Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.

DataGrail, a data privacy startup that helps businesses navigate the growing array of privacy regulations around the world, has raised $30 million in a series B round of funding. Alongside the investment, the San Francisco-based company added a slew of enterprise customers to its roster, including Databricks, Dexcom, and Twilio.

Founded in 2018, DataGrail constitutes part of a growing roster of platforms that are capitalizing on privacy regulations — such as GDPR in Europe and CCPA in California — by making it easier for companies to manage, automate, and grow their privacy programs. For example, many privacy regulations allow end users (e.g. customers or employees) to request access to their data under a right-of-access stipulation known as a data subject access request (DSAR). Fulfilling such requests can be a labor-intensive process involving collaborations between multiple teams for a single DSAR, given that the average enterprise uses between 50 and 100 different systems to store personal data. DataGrail enables businesses to automate many of the processes involved in complying with such requests.

“Organizations rely on hundreds of interconnected apps and infrastructure — SaaS apps, data lakes, hosted databases — making it nearly impossible to find the personal data associated with a single person and comply with privacy laws,” DataGrail cofounder and CEO Daniel Barber told VentureBeat. “DataGrail allows businesses to automatically understand the apps and infrastructure they use [and] what personal information exists in those systems and provides the ability for their customer to control how their information is used.”

DataGrail supports more than 900 prebuilt integrations across companies’ cloud apps and infrastructure, including AWS, Box, Dropbox, Stripe, Slack, Jira, Salesforce, and Okta. The company also claims to be able to detect personal data inside shadow IT systems — technology a company hasn’t officially approved for storing customer data.


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

Companies can complete a DSAR in minutes using Request Manager, according to DataGrail, which instantly identifies where all the data is stored and unifies it in a single online dashboard.

Above: Automated DSAR request management

Moreover, DataGrail makes it possible for companies to automate the specifics of the request. For example, a customer may want to request access to their data or request that their data be deleted or restricted for sale.

Above: DataGrail: Access or delete?

In terms of integrations, DataGrail said most of its customers can deploy it in less than 30 days. “The platform detects the apps and infrastructure in use and discovers the data within those systems via internally built no-code integrations,” Barber said.

DataGrail claims a major selling point is that it doesn’t use any form of middleware for its integrations — it builds and maintains all the connectors and integrations itself.

DataGrail had previously raised around $9 million, and its latest $30 million cash injection saw participation from a slew of existing and new investors, including Felicis Ventures, HubSpot, Okta Ventures, and Next47.

Funding flurry

The raise also comes amid a flurry of funding activity across the data privacy landscape, with Privacera yesterday announcing $50 million in funding and OneTrust and BigID recently attaining $5 billion and $1 billion valuations, respectively, after funding rounds. An increasingly competitive data privacy management world is also showing signs of consolidation, with OneTrust recently acquiring an AI startup called DocuVision that automatically finds and redacts sensitive data in documents.

But DataGrail is hoping to set itself apart from the pack by providing what Barber calls a “complete solution.”

“We see modern businesses struggle with the first generation of privacy vendors,” he said. “Existing tools have been bifurcated into either workflow or data discovery. DataGrail’s integration network of over 900 apps and infrastructure platforms provides the first integrated solution.”

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.