Product Updates

Introducing Osano Privacy Legal Templates

posted on October 24, 2022

Producing high-quality legal documents for your privacy program can be time-consuming, costly, or both. Now, with Osano Privacy Legal Templates you can get started faster by leveraging templates generated by our global team of privacy experts. And, giving your outside counsel a completed document to review, rather than starting from scratch, can save you big on legal fees.

Problems with today’s privacy document options

Whether you are a founder or leader with in-house legal counsel, or an organizational attorney who’s responsible for the full breadth of legal challenges, not just privacy specifically, the options for generating privacy documents like cookie policies, contractual clauses, and service addendums can be less than enticing. 

Document options


Do it yourself

Spending the time to research all of the necessary laws and guidelines and then generating something you are confident in is a daunting task. 

Pay outside counsel

You can ask your outside counsel to generate these documents from scratch, but billing legal hours is the most expensive option.

Use general legal document templates

Some websites offer an array of legal templates from power of attorney and name changes to LLC and trademark filing. These sites sometimes have some privacy document templates, but not others. And, as generalists across the entire legal landscape, you can’t be confident that their privacy templates were generated by true privacy experts who are up-to-speed on all of the rapidly changing laws and rulings. 

AI Policy Generators 

Some tools can generate legal templates for you, sometimes using AI. Policy generators often produce inferior end results when compared with fill-in-the-blank document templates. Drafting legal documents requires knowledge of your specific business. AI that tries to give you a document based on it’s corpus of knowledge is often inaccurate and doesn’t fit with the specific needs of your business. 

Why use Osano Privacy Legal Templates? 

Osano now provides a library of privacy templates, created and maintained by Osano’s global team of privacy experts. The same team is continually up-to-speed on the changing privacy landscape and using that knowledge to update Osano’s compliant cookie banners and provide you with in-app regulatory guidance, is now also providing you with legal templates. You can rest assured with a high degree of confidence that you are using document templates generated by privacy experts. 

Save the time of searching the internet for inferior options. Osano Templates are available right in the Osano app and are usable in multiple formats including PDF, Word, Google Docs, and more

Save money on legal fees by sending your completed templates to your outside counsel for legal review rather than asking them to start from scratch. (NOTE: Osano Privacy Templates are not legal advice.) 

What templates are available? 

Currently, Osano features templates for

  • California Do Not Sell/Share Statement
  • California Notice of Financial Incentive
  • CCPA/ CPRA Service Provider Addendum
  • Cookie Policy
  • Data Processing Addendum
  • EU Standard Contractual Clauses 
  • GDPR Statement
  • Privacy Policy

How to use Privacy Templates

  1. Log in to your Osano accounts on
  2. Select Templates from the sidebar menu
  3. Click on the template to open in a new tab. 
    1. To use as a Google doc File > Make a copy. (You will need a Google account to copy as a Google Doc.) 
    2. To download in additional formats (no Google account needed) select File > Download and choose your format.
  4. Text highlighted in green should be replaced with language specific to your organization. 
  5. Text highlighted in yellow provides tips and guidance. Follow yellow highlighted instructions and remove the text from your final document.

For full details visit the Privacy Templates documentation.

Product(s) Affected

Core Platform



Introducing DSAR email intake

posted on September 1, 2022

When it comes to data subject rights, balancing convenience for your users and efficiency for yourself can be a difficult task. On the one hand, you want to respect user rights and comply with data privacy laws so you want the ability to begin a DSAR to be as easy, accessible, and frictionless as possible. On the other hand, if it’s too easy to submit a DSAR you end up with a lot of spam in your system and a lot of fake or inappropriate requests that you need to filter through, which is a big waste of your time.

Today, we are excited to introduce email intake for Osano Subject Rights Management. Now, you can provide an easy-to-use email address where your data subjects can start their requests in a simple, low-friction way, but also enjoy the checks and filters that a proper DSAR intake form provides so that you can avoid spam.

Email vs forms

The two most common ways to receive DSARs are through email or through a dedicated DSAR form. 

Email is simple and easy to use. Promoting an email address is also an easy way for vendors to start receiving DSARs who haven’t in the past. But email comes with many downsides as well. It opens the window for a high volume of irrelevant requests that you shouldn’t need to filter through. Additionally, with email, a data subject can phrase their request however they like opening the door for misinterpretation and miscommunication. There aren’t any guardrails. Did they provide all the info you need to process the request? Not always. When you are missing information it usually requires multiple back-and-forth communications to get it all sorted. 

Similarly, DSAR forms come with pros and cons. They can be designed to be more compliant by asking the right questions upfront and ensuring a data subject provides all the necessary information to process the request before it gets to an admin. Also, this mitigates spam and false requests greatly. The only downside is that users need to find the specific link to get to your DSAR intake form. And even when your form is easy to find, some users will still make legitimate requests through email that by law can’t be ignored.

Introducing Osano email intake

With Osano, you get the best of both worlds. Osano provides out-of-the-box DSAR forms that are easy to embed in your website with one line of code. You can also automatically direct requests sent by email to a hosted version of the form without any web engineering effort required on your part. This solves the problem of form discoverability by making sure all of your subject rights requests eventually go through your form to collect all information needed to satisfy the request upfront.

How Osano email intake works

Now, every DSAR form created in Osano automatically generates an email address. Simply redirect or forward DSARs you receive to this email address and the requester will get a response directing them to a hosted version of your form. It’s that simple. To get started, visit the Osano email intake documentation.

Product(s) Affected

Subject Rights Management



Introducing unified Data Discovery and Subject Rights

posted on July 20, 2022

There are many facets to running a compliant data privacy program, from understanding the ever-changing privacy regulatory landscape to managing user consent. Two key components of complying with laws like GDPR, CCPA, and LGPD are managing subject rights and data discovery. As a complete data privacy platform, Osano’s got you covered with all of these practices and more. However, up until recently, Osano Data Discovery and Subject Rights Management could feel like they weren’t as connected as they should be. 

Too often, privacy tools are complex, difficult to learn, and difficult to use. Some vendors offer a wide array of services, but they’re all disconnected, which means you have to deal with multiple, completely different tools instead of just one privacy platform. It’s even worse when trying to integrate different point solutions to manage your privacy program. It’s like putting together a puzzle that’s made up of pieces from multiple different sets that were never designed to work together. You may eventually get to a complete picture, but it won’t look pretty. 

Although privacy laws and practices can be difficult to understand, they don’t need to be difficult to follow. Privacy is for everyone, and it makes the internet a better place. Everyday people should be able to practice good data privacy without having to treat it like a second full-time job. In the spirit of making things easier for you, we’ve completely reworked and redesigned our Data Discovery and Subject Rights Management products into a singular, unified experience. 

New unified Data Discovery and Subject Rights Management

Now, you can process DSARs in less time with more confidence while Osano automates key parts of the process,  such as assigning tasks to data store owners and performing user searches in your connected Data Discovery integrations. 

And we’re just getting started. The work we’ve done recently is foundational, with an eye toward the future. So, while you’ll instantly get an improved experience today with the new unified platform, we’ve got even more exciting automation planned. 

New features

We’ve reworked the entire DSAR and discovery experience to make it more seamless and streamlined,  but here are a few key features we’ve added: 

Automated data store Identification

Before, when you received a DSAR you needed to manually identify which data stores should be a part of that request before Osano could notify the data store owners. Now, Osano will automatically add data store to a DSAR based on the request type. For example, if a correction request comes in, then Osano will add all data stores that have at least one data field that has a required action for correction requests.  

Automated Assignment

Before, you needed to manually assign data store owners for each DSAR that came in. Now, Osano automatically assigns action items for users based on who is configured as the data store owner. 

Automated Processing

Before, you needed to manually run user searches needed for each DASR that came in. Now, Osano automatically runs user searches. Osano looks for any automated data stores that contain data fields with a request action that matches the DSAR request type, runs a search, and adds it to the request workflow.


In this video, you’ll see an end-to-end DSAR workflow using the new and improved Osano Data Discovery and Subject Rights Management.

Getting started 

Because we’ve made significant changes to the platform, we wanted to make sure everyone using Osano today could continue to do so with minimal disruption and ample time to prepare. We’ll be rolling out the new interface to different groups of people at different times. Here’s how the rollout plan will work: 

New DSAR users get access today

For new Osano accounts and existing accounts that have never used Osano’s Data Discovery and Subject Rights Management solutions, the changes are live in your account now. Simply log in, and you’ll have access to the new unified experience. 

Existing DSAR users get access on August 16, 2022 

To give you a heads-up and time to prepare, we won’t be converting existing accounts that use Data Discovery or Subject Rights Management for another few weeks. When you log in, you’ll see the same familiar interface, and everything will continue to work in the way you’ve come to expect. 

Getting ready for the new experience will require a little bit of effort on your part. To guide you through the process, we’ve put everything you need to know together into one migration guide. If you are using Data Discovery and Subject Rights Management today, you’ll want to be sure to check out the guide and plan to implement it before all accounts get cut over to the new unified experience on August 16. 

The steps you’ll need to take are simple and lightweight, but if you have any questions, concerns, or feedback, please reach out to your account manager and they can help you get your account migrated cleanly. The new experience is far superior, so we’re confident you’ll be pleased with the update. 

Given the scope of the changes, all accounts will need to migrate and the legacy versions of Data Discovery and Subject Rights Management will no longer be available after the cutover date.

What if I want the new DSAR sooner? 

Most accounts will be migrated on August 16, 2022, but we do have a few slots for earlier access. If you are an existing Data Discovery or Subject Rights Management user, and you’d like to get your account migrated sooner, reach out to your account manager to get added to the list. 



The managed data privacy platform

Get started with Osano today

Explore Osano

What's New at Osano

Introducing Osano Privacy Legal Templates

Now, with Osano Privacy Legal Templates you can get started faster by leveraging templates generated by our global team of privacy experts.

Learn more

Introducing DSAR email intake

Capture data subject rights requests with the convenience of email and the efficiency of a dedicated intake form.

Learn more

New reworked DSAR and discovery

We've reworked and redesigned Osano Subject Rights Management and Data Discovery, unifying them into a single, seamless experience and creating automation to save you time.

Learn more

Stay GDPR compliant under new French ruling

Privacy regulators at the CNIL in France recently declared that Google Analytics violates GDPR. Osano’s new block list feature can disable Google Analytics in France to keep you compliant while allowing you to use Google Analytics in regions where it is still legal.


New in May 2022: DSAR conditional fields, 28 new integrations, and more!

Customize DSAR forms with conditional fields, serve consent banners in additional languages, use 28 new integrations for Data Discovery, and more! Check out our latest product announcement blog for demos, links, and more information.


View more product updates

Osano product & engineering teams have been hard at work. View the full list of all product updates.

View Product Updates