Under the European General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), businesses have the option to extend the timeline of privacy requests by an additional 60 days (GDPR) or 45 days (CCPA) due to the complexity and number of requests. Businesses are responsible to assess whether they fulfill the conditions to extend compliance with privacy requests.
DataGrail offers the ability to extend timelines per request and to communicate to data subjects about the extension and expected answer to their request.
When reviewing a specific request, the user will need to click 'Request 45-day Extension' (60 days for a GDPR request):
When clicking the extension button, the relevant email template will be displayed giving the option to tailor the content of the email as needed. Once sent, the request timeline will be adjusted in your DataGrail platform:
The ability to extend a request timeline is available on all open requests once they are processed through the Request Manager Wizard. The ability to extend a request timeline is also available on all open requests, whether they are still within the request timeline SLA or not.
DataGrail offers the ability to submit a request extension once per privacy request.
Disclaimer: The information contained in this message does not constitute legal advice. We would advise seeking professional counsel before acting on or interpreting any material.
