Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

3/10/2021
09:15 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

DataGrail Raises $30M Led by Felicis Ventures

Deep integration with expansive ecosystem of hundreds of popular business systems removes the complexity and costs associated with privacy regulations. DataGrail adds leaders such as Dexcom and WWE to an impressive roster of existing customers.

San Francisco, Calif.—March 10, 2021-- DataGrail, the modern privacy platform designed to help brands to build customer trust and transparency, today announced that it has raised $30 million in Series B funding in a round led by Felicis Ventures and joined by leaders in today’s SaaS ecosystem, including HubSpot and Okta. Next47, the global venture firm backed by Siemens, also participated, along with Basis Set Ventures, Operator Collective, and all of DataGrail’s previous investors. Victoria Treyger from Felicis Ventures will join the board. DataGrail also announced several new customers, including Dexcom and WWE, adding to an impressive list of existing customers such as Databricks, RH, Revolve, and Overstock.

DataGrail’s funding comes in the midst of intense battles between companies like Apple and Facebook over how to manage customer information. Concurrently, the regulatory landscape is rapidly evolving. Laws such as GDPR, California Consumer Protection Act, and Virginia’s recent Consumer Data Protection law now affect nearly every business that collects customer data. Fulfilling requirements, like data subject requests (DSARs), associated with these new regulations is incredibly complex, often involving more than 25 people to resolve a single request. This costs significant time and money in addition to running a high risk of error. DataGrail’s unique, no-code approach to privacy management addresses these issues with its advanced, yet easy-to-use platform that fully automates privacy programs and fosters trust.

“Privacy laws, like CCPA and GDPR, give people the right to have their data deleted, or refuse its sale, but modern organizations are ill-prepared for the Privacy Era,” said Daniel Barber, CEO and Co-Founder of DataGrail. “To combat the massive privacy challenges businesses face today, we’ve built a platform that makes it remarkably easy to untangle what’s become a spider web of data across the entire tech stack. DataGrailelegantly solves this near-impossible task for organizations that want to do right by their customers.”

The DataGrail Platform: Bringing Trust and Transparency to Privacy Management  

Consumers and governments around the world are demanding more control over their privacy, but privacy management is messy. If someone wants their personal data removed from an ecommerce site, for example, the privacy request touches not only the immediate holder of that information, but also the organizations that process data, the cloud that data resides in, all the way on down to the delivery partner that might drop off a purchased item at the end of a transaction chain. Organizations rely on hundreds of inter-connected data platforms—SaaS apps, data lakes, and hosted databases—making it difficult to know where all the data is stored for any given individual.

“We were using a well-known vendor for privacy management and thought there had to be a better way to address requests and prepare for future regulation. With DataGrail, we found our answer,”  said Carter Lee, Chief Administrative Officer of Overstock. His colleague, Brandon Greenwood, CISO, added, “Its platform is remarkably easy to use and restored our faith that every touchpoint of a customer’s data is handled exactly as the customer specified. As an added bonus, we targeted what I considered an aggressive metric for ROI based on our experiences, and DataGrail has already exceeded this by 10x.”

DataGrail’s Secret Sauce: Deep, Pre-Built Integrations

DataGrail uniquely sits at the nexus of privacy management and data discovery, in order to provide modern organizations the quality data foundation they need to build a scalable, robust, automated privacy program. DataGrail’s Integration Network currently connects with more than 900 of the most popular apps and infrastructure providers, and these integrations are built and maintained by DataGrail, rather than a middleware vendor. This ensures DataGrail remains in control, promising easy onboarding, accuracy, real-time maintenance, heightened security, and ability to detect the shadow IT that contains sensitive customer data. 

"Businesses are struggling to manage privacy requirements amidst increased regulation and the exponential growth in the volume of data that is shared via the growing app ecosystem," said Victoria Treyger General, Partner and Managing Director at Felicis. "DataGrail's platform is fully  integrated with hundreds of widely used business systems to provide a no-code, 100% automated approach that dramatically simplifies privacy management for businesses. DataGrail is addressing a critical need that applies to every business across every sector and size. I'm excited to see Daniel and the team equip more businesses with the platform to navigate the changing and challenging privacy landscape. We believe the company is positioned to become the standard for automated privacy management." 

DataGrail currently services millions of consumers in the effort to honor their privacy rights. To find out more about how the DataGrail platform works for consumers while saving teams’ time, ensuring error-proof data discovery, and requiring little-to-no ongoing maintenance, please visit www.datagrail.io.

About DataGrail 

DataGrail is the privacy platform brands rely on to build customer trust and transparency. Our easy-to-use platform enables brands to automate data subject requests, perform unified preference management and ensure accurate data discovery, so they can stay compliant with regulations like GDPR, CCPA, and CPRA. With 900+ pre-built connections with popular apps and infrastructure, the DataGrail Integration Network is the first of its kind to detect shadow IT that may contain personal data, ensuring the most accurate data discovery. DataGrail services millions of consumers, through companies like Overstock, RH, Databricks, Outreach, and has 4.8/5 stars on G2. DataGrail is backed by leading VCs and strategic investors, including Felicis, Cloud Apps Capital Partners, Operator Collective, HubSpot, Okta Ventures, Next47 and American Express Ventures. Visit www.datagrail.io or follow DataGrail on Twitter and LinkedIn to learn more. 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22540
PUBLISHED: 2021-04-22
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
CVE-2021-27736
PUBLISHED: 2021-04-22
FusionAuth fusionauth-samlv2 before 0.5.4 allows XXE attacks via a forged AuthnRequest or LogoutRequest because parseFromBytes uses javax.xml.parsers.DocumentBuilderFactory unsafely.
CVE-2021-3287
PUBLISHED: 2021-04-22
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
CVE-2021-31547
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
CVE-2021-31548
PUBLISHED: 2021-04-22
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.