, or Virginia's CDPA.  Currently, there’s over 60 jurisdictions worldwide that have either enacted or proposed modern privacy laws similar to the GDPR.  While regulators try to protect their citizens' information, companies are rushing to achieve and demonstrate compliance to their customers. 

While at a glance it may seem obvious that the primary driver of companies adopting privacy assurances may be legislation, it’s becoming more and more clear that the biggest driver is consumers and building trust with your audience. We found that most companies want to respect their customers' privacy. Building these workflows and controls is challenging, and putting this task on engineering teams is often seen as a burden - a lot of companies have been duct taping their way to compliance with in-house solutions. Achieving this at scale is challenging, and many companies face this exact same issue. This is why we founded Privacy Request: to develop cross-functional automation for data privacy that allows companies to demonstrate compliance to their users. Product, marketing and sales teams can easily adopt and show privacy assurances to their customers without slowing down their day-to-day processes.

1. Automated Data Mapping: Discover and connect data systems, without lifting a finger

Privacy Request’s Data Mapping solution handles the complexity and labour intensive workflows of discovering data assets across a scattered enterprise, and classifies data amongst these systems, software tools, and vendors. Our platform acts as a blanket monitoring tool across your enterprise and helps detect personal data within your systems. Privacy Request accounts for regulatory requirements and record keeping that makes data privacy compliance uniquely difficult compared to traditional e-discovery or data mapping solutions. Our solution is uniquely built for companies to easily scale when adding new vendors or systems into their IT environments. Our growing library of pre-built connectors for proprietary or 3rd party tools makes it easy to detect and plugin, without needing to go through engineering or IT teams to help with this discovery. Easily automate legal reviews, proactively spot risks, and keep your ROPAs and data maps up-to-date, without needing to chase down stakeholders or teams.

2. Automated Privacy Right Fulfillment: Avoid costly in-house solutions, workflows, and backlogs

Privacy Request’s data privacy tech stack is the first of its kind. We make it easy for companies to demonstrate compliance and automate the tedious processes that are required. We aim to build a solution for engineering teams that removes the privacy requirements needed to handle regulatory requirements with global laws such as GDPR or CCPA.

When Privacy Request receives a data subject request (access, deletion, or updates) we’ll crawl downstream into your systems to help identify that individual, verify their identity and perform the necessary action for the request. While performing requests, we maintain a fully traceable audit log to make reporting with regulators dead simple, recording every action taken as part of that particular request. Requests are handled within minutes, sometimes even seconds and helps off-load the work from engineers, or customer experience teams who are often the ones controlling and monitoring this process.

3. Privacy Center: Let your customers take control of their data

The Privacy Center is a user experience that allows users to take control of their data within a few clicks. This white-labelled experience is tailored to the businesses branding and will be located at privacy.companydomain.com.

Historically speaking, data request workflows were hard to access. Often buried in privacy policies, or an application’s admin settings, these features are major value-adds for customers who want to know that they can control their information that you collect for them. The Privacy Center helps companies demonstrate compliance and show customers that they have ownership of data that is collected about them - within 1-2 clicks from their computer browser.

While we build a path and the future of data privacy, we aim to give customers control of their data with a single click. By doing so, we’re making it simple for companies to demonstrate these privacy assurances - that is traditionally a challenge to accomplish.

You can read more about Privacy Request and our team, or contact us.

We’re thrilled to be part of this industry and help advance the internet and make it a place that customers can have trust.