Data subject request-management made easy

Manage one or one million data subject access requests, no problem. Osano's platform makes it easy to verify a data subject's identity, assign inbound requests to the correct person and then deliver results to the data subject in the timeframe required by law. 

Learn About Subject Rights Management
Data Subject Access Request

Automate data subject rights requests

Laws like the EU's General Data Protection Regulation and California's consumer privacy law, the CCPA, assign "data subjects," the customers you collect and store data on, rights to their information. Without rules and order, responding to data subject access rights requests can be a nightmare for organizations to track and manage. Osano's software sets up a process for success. It'll allow your organization to: define data sources, assign roles and embed a data-subject request form on your site. In no time, you'll be compliant with global and local laws.

DSAR/SRR Workflow

Never Miss a Deadline

Forgot to pick up milk on the way home? That happens, but you'll never miss a deadline with the Osano DSAR portal.

Verify Identities

Instantly ensure that the requestor is the data subject or has the right to request the information. 

Go Paperless

Use Osano's GDPR representative and your paper mailed requests also magically appear in your portal.

Is full DSAR/SRR automation the right approach?

Get Compliant Now

Under both the GDPR and CCPA, as well as under numerous other data privacy laws, individuals have data rights. Individuals have the right to request that you delete their data, correct inaccurate data, do not sell their data, or provide a list of all data that you store about them.

In recent months, numerous groups have undertaken "DDOS Compliance Attacks" whereby they band together and submit thousands of fraudulent DSAR/SRRs in an attempt to harm businesses. Automating portions of your DSAR workflow can preserve valuable resources should your company fall victim to one of these DSAR DDOS attacks.

Although full automation or AI-powered DSAR workflows and data mapping may initially seem like a panacea, accuracy is paramount in responding to a subject rights request. If your automation is not 100% accurate, even if you answer a request in a timely fashion, you may still run afoul of the law.

Osano implements a hybrid approach, implementing technology where it is best, and requiring human intervention for critical details. By pairing the Osano GDPR Representative Service, PII Tracking API, and DSAR Workflows together, you will have a robust DSAR implementation that complies with the law and is always accurate.

What's New at Osano

Introducing AMP support for Osano Consent Manager

Capture and manage consent across your standard and AMP pages using the same Consent Management Platform.

Learn more about Osano for AMP

Saudi Arabia and UAE banner updates

Based on recent legislation in Saudi Arabia and the UAE, Osano Consent Manager now features updated cookie banners for both regions. 

Learn more

Introducing Secure Messaging Portal

Now you can communicate securely with your customers and users who make Data Subject Access Requests (DSARs) about their request in a secure and compliant way.

Read about the DSAR Secure Messaging Portal

EU banner updates

Based on new guidance from EU regulators, the default banner experience has been updated with a "Reject All button," a "Storage Preferences" button and an "X" for the following countries: Belgium, Czech Republic, Denmark, Finland, Germany, Greece, Ireland, Italy, the Netherlands, Spain and the U.K.

Learn More

Chinese banner update

China passed a privacy law recently. The Personal Information Protection Law comes into effect in Nov.1 , 2021. It requires changes for obtaining consent from users for tracking, analytics, personalization and marketing. 

learn more

View more product updates

Osano product & engineering teams have been hard at work. View the full list of all product updates.

View Product Updates