Release Notes

Truyo, an IntraEdge Company

IntraEdge is a sizable organization specializing in products and services, distinguished by its ability to operate with the agility and flexibility typically associated with much smaller companies. Truyo operates as a subsidiary of IntraEdge, further enhancing the company’s diverse offerings.

Truyo is a comprehensive data privacy and AI governance platform tailored for mid-sized to enterprise-level organizations. It automates subject rights requests and consent management, facilitating compliance with key regulations such as CCPA/CPRA, GDPR, Virginia, DPDP, and PIPEDA. Additionally, Truyo’s AI governance module identifies risks and supports adherence to evolving global AI regulations, enhancing organizational compliance and efficiency.

For any other information please reach out to support@truyo.com

Releases

Truyo Product Release Version 8.5.0

Configurable Verification Skipping for Requests (13074)

    • Added configuration options to skip consumer identity verification and/or verification review for all request types. This provides organizations greater flexibility in customizing how they handle verification workflows.

Manual Task Creation for Systems (14759)

    • Enabled a configuration setting to allow organization users to manually create tasks for systems without an existing task for the same request. Vendors can be configured without needing to be associated with a regulation.

Migration of External Libraries to Truyo CDN (14718)

    • For improved security and performance, all externally hosted libraries have been migrated to Truyo’s internal CDN.

Enable Data Upload for Open Vendor Tasks in Progress (TR-15039)

    • Support added for enabling data uploads when a task is in progress, specifically for custom integration scenarios.

UI Update – Replace “Domain URL” with “App” in Topic Management (14935)

    • Updated the “Add Topic” interface to replace the “Domain URL” column with “App.” This is a UI improvement only and does not affect existing functionality.

Bulk Cookie Deletion in Consent Settings (14391)

    • Added functionality to bulk delete cookies on the Consent > Cookies page. Cookies deleted from the Truyo list will also be removed from the associated Cookie Preferences popup.

No specific security updates included in this release.


No infrastructure updates included in this release.


  • Fixed translation inconsistencies in cookie plugin UI for certain languages. (TR-14934)

  • Resolved edit functionality failure for “Policies Only” user groups. (TR-14875)

  • Fixed console errors during cookie edit/delete operations for restricted user groups. (TR-14876, TR-14878)

  • Resolved errors for domain, topic, and app plugin operations across various user group configurations. (TR-14879 – TR-14881)

  • Addressed null error when setting QuikLinks with undefined domain limits. (TR-14993)

  • Fixed cookie deletion issues caused by hostnames with leading dots. (TR-15015)

  • Removed IAB-related translations from the language editor on the org portal. (TR-15014)

  • Implemented timeout logic to mark a quick scan as failed if it exceeds 3 hours. (TR-15009)

  • Resolved UI issue where scan status remained “in progress” post-completion. (TR-14773)

  • Addressed missing data in multiple reports. (TR-14917)


  • Missing Spanish translation containers in Cookie Consent for one org. (TR-15040)

  • Resolved access issues for AI users on use case assessments. (TR-14922)

  • Fixed POST /request API access for automation users. (TR-14892)

  • Corrected SSO bypass login issues for organization users. (TR-15025)

  • Addressed SSO display error for a specific organization. (TR-15026)


Infrastructure Upgrades
Planned enhancements to core components: Spring Cloud, Spring Boot, JDK, Swagger, and JUNIT for better security and performance.

Vendor Management
Advanced vendor risk management capabilities, including AI usage assessments and task automation.

User Features & Permissions Enhancements
Gradual rollout of improved role-based access control and permissions granularity.

Preference Management – Language Support
New support for automatic translation and improved localization for enterprise preference centers.

SharePoint Content Scanning
Upcoming support for scanning and indexing SharePoint content to enhance data visibility and privacy compliance.

UI/UX Enhancements
Continued updates to streamline navigation and improve user interface consistency.

Hierarchical Data Handling in Scramble Jobs
Improved processing of complex hierarchical data structures within the scramble job framework.

Truyo Product Release Version 8.4.0

Network Share Content Scanning (14758)

  • Support for scanning content within network share instances hosted in private environments.

Mass Deletion for Preference Management (14861)

  • Introduced mass deletion capabilities for managing user preferences more efficiently.

Multiple Contacts for Open Vendors (14792)

  • Open vendors can now assign multiple contacts to receive task-related alerts, improving communication and accountability.

OpenAI Integration (14782)

  • Organizations can now integrate their own OpenAI accounts directly within the platform for enhanced AI capabilities.

Effective Regulation Go-Live Date (14347)

  • Organizations can preconfigure regulations with a specified go-live date, ensuring they are hidden from the consumer portal until the defined activation time.

Password Creation and Update Enhancements (14734)

  • Improved password handling by removing restrictions on special characters, supporting stronger password generators.

Verification Questions at Initial Request Submission (14739)

  • New configuration allows organizations to prompt verification questions at the start of a request, enhancing data validation at the point of entry.

Mobile App Consent – Library Management

  • Library Management UI (14767): A new “Libraries” tab allows management of mobile third-party libraries.

  • Associate Libraries with Topics (14768): Admins can now associate or disassociate multiple libraries with consent topics via a dropdown in the topic editor.

Cookie Banner & Privacy Center Enhancements

  • Theme Preview Support (12173): Toggle between light and dark background previews within the privacy center.

  • No Cookies Detected Messaging (11656): A default message displays when no cookies are found during scans.

QuickLink Task Throttling (14233)

  • Organizations can now limit the number of tasks processed per run to respect third-party API call limits.

Enhanced Topic Metadata (14825)

  • Topic details in the JSON response now include associated libraries and purposes for improved data visibility.

  • No specific security updates included in this release.


  • No infrastructure updates in this release.


  • Automated extensions not applying deadlines correctly (14839)

  • Session cookies not removed properly by delete_cookie function (14756)

  • Incomplete data in download metrics (14844)

  • Deleting sub-pages affected domain-level scan integrity (14794)

  • Scan progress message remained post-completion (14733)

  • IAB details not loading in preview (14202)

  • API responses included login credentials (14873)

  • Inconsistent display of zero counts for purposes, features, and Google vendors in IAB popup (14504)

  • “Show more” link intermittently not working in vendor tab of IAB (14913)

  • Truyo cookie banner causing outages in isolated instance (14893)


  • Cookie domain scan failures resolved (14842)

  • SSO login issues for organizational users (unspecified ID)

  • 401 errors on adding Quick Links in SSO-enabled organizations (14496)

  • Errors when switching domains without content load in cookie plugin settings (14500)

  • HTML links not rendering correctly in Cookie Bar content (14519)

  • AI users are unable to work on AI use case assessments with SSO turned on (14922)
  • Reports not showing data (14917)
  • URL unique error for logo and favicon upload (14904)

Infrastructure Upgrades
Ongoing upgrades to Spring Cloud, Spring Boot, JDK, Swagger, and JUNIT to enhance performance and security.

Vendor Management
Comprehensive vendor risk management tools, including AI usage assessments.

User Features & Permissions Updates
Gradual rollout of advanced role-based access controls.

Preference Management – Language Support
Support for auto-translation and user-friendly localization options.

SharePoint Content Scanning
New capabilities for scanning content within SharePoint environments.

UI/UX Enhancements
Continued design updates for improved user interaction and navigation.

Scramble Jobs – Hierarchical Data Handling
Better support for complex, hierarchical data structures within scramble processing tasks.


Truyo Product Release Version 8.3.0

Alert for Regulation Activation Without System/Vendor (14346)

  • An alert notifies users to complete setup (add system/vendor) when enabling a new regulation to ensure task creation.

Detailed export for AI use cases (14321)

  • AI use cases now support data export functionality.

Compliance Advisor (14533)

  • Automatically scans domains and provides feedback and potential gaps related to data privacy compliance. Such as cookie banner, cookies, GPC signal, etc…

Bulk Risk Upload for AI Governance (14546)

  • Allows CSV-based bulk upload of AI governance risks.

Export Cookie Consent Audit Log (14569)

  • Cookie consent changes are captured and downloadable for audit purposes.

Option to Remove “No Data” Rejection Reason (14464)

  • Organizations can remove “No Data” as a rejection reason without errors.

Preference Management Integrations (14219)

  • Allow organizations to define which systems the preference management solution integrates.

Search by Request/Task ID (14359)

  • Enables sorting and searching by both short and long versions of Request or Task IDs.

Weekly Updates to IAB and Google Vendor Files (13802)

  • Weekly downloads and updates of the IAB Global Vendor List to Truyo CDN.

New Consent Tables and APIs for Weekly Uploads (13803)

  • Enhances tracking and reporting of consent records.

Automated Saving of Plugin scan updates to CDN (14582)

  • Automates saving cookie scan updates to the CDN after a scan.

Audit Log Updates for Cookie Settings (14651)

  • New tables created to log and track changes to cookie settings.

TripleSeat Quiklink (14479)

  • Integration with Tripleseat event management software to automate and streamline data privacy request handling related to event data.
    • Supports DSAR and Delete requests

No specific security updates in this release.

No infrastructure updates included.

  • Issues with custom user group creation, assignment, and domain visibility (14655, 14652, 14653, 14658)

  • Errors with AI assessments completion (14646)

  • Request form name wrapping issue (14674)

  • IAB banner showing no data in tabs (14568)

  • Cookie scan issues:

    • Unable to set monthly auto scan (14495)

    • Auto scan settings not refreshing immediately (14498)

    • Empty values during deep scans (14709)

    • UI freezes during cookie scans (14726)

    • Auto scan entries not deleted properly after domain removal (14729)

  • Errors saving Branding/Interface settings (14671)

  • Compliance Officer role error after password reset (14710)

Infrastructure Upgrades
Updating Spring Cloud, Spring Boot, JDK, Swagger, JUNIT for better performance and security.

Vendor Management
Full vendor risk management including AI usage assessment.

User Features & Permissions Updates
Rollout of enhanced role-based access control.

Preference Management Translations

Support auto translation as well as more UX friendly translation capabilities.

SharePoint Content Scanning
New support for SharePoint data scanning.

UI/UX Enhancements
Ongoing improvements to user experience and design.

Hierarchical Data Handling in Scramble Jobs
Better processing of complex data structures in scramble tasks.

Truyo Product Release Version 8.2.0

Regulatory Support

  • Minnesota Consumer Data Privacy Act (13931)

    • Added support for the Minnesota Consumer Data Privacy Act, which takes effect in July 2025.

Preference Management Enhancements

  • Extended our Preference Management solution with improved support for dynamic data types, including lists, checkboxes, and advanced validation options.

  • Introduced more flexible UI controls, making it easier for users to manage communication preferences and consent with greater accuracy and clarity.

  • Our federated model supports Marketo integration with SalesForce and Hubspot following soon.

Feature & Permission Enhancements

  • Granular Permissions for Domains in the Consent Module

    • Permissions for configuring domains in the consent module can now be restricted based on specific groups, ensuring access is limited to authorized users for designated domains.

UI & User Experience Improvements

  • Custom Matching Key Display Names (14285)

    • Custom matching keys now include a display name to ensure proper formatting in the UI.

  • Default Search by Email on DSR Search Page (14353)

    • The default search field is now set to email address instead of alphabetical order, aligning with common user behavior.

  • Cookie Banner Auto-Save for New Discoveries (14385)

    • The system now automatically saves newly discovered cookies and topic assignments, streamlining cookie management.

  • Cookie Consent: Handling Third-Party Tags via Data-Src Attributes (14405)

    • A new option has been added in the Cookie Plugin settings under “Tag Manager” to control how third-party tags using data-src attributes behave when no consent is given.

    • Options include Enable or Disable.

  • Cookie Banner Consent Event Logging (14488)

    • When users interact with the cookie banner (Accept, Decline, or Save buttons), an event is now triggered to notify integrated tools of consent changes.

  • Audit Log Enhancements for Cookie Consent (14531)

    • Additional details are now captured in audit logs, including changes to cookie categorization, user modifications, and updates made via CSV imports.

Scramble Job Fixes & Enhancements

  • Resolution for Stuck Jobs Due to SQLException & Case Sensitivity (14015)

    • Improvements made to prevent scramble jobs from getting stuck due to SQL exceptions and case-sensitive table considerations.


  • No specific security updates in this release.

  • No infrastructure updates included in this release.


  • Vanilla-Picker Hosting on Truyo CDN (14541)

    • Static files for Vanilla-Picker are now hosted on Truyo CDN for improved reliability.

  • Publisher Restrictions: Save Settings Issue (14499)

    • Resolved issue where saving settings failed when selecting all or a large number of vendors for publisher restrictions.

  • SSO Login Issues for Organization Users (Fix applied)

  • 401 Error When Adding Quick Links for SSO-Enabled Organizations (14496)

  • DataTables Warning When Switching Domains in Cookie Plugin Settings (14500)

  • Cookie Bar Content Not Rendering HTML Links Properly in UI (14519)


Infrastructure Upgrades

  • Planned updates to core components, including Spring Cloud, Spring Boot, JDK, Swagger, and JUNIT, to enhance performance and security.

Vendor Management 

  • From onboarding vendors to detecting and assessing their usage of AI, a complete vendor risk workflow.

Compliance Advisor

  • Provide the ability to scan your web domains and validate required links for data privacy regulations. In addition analyze your cookie banner functionality for any compliance issues.

User Features & Permissions Updates

  • Ongoing rollout of enhanced role-based permissions for better access control.

SharePoint Content Scanning

  • Upcoming support for scanning SharePoint content for improved data visibility.

UI/UX Enhancements

  • Continued improvements to optimize user experience and interface design.

Hierarchical Data Handling in Scramble Jobs

  • Improved processing of hierarchical data structures within scramble jobs.

Truyo Product Release Version 8.1.0

Customized Roles and Permissions (12952)

  • Introduced the ability to create custom groups with granular permissions for Data Privacy and Consent features.
  • Groups can be configured to have access to specific sections within these features.
  • Currently, only edit capabilities are available.
  • Users added to customized groups may lose access to other sections not included in this initial release.
  • Group deletion functionality will be available in a future update.

Preference Management

  • Enhanced enterprise-level preference management solution, providing users with greater control over their communication and data-sharing preferences with a direct integration to Marketo.
  • Upcoming direct integrations with Salesforce, and HubSpot will further streamline preference handling.

AI Survey Dashboard (14126)

  • A new dashboard provides a comprehensive overview of AI survey results, offering insights at a glance.

Account Settings & Header UI Update (14141)

  • The account settings menu in the top right corner of the organization portal has been redesigned for a modern and improved user experience.

Cookie consent (14326)

  • Enhanced Publisher Restrictions (IAB TCF)
  • Clients can now apply more granular restrictions on vendors, including blocking specific purposes and modifying legal bases.

IAB Cookie Expiration & Re-Consent (14328)

  • If changes are made to vendor settings or publisher restrictions in the organization portal, users must provide fresh consent.
  • Consent remains valid for 13 months, after which the consent banner will reappear.

Cookie Deep Scan Enhancements (13786, 14093, 14175)

  • Scanned Pages Visibility: Users can now view a list of pages scanned during a deep scan within the Truyo UI.
  • Improved Scan Data Management: Enhanced storage and processing of scan data for both quick and deep scans to improve efficiency.
  • Internationalization Support: The cookie consent banner now supports multiple languages.

  • No specific security updates in this release.

  • No infrastructure updates in this release.

  • Resolved console error related to i18next plural resolver (14293)
  • Custom JS content is not saving in the org portal (13893)
  • Missing tag for Right to opt-out request completed with rejections|Privacy account email template (14314)
  • Internal server error when trying to submit a request using the business partner form (14386)
  • Default regulation selection does not work on the request form (14315)

  • Various performance and stability improvements.

Infrastructure Upgrade

  • Planned upgrades to core components, including Spring Cloud, Spring Boot, JDK, Swagger, and JUNIT, to enhance performance and security.

Assessment Improvements

  • Improved verification questions based on request type, origin, and attributes.

User Features & Permissions Update

  • Enhanced role-based permissions for better access control being rolled out in stages.

SharePoint Content Scanning

  • Upcoming support for scanning SharePoint content for improved data visibility.

UI/UX Enhancements

  • Ongoing updates to refine user experience and interface design.

Hierarchical Data Handling in Scramble Jobs

  • Improved processing of hierarchical data types in scramble jobs.

Truyo Product Release Version 8.0.0

Global Delete Modal Optional Setting (13180)

  • Added a setting to disable the global delete modal, ensuring compliance for organizations that require this option.

Custom Verification Key Labels (13955)

  • Organizations can now configure their own identification keys to better align with their users’ needs.

Bulk Delete and Multi-Select on Data Approval Page (13304)

  • Users can now select multiple files and delete them in bulk on the Data Approval page.

Page Retention on Data Approval Review Page (14063)

  • The Data Approval page now retains the last page visited, making it easier to sort through review items.

Brand Filter on the Review Pages (13541)

  • A brand filter has been added to Appeals and Review pages, providing better insights into request origins.

Moodle LMS Integration for AI Training (13881)

  • Added integration with Moodle LMS to facilitate AI training and compliance initiatives.

Email Sorting for Privacy Accounts (13963)

  • Introduced the ability to filter between Privacy and Non-Privacy accounts on the following pages:
    • General Emails
    • Email Verifications
    • Request Processing

Expansion of language support for some dialect specific languages (13590)

  • Expanded support for dialects of the following:
    • English
    • French
    • Spanish
    • Chinese
    • Arabic

60-Day Response Option for New Jersey Regulation (14019)

  • Added support for a default 60-day response time for categories of information requests, as required by New Jersey’s Data Privacy Regulation.

Customizable AI Notice Header (14021)

  • Enabled customization of the header section in AI Notices.

Download and Host Google Fonts (14025)

  • Google Fonts are now hosted on the Truyo CDN to reduce network calls and improve font availability, minimizing layout shifts.

Assessment File Upload Size Limit (14033)

  • File upload size for assessments is now limited to 10MB.

Verified Matching Keys Support Update (13868)

  • Matching keys updated during the request lifecycle can now be retrieved through integrations.

IAB TCF Implementation

  • All necessary code updates have been completed to begin the certification process for IAB TCF compliance.

Scramble Improvements for Bulk Copy (13870)

  • Resolved issues with bulk copying multiple tables when identity_insert is turned on for one table.

Bazaarvoice QL Request Handling (13986)

  • Requests from joined companies in shared Bazaarvoice instances are now processed as a single request.

No specific security updates included in this release.


No infrastructure updates included in this release.


  • Missing request processing email templates for Right to Obtain requests (14013).
  • Inconsistent dates in Request Details reports (14024).
  • WAF errors in Consent Metric Period Reports (14083).
  • Password prompt shown when adding a new user with SSO enabled (13990).
  • truyoConsentUpdate event incorrectly triggered on every page load when GPC is enabled (14231).

  • Resolved portal logout issue when editing an AI risk (14020).
  • Fixed incorrect display of the last scan date (14032).
  • Removed duplicate text in the AI detection engine description (14034).
  • Limited the Auto-Translate setting to the AI Usage section (14038).
  • Fixed issues preventing the addition of content scanning data sources (14039).
  • Addressed issue where secure vendors were incorrectly being changed to open vendors (14061).
  • Regulation activation no longer auto-enables all requests by default (14087).
  • Increased API match content size for vendor scans (14077).

Infrastructure Upgrade
Planned upgrades to core components, including Spring Cloud, Spring Boot, JDK, Swagger, JUNIT, and related elements, to improve performance and security.

Assessment Improvements

  • Enhanced data mapping capabilities.
  • Improved verification questions tailored to request type, origin, and attributes.

User Features and Permissions Update
Enhanced role-based permissions for better access control.

SharePoint Content Scanning
Upcoming support for content scanning within SharePoint.

UI/UX Enhancements
Ongoing updates to improve user experience and interface design.

Hierarchical Data Handling in Scramble Jobs
Enhanced processing capabilities for hierarchical data types in scramble jobs.

Truyo Product Release Version 7.9.0

Website Checker and AI Reference Detection (13880)

  • Advanced updates to the AI signature detection for web domains, leveraging a headless browser.
  • Scan HTML content for references to indicate potential uses of AI within the companies products or services.
  • Scans for data privacy compliance (cookie banner present, Do Not Sell link,  respecting GPC signal)

AI detection integration (13860)

  • New AI governance configuration page
    • Confidence level for AI content detection moved to the new AI governance config page
    • Ability to switch from Truyo Cl (new) or GPT-2-small (existing default) for content scanning
    • Enable or disable AI usage within the platform

Authorized users ability to upload alternate forms of documents (13778)

  • Authorized agents have the ability to upload word docs and image files as well as the current PDF functionality.

  • No specific updates in this release.

  • No infrastructure updates included in this release.

  • DataLayer event ‘truyoConsentUpdate’ not firing until GPC is enabled for GPC use case for Cookie plugin (14016)

  • Double error page after too many requests open modal (13961)
  • Dark theme not showing visible text on left nav when selected (14023)
  • Consumer dispute box does not show error message if left blank (13954)
  • Task file upload for text files too large for WAF due to encryption (13993)

  • Some instances conditional outputs not being honored (13987)
  • Import functionality not working on vendors section (14007)
  • Unable to upload files on framework assessments (14026)

Infrastructure Upgrade:

  • Planned upgrades to core components including Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and other elements to enhance performance and security.

Assessment Improvements:

  • Enhanced data mapping capabilities.
  • Improved verification questions tailored to request type, origin, and attributes.

User Roles and Permissions Update:

  • More granular role-based permissions for better access control.

SharePoint Content Scanning:

  • Upcoming support for content scanning within SharePoint.

UI/UX Enhancements:

  • Ongoing updates to refine and improve the user experience.

Hierarchical Data Handling in Scramble Jobs:

  • Enhanced processing capabilities for hierarchical data types in scramble jobs.

Truyo Product Release Version 7.8.0

Upcoming Regulations:

  • Added support for new data privacy regulations (New Hampshire, New England, and Nebraska).

Vendor Assessment Directive:(13600)

  • Introduced options for organizations to automatically trigger vendor assessments:
    • Upon completion of a web scan, looking for AI references.
    • Upon creation of the vendor record.

UI Update for Systems and Vendors (13762):

  • Systems Management and Vendor Management are now distinct menu items for improved navigation.

Vendor Manager Role (13763):

  • New role added to manage all vendor-related tasks and processes.

Alphabetical Listing of Systems on Request Rework Page (13777):

  • Systems are now displayed in alphabetical order for easier identification and navigation.

Multiple Contacts for Systems and Vendors (13751):

  • Groups can now be created and assigned to systems or vendors, enabling collaborative task management:
    • All group members receive notifications for new tasks.
    • Any group member can update assigned tasks.
    • Group membership can be easily managed from the group creation page.

Reason Selection for Request Extensions (12041):

  • Organizations can now configure reasons for extension requests:
    • Extension reasons can be managed under Configure > Request Extension Reasons.
    • A toggle to enable this feature is located under Configure > Regulations and Features > Request Processing.

Auto Translation Toggle (13587):

  • New toggle added to activate or deactivate email auto-translation through AI
  • Available under Configure > Regulations and Features > Requester Portal.

AI Use Case Assignment on the Web Scan Page:

  • Added functionality to assign AI use cases to web scan results directly.

Cookie Auto-Scan Alert (13785):

  • Alerts are now generated when new cookies are detected, including details such as the cookie name and domain.

  • No specific updates in this release.

  • No infrastructure updates included in this release.

  • Resolved issue preventing AI managers from navigating the AI Governance Module (13818).

  • Fixed cases where essential cookies were being unintentionally deleted (13858).
  • Resolved issue where SSO users could not access the left navigation bar (13879).

Infrastructure Upgrade:

  • Planned upgrades to core components including Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and other elements to enhance performance and security.

Assessment Improvements:

  • Enhanced data mapping capabilities.
  • Improved verification questions tailored to request type, origin, and attributes.
  • Introduction of customizable assessment questions within the Data Privacy Assessment module.

User Roles and Permissions Update:

  • More granular role-based permissions for better access control.

SharePoint Content Scanning:

  • Upcoming support for content scanning within SharePoint.

UI/UX Enhancements:

  • Ongoing updates to refine and improve the user experience.

Hierarchical Data Handling in Scramble Jobs:

  • Enhanced processing capabilities for hierarchical data types in scramble jobs.

Truyo Product Release Version 7.7.0

Upcoming Regulations:

  • Saudi Arabia and India

Enhanced Notes Feature in System, Data Source, and Vendor Detail Pages (13266):

  • Added capability to add notes to vendor and system (data source) detail pages to accommodate organizational needs.

Full Regulation Names in Organization Portal (13341):

  • State and country names replace abbreviations in regulation selection menus for easier identification, while abbreviations remain visible on the Regulation and Features page.

AI Use Case Management – Duplicate Handling (13369):

  • Option to close a Use Case as “Duplicate,” with an option to reference the duplicate’s unique use case ID.

Web Scan Update (13380):

  • Enhanced web scan display includes page location of detected AI, improving data clarity in the organization portal UI.

Assessment Webform Configuration (13406):

  • Added capability for assessments to be sent to business partners who don’t have organization portal accounts but need to complete assessments.

Preference Center (13567):

  • Organizations can now configure and manage user preferences, including communication type, frequency.
  • Coming soon: Support for multiple methods for consumers to manage preferences.

Custom Question Visibility in Requester Details (13629):

  • Consumer portal custom questions are now displayed within requester details, assisting in matching keys for request processing.

Cookie Category Master Data Handling:

  • Expanded cookie library for major vendors to support broader categorization (13620).
  • Improved data manipulation for cookie categories across multiple API functions, including Add/Edit/Import/Scan cookies (13621).
  • Enhanced auto-population and updates for cookie master data and user cookie categories (13622).

Privacy Center:

  • Multi-language support added (13367).
  • Separate handling for multiple topics with identical purposes in cookie preferences, enabling distinct configurations per topic (13625).

MongoDB Nested Field Scrambling (13807):

  • Scrambling now supports drill-down into nested fields for MongoDB.

  • Session invalidation upon password change (11894)
  • Endpoint restriction for email templates access (13640)
  • Vertical privilege escalation prevention for Data Review (13641)
  • Rate limit enforcement for reset email prevention (13642)
  • JavaScript library update for improved security (13643)
  • HTML injection prevention (13697)
  • Cross-site scripting prevention (13711)

  • No infrastructure updates are included in this release.

  • Resolved issues with logo/favicon upload (13589)
  • Fixed data approval rejection workflow when rejection reason is omitted (13734)
  • Addressed request type save issues (11957)
  • Corrected language selector visibility in cookie consent banners (13447)
  • Fixed multiple Privacy Center validation issues and GPC handling (13626, 13627)
  • Addressed multiple org portal issues, including counts, date validation, and metrics accuracy (13628)
  • Cookie plugin – isolated custom button properties from other site buttons (13768)
  • AI managers cannot navigate the AI module (13818)

  • Conditional outputs on the systems page now saved with wildcard functionality (13740)
  • Right to Obtain request has been separated into its own workflow (13736)
  • Resolved save issues on the request processing page (13757)

Infrastructure Upgrade:

  • Planned upgrades for Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related components to enhance performance and security.

Assessment Improvements:

  • Data Mapping enhancements.
  • Improved verification questions by request type, origin, and attributes.
  • Customizable assessment questions for the Data Privacy Assessment module.

User Roles and Permissions Update:

  • Refined permissions with more specific role-based access.

SharePoint Content Scanning:

  • Upcoming content scanning support for SharePoint.

UI/UX Enhancements:

  • Continued improvements for a more intuitive user interface and experience.

Hierarchical Data Handling in Scramble Jobs:

  • Improved handling of hierarchical data types in scramble jobs.

Upcoming Regulations:

  • New Hampshire, New England, and Nebraska

Vendor Assessment Directive:

  • Options for organizations to automatically trigger vendor assessments upon web scan completion or initiation, regardless of AI detection.

Truyo Product Release Version 7.6.0

Upcoming Regulations for 2025 calendar year:

  • Delaware, Iowa, Indiana, Maryland, Tennessee

Right to Confirm Request Type Added to All Regulations (13276)

  • Whether a controller processes their personal data.
  • Added for Colorado and Texas by default.
  • Optional for all other regulations.

Oregon List of Third Parties Request Type Processing (13375)

  • Option to process requests manually, with a task created for each assigned system.
  • The auto-processing option remains available.
  • Manual processing is set as the default for all organizations.

Custom Content Section Updated to Include All Logged-in Confirmation Modals (13381)

Left Navigation New Design Implementation (13298)

  • Enhanced new design for better navigation
  • Enhancements to continue over the next few releases

Azure DevOps Source Code Scanning (13405)

  • Azure DevOps repository support

AI Use Case Assignments (13417)

  • No longer showing an option to assign a use case if a webscan returns no AI tools in use.

Allow Closing of a Risk Item on the AI Use Case Page (13436)

  • Closing of risk items from the AI use case page implemented

Privacy Center Enhancements:

  • Prompt GPC Signal Confirmation on the Cookie Settings Modal (13411)
  • Cookie Consent Opt-in/Opt-out Module (13449)
  • Blacklist Option Available (13211)

Mobile App Consent Plugin support and New “App Plugin” tab in the UI (13498,12736)

Custom SmarterHQ SFTP Connector (13308)

  • SmarterHQ SFTP connector support

Quiklink Scan Data Sample (13595)

  • Data sample limited to 32 max characters.

  • No security updates are included in this release.

  • No infrastructure updates are included in this release.

Privacy Center Fixes:

  • Wildcard cookies not being captured correctly (13445)
  • GPC opt-out count not updating if “Show GPC Processed Message” is disabled in plugin settings (13443)
  • ${BRAND_NAME} tag not pulling in the parent org branding on sign up verification emails when branding option 2 is selected in the organization portal (13540)
  • Pagination showing on AI consent page if nothing was listed (13421)
  • Getting 403 Forbidden error when trying to save Custom CSS/code (13451)
  • After edit save on edit risk you get logged out (13420)
  • QL Scramble GW : Encountering error w/ JWT token on scramble run (13607)


  • None with this release

Infrastructure Upgrade:

  • Planned upgrades for Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related components to enhance performance and security.

Assessment Improvements:

  • Data Mapping Enhancements
  • Enhanced verification questions based on request type, origin, and attributes.
  • Data Privacy Assessment Editor
    • Allows organizations to customize assessment questions within the Data Privacy Assessment module.

User Roles and Permissions Update:

  • Refined user roles and permissions for more specific access based on role and function.

SharePoint Content Scanning:

  • Upcoming content scanning feature for SharePoint.

UI/UX Enhancements:

  • Ongoing updates to improve user interface and experience.

Hierarchical Data Types Handling in Scramble Jobs:

  • Enhanced the scramble job process for improved handling of hierarchical data types.

New Regulations:

  • Saudi Arabia, India

Truyo Product Release Version 7.5.0

Egnyte Delete Workflow (11192)

  • Added functionality for Truyo to pull data from the Egnyte system during a delete request to determine what needs to be deleted.

AI Web Scanning update (13426)

  • Websites are automatically scanned upon creation

Discussion comments section added to the Task details page (13490)

  • Comments available on the task details page for discussions between system owners.
  • Available for the Admin, Compliance Manager, Compliance Officer and Approvers.

AI Scorcard (13239)

  • Framework used to evaluate and measure the performance, effectiveness, and reliability of an artificial intelligence usage within the organization.

Github Token Masked (13422)

  • The token for Github is now a masked field.

Salesforce and HubSpot Content Scanning (12876, 12877)

  • Enabled AI-generated content scanning in Salesforce and HubSpot.
  • Supported file types: PDF, TXT, RTF, and DOCX.

Assessment Manager Export Capability (11373)

  • Enhanced data management with new export functionality in the Assessment Manager.

Vendor Task Reassignment Automation (12292)

  • Automatically reassign related tasks to a new vendor owner when the vendor contact changes.
  • Dropdown lists now display vendors with matching setups; ensure the new vendor’s email is updated for notifications.

Ethics and Principles Assessments Limitation (12987)

  • Limited to one Ethics and Principles assessment per instance.
  • Removed unnecessary pagination, “Add New” button, and search box.

AI Policy Template Integration (13178)

  • Automated population of AI usage policy email template with information from completed AI notice assessments.

AI Training Metrics (13489)

  • Provided the ability for training data to be either be a direct integration or a manual file upload from an LMS export

Customizable Content Scanning Threshold (13220)

  • Users can now set the content confidence threshold above or below the default 77%.

Assessment Name Size Increase (13296)

  • Expanded the “name” element to handle up to 100 characters for more descriptive naming.

Alerts Dropdown Cleanup (13337)

  • Removed two unused alert items for better clarity.

HTML Source code editing in Email templates (13217)

  • Restored the ability to view and edit email templates in source code/HTML.

AI User Permissions Update (13376)

  • AI users can now initiate use cases.

Source Code Scanning Terminology Update (13418)

  • Updated “Data Source” to “Repository” in the source code scanning interface.

Metrics Graph Wording Update (13472)

  • Clarified messaging on metrics graphs to reduce confusion.

Custom Configuration for FTP Connectors (13307)

  • Enabled backend configuration for specific client use cases.

Scramble Job Batch Size Fields Restriction (12195)

  • Restricted batch size fields to numeric inputs only.

Scramble Jobs Default Values and Constraints (12404)

  • Introduced standard default values and constraints for scramble job fields:
    • Scramble Batch Size: 7000 | Constraint: 1000 – 20000
    • Copy Batch Size: 7000 | Constraint: 1000 – 20000
    • Delete Batch Size: 7000 | Constraint: 1000 – 20000
    • Number of Threads: 2 | Constraint: 1 – 50

Editable Scramble Jobs (12407)

  • Introduced a DRAFT state for unscheduled jobs, allowing for edits before finalizing.

Respect Ignore/Continue Decisions in Scramble PreCheck (12406)

  • PreCheck will now respect user decisions to ignore/continue discrepancies, avoiding repeated warnings.

Mobile App Consent Metrics Tab and Reports (13297)

  • Introduced opt-in/opt-out metrics for mobile app consent.

Bazaarvoice Quiklink Connector (13306)

  • Added support for Access Requests (Data Fetch) and Delete Requests in Bazaarvoice Quiklink.
  • Implemented asynchronous calls for data fetch, with results downloadable as a zip file.

  • No security updates are included in this release.

  • No infrastructure updates are included in this release.

i19next Configuration Debug Mode Issue (13363)

  • Resolved an issue where the i19next configuration was incorrectly set to debug mode.

Cookie Popup Customization Issue (13368)

  • Fixed issues related to cookie popup customization.

Privacy Center Popup WCAG and ADA Compliance (13387)

  • Improved WCAG and ADA compliance for the Privacy Center popup.

Opt-in/Opt-outs Metrics Dropdown Issue (13409)

  • Fixed a display issue where the domain dropdown for opt-in/opt-out metrics was taking up the whole page.

Dropdown Item Limitation (13484)

  • Limited dropdowns to display only the first 5 items, with a scroll option for additional entries.

Ethics and Principles Assessment Special Character Issue (13338)

  • Corrected an error message that appeared when using special characters in Ethics and Principles assessments.

Ethics and Principles Export Corruption Message (13339)

  • Fixed a corruption warning message when exporting Ethics and Principles data.

Reviewer comments on assessments do not appear anywhere in the UI (13373)

ADA Compliance for Cookie Module Footer (13052)

  • Fixed an issue with the Cookie Module footer not focusing correctly for ADA compliance.

AI Governance Module Access for SSO Users (13402)

  • Resolved an issue preventing AI managers and users from accessing the AI governance module pages when using SSO.

Infrastructure Upgrade

  • Planned upgrades for Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related components to enhance performance and security.

Assessment Improvements

  • Data Mapping Enhancements.
  • Enhanced verification questions based on request type, origin, and attributes.

Data Privacy Assessment Editor

  • New feature allowing organizations to customize assessment questions within the Data Privacy Assessment module.

User Roles and Permissions Update

  • Refined user roles and permissions handling for more specific access based on role and function.

SharePoint Content Scanning

  • Upcoming content scanning feature for SharePoint.

Azure DevOps Source Code Scanning

  • Planned support for source code scanning in Azure DevOps.

UI/UX Enhancements

    • Ongoing updates to improve the user interface and experience.

    Hierarchical Data Types Handling in Scramble Jobs

    • Enhanced the scramble job process to better handle hierarchical data types.

    Truyo Product Release Version 7.4.0

    Allow organization users to reassign vendor tasks to another vendor user (12293)

    • Enabled the ability for an organization to reassign vendor tasks to another individual.

    Multi-level support for AI web scanning (12510)

    • Supports two levels of scanning.
    • Same domain and sub-domain.

    Improved look for DSR Access response (12526)

    • Enhanced the appearance of DSR Access request response in the email template.

    Language support for Verification questions (12849)

    • Enabled multi-language support for Verification questions.

    Language support for Rejection reasons (13027)

    • Enabled multi-language support for Rejection reasons.

    Content scanning for OneDrive Phase I (13028)

    • Supports OneDrive scanning currently, Soon to be expanded.

    GDPR granularity (13151)

    • Language selection follows the requester through the request lifecycle.
    • Translation ability added to Custom Content to handle state/county selection.

    Oregon list of third parties request type (13053)

    • Enabled the list of third parties request type for Oregon regulation.
    • This request type has an auto-close functionality to automatically find and send the list of third parties to the requester.

    Inside data categories the display name can be up to 255 characters (13295)

    Cassandra data scramble capability (10914)

    • Enabled the ability to scramble a Cassandra database.

    Prompt GPC signal confirmation on the cookie settings modal (12658)

    • Option to make GPC signal confirmation more visible instead of a toast message in the browser bar.
    • If a GPC signal is detected, it will be shown in red.
    • If a customer opts in after the GPC trigger, the text is removed.

    Explanation for attributes reported on cookie consent report (12659)

    • Additional details added to the cookie consent report.

    Mobile App Consent: Modified the topic tab in the UI (12735)

    Mobile App Consent: Report for Opt-in/Opt-out count (12931)

    Off-boarding a domain in the consent module, keeping the count for Opt-in/Opt-out (13088)

    • Prior to this update, the counts for opt-in/opt-out for a domain were being removed from the reports when the domain was removed.

    Show deleted domains in the reports metrics for opt-in/out (13226)

    • Allowing the data of domains that have been removed to still be available in reports.

    Enabled the ability to delete a completed and new job that has not yet run in scramble (13241)

    • Scramble jobs that are not needed or set up incorrectly have the option to be deleted.
      • Available on both job list page and new page.

    • No security updates are included in this release.

    • No infrastructure updates are included in this release.

    • GCP users are not able to make changes in the Quiklink section (13044)
    • Downgrade Access request email body updates (13089)
    • Empty state not displaying in sign-up workflow if the consumer does not belong to any regulation (13085)
    • Subject line inaccurate for the restriction request completed|Privacy account template (13121)
    • Missing Virginia Appeal statement in Right to Opt out of automated decision-making request with rejections|No Account (13127)
    • Extra space on conditional output listing page giving a larger click area (13183)
    • Redirecting to the dashboard section when the user clicks on a build AI notice button (13196)
    • Cookie consent language selector does not appear in the cookie banner or popup (13214)
    • Subject line not translating while using the auto-translate function (13126)
    • IF Statement code appearing in email to consumers (13128)
    • Regulation links are not working in some instances (We removed the links) (13219)
    • Unable to edit existing rejection reasons after the last update (13230)
    • Bulleted lists in email templates are converting to numbered lists (13263)
    • Font for bulleted/numbered lists in email templates are different (13264)
    • Remove extra grey padding for the consent popup (13236)
    • GPC Opt-out count not updating if the “Show GPC Processed” message has been disabled

    • ADA: Footer on the cookie module not focusing correctly (13052)
    • Wildcard cookies not working correctly by not allowing more characters (13257)

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • Data Mapping Enhancements.
    3. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes.
    4. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    5. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 
    6. Content scanning capability for SalesForce and Hubspot

    Truyo Product Release version 7.3.0

    AI Source Code Scanning

    • Perform advanced code-scanning techniques to meticulously inspect source code repositories, identifying instances of AI fingerprints.
      • Currently supporting Bitbucket and Github with more to come

    Link AI Scanning to AI Use Cases (12855)

    • Each scanning page/table (website, source code, content) can link to an existing use case.

    Implementation of an Email Editor (12798)

    • New template editor enables users to edit and modify email templates without needing to know HTML.

    Capture and Display Requesters’ Language Preference (12845)

    • Used to trigger emails in the correct language.
    • Default communication will be in English if the organization does not support the language or offer translations.

    Auto Translation for Email Templates (12843)

    • Ability to translate email templates to different languages with the click of a button.
    • Recommended to have someone proof the translated content to ensure proper context flow.

    Completed Past Due Status Added to Reports (12042)

    • Reports now show requests broken down by Completed and Completed Past Due for more granular reporting.

    Grouping for Quiklink Selections (12663)

    • Better grouping to display only 5 available Quiklinks in the dropdown with the ability to scroll for more options.

    More Granular Options for GDPR Regulation (12741)

    • Ability to select countries to be supported in the consumer portal if GDPR is selected.
      • Regulations and Features > Regulations Country settings
    • If not individually selected, all countries will show in a dropdown in the consumer request flows.
      • This update is off by default
    • Selection will show in the request details, and task details pages.

    Domain and Cookie Pages Update (12958)

    • Cookies page will have Add, Import, and Export buttons for the domain URL.
    • Add a domain URL drop-down in the Cookie tab with the first domain URL selected.
    • Create a New Domain Page with Add, Edit, Details, Delete, and Scan icons.
    • Configure URLs for Quick Scan and Deep Scan with settings for login details.

    i18n/Multi-language Support for Cookie Consent (12911)

    • Multi-select list box for supported languages in the cookie settings accordion.
    • Editable text for all banner content in different languages.

    Geo-location Blacklist and Whitelist for Cookie Consent (12957)

    • Geolocation-based blacklist and whitelist for banner visibility, using ISO codes.
    • Logic to show or hide banners based on location codes.

    Cookie Consent Opt-in/Opt-out Mode (12956)

    • Configurable opt-in/opt-out mode for cookie banners.
    • Opt-out mode prevents cookies and JS execution until consent is given.

    Support Deep Scanning in the Cookie Scanner (12959)

    • Supporting both Quick Scan and Deep Scan, including behind login page scans.
    • Modified consent API and logic for new scanner changes.

    Default JDBC Type Connectors Update (12976)

    • Update to OR condition for multiple keys in a table.

    WCAG Update for Cookie Modal (13052)

    • Dialog boxes updated to support ADA behavior.

    Scramble Job Improvements (12178, 12182, 11928)

    • Copy button added to Scramble job summary.
    • Copy job button included in the status box.
    • Enable job settings to be recreated through a copy mechanism.

    • No security updates are included in this release.

    • No infrastructure updates are included in this release.

    • WAF Not Allowing Emails with “Having” or “Havings” (12915)
    • Salesforce Quiklink Does Not Support ALL Regulation in the UI (12954)
    • Florida Right to Opt-out of Sensitive Data Request Email Not Mapped to Proper Template (12953)
    • Restore Email Template Click Area Too Long (13101)
    • Other/None Regulation content is incorrectly displaying the Utah text (13065)

    • None at this time

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • Data Mapping Enhancements.
    3. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes.
    4. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    5. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 

    Truyo Product Release Version 7.2.0

    • Multi-language support for email templates (11269)
      • Implemented a design to separate templates by language. Translations remain a manual process until a subsequent release to automate translation as an option.
    • Bulk “Approve” or “Reject” actions during the Verification process (11722)
    • External Truyo Quiklink API automatically generated and no longer configurable (11886)
    • AI Vendor Assessments update
      • Support for multiple AI vendor types to build assessments.
    • AI Risk Modal
      • Updated the risk register edit/add new to its own page.  Offers more flexibility and control.
    • Policy engine to evaluate risk against organizational goals and objectives (12917)
    • Opt-Out of automation page in AI Governance (12677)
      • Provides a single place to track all opt-outs of automated technologies.
      • Supports export capability to feed into AI models
    • Language support for Verification Questions (12717)
      • Each verification question can have its own translation for an improved user experience.
      • This is a backend update only. The UI is coming in the 7.3.0 release
    • Export assessment entry option to Excel (12854)
      • Exports existing assessment to excel (question, answer)
      • Future version to support importing of an assessment that was previously exported
    • Consumer portal and Custom Request forms responsive handling (12649)
    • Language selector on the consumer pages moved to the top of the page (12740)
      • Now resides in the top right corner next to the signup link.
    • AWS implementation of refresh CDN cache (12719)
    • Support for GPC counts in consent metrics  (12732/12733)
    • Add ‘sameSite=none’ attribute for truyoConsent cookie (12937)
    • Consent for mobile app support updates
      • App tab added to the consent UI (12734)
      • Allows defining a mobile app consent topics
    • Salesforce Commerce to Cloud B2C connector (12748)
    • Expanded custom Snowflake integration for Do Not Sell requests (12753)
    • Cookie plugin showing negative duration when imported with a CSV file (12413)
      • If the CSV has an expiration date less than the current date, the file upload will fail.
    • Netsuite Quiklink now available (12422)

    • No security updates are included in this release.

    • No infrastructure updates are included in this release.

    • Quiklink Gateway column names are incorrect in the Gateway list (12664)
    • Quiklink Mparticle connector failing on Data Fetch requests (12975)
    • WAF error for specific email addresses with the keyword “having” or “havings” anywhere in the email address.

    • Allow cookie addition using a wildcard (12718)
    • Quiklink errors when the requester has special characters in the email address.
    • CMMC Artifacts updates in the Assessment Module.

    1. Custom request forms to be mobile friendly
    2. Enhanced the responsiveness of the requester workflow, ensuring a mobile-friendly experience for consumer request flows, including employment processes
    3. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    4. Assessment Improvements:
      • Data Mapping Enhancements.
    5. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    6. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes.
    7. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    8. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 

    Truyo Product Release Version 7.1.0

    • Implemented new regulations to enhance organizations’ compliance with data privacy requirements:
      • Oregon (OCPA)
      • Texas (TDPSA)
      • Florida (FDBR)
      • Washington State Health Privacy Controls (MHMDA)
      • Montana (MDCPA)
    • Updated Org to Org requests to display the originating organization for created requests, providing clarity and accountability (12387)
    • Implemented a query parameter for different language versions of the consumer portal, allowing users to seamlessly switch between supported languages (11724)
    • Added a phone number field to requester forms, giving users the option to include this mandatory field in request submissions and account workflows (12106)
    • Implemented messaging to prompt organizations to close all open requests before removing a regulation or system from service, minimizing potential disruptions (12506)
    • Eliminated square brackets from the description text in email templates, enhancing readability and consistency(12525)
    • Introduced discussion threads for entries such as tasks, assessments, and risk registers, facilitating collaboration and communication (12472)
    • Implemented AI Manager import and assignment for knowledge assessments, streamlining the management of AI-related tasks (12548)
    • Enhanced messaging when removing systems and regulations, ensuring clarity and transparency in system management (12506)
    • Made cookie consent module specific JSON files private (12678)
    • Improved access report functionality, providing greater insights and control over data access (12526)
    • Ability to stop an in progress or scheduled scramble job (11926/12179)
    • Implemented a button to use to stop an in progress scramble job
    • Implemented the ability to stop a job from the job details page for Scramble (12183)
    • JIRA service desk integration (12586)
    • Storing the opt out count for GPC to report on to make these counts reportable (12542)
    • Implemented Port and tunneling for Redis in Truyo consent external service API’s (12679)

    • No security updates are included in this release.

    • No infrastructure updates in this release.

    • Categories of information are not stored on Right to know abbreviated task after acceptance (12642)

    • Add pre-check on customer if duplicated on destination system (12633)

    1. Custom request forms to be mobile friendly
    2. Enhanced the responsiveness of the requester workflow, ensuring a mobile-friendly experience for consumer request flows, including employment processes
    3. Email templates to support multiple languages
    4. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    5. Assessment Improvements:
      • Data Mapping Enhancements.
    6. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    7. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes.
    8. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    9. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 

    Truyo Product Release Version 7.0.0

    AI Governance Feature

    • Introducing the AI Governance feature that allows organizations to discover AI usage across the organization. Accomplished through employee surveys, website scanning, content scanning, and vendor assessments. All occurrences of AI can then be reviewed by the AI Governance board providing a defensible AI position.

    Automation user access to external Truyo Quiklinks (11887)

    • Automation user access expanded to include external Truyo Quiklinks.

    Hide Features that are not enabled (Scramble) (12099)

    • Features that are not enabled are now hidden, building a better user experience.

    Business Partner flow expansion (12044)

    • All supported requests are now available based on organization regulation settings.

    Mparticle to have default regulation value configurable in the UI if request regulation is not supported by the API (12466)

    • No security updates are included in this release.

    • Update to the latest version of jquery.datatables and Jquery-ui (11900)
    • Update Elastic Search to Version 8.12 (12409)
    • Upgrade nginx to helm release 4.7.5

    • Cookie topic description cannot be edited if “Is Necessary” is toggled on (12425)
    • Truyo Cookie banner JS not minified (11461)
    • Client custom connector for inbound activities count not verifying whether data has been returned (12468)
    • Residency Classification custom content updates not updating immediately as expected (12481)

    • when fully branded sub brands are enabled the parent org is not getting tasks created (12465)
    • ${BRAND_NAME} tag not filled in when email is sent for “all brands” (12556)

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • Data Mapping Enhancements.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    6. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 

    Truyo Product Release Version 6.13.0

    1. Logo and Favicon Support for Webpage Formats (11880):
      • Enhanced support for logos and favicons across various webpage formats.
    2. AI Governance as Standalone Navigation Section (12314):
      • AI Governance now features its dedicated left navigation section for improved accessibility and organization.
    3. Risk Register API Configurations Enhancement (12317):
      • API configurations for the Risk Register have been updated to enable better data handling in the user interface. New status updates include: Approved, Denied, Mitigate, Out of Scope, and Removed.
      • Risk Profile functionality
    4. Modifications to AI Survey and Scanning Pages (12312):
      • Import, Export buttons, and sample links have been relocated to the bottom of the table for enhanced usability.
    5. Cookie Management Updates (12252):
      • Improved functionality in the Consent > Cookie section:
        • Added support for cookies with no topic filter.
        • Redesigned grid display for cookies without topics.
        • Removed Opt outURL columns.
        • Added search button next to Data button in Consent > Subscribers section.
    6. Customization of Accept and Decline Buttons in Cookie Plugin Settings (12343):
      • Users now have the ability to relabel and resize the Accept and Decline buttons in the cookie plugin settings for enhanced customization.
    7. Enhanced Cookie Auto Categorization Logic (12368):
      • Auto-categorization logic has been improved to prioritize purpose over topic.
      • Custom topic names stored in the cookie category master table have been replaced with default topics.
    8. Enhanced Cookie Consent and GTM Integration (12370):
      • Improved integration of Google Tag Manager (GTM) template for cookie consent, enabling more streamlined management of consent states.
    9. Integrated Google Consent Mode – gtag.js (12371):
      • Integrated Google consent mode for CCPA and other regulations, ensuring compliance with storage consent policies.

    • No security updates are included in this release.

    • No infrastructure updates are included in this release.

    1. SMTP Configuration Update Issue:
      • Implemented a reset to default link for changing settings to Truyo SMTP settings, preventing interruptions in service due to old credentials.
    2. Modal Display Issue with Cookie Scan Successful Message (12381):
      • Fixed the issue where the successful cookie scan modal was positioned too low and remained on the screen.

    • Org users are not shown verification questions when submitting a request on behalf of a customer
    • Org user creating a request for an existing requester is not seeing the verification questions
    • Consumers are not able to complete verification questions when a request is submitted from a CSR and they skip the verification questions and submit.

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    6. Enabling AI governance feature to scan source code repositories, structured content, unstructured content and emails for presence of AI
    7. Update of the users roles and permissions handling to be more specific per user role and functions accessibility 

    Truyo Product Release Version 6.12.0

    1. Assessment Renewal Support (11813):
      • Enhanced support for renewing assessments.
    2. Global Delete Modal Customization (12098):
      • Users can now customize the title of the Global Delete Modal.
    3. Corporate AI Usage (12127):
      • Introduction of a new request type that sends the organization’s AI usage policy to the requester.
    4. Risk Register Phase II (12134):
      • Phase II implementation of the Risk Register, allowing the addition of assessment questions with a dialog box for additional information. Updated landing page.
    5. AI Governance Module :
      • Survey, scan and analyze AI usage within the organization.
    6. Consent Module Update (12253):
      • Renamed “Documents” tab to “Policies” in the consent module.
    7. Consent Privacy Plugin Center Improvement (12256):
      • Improved topic selection in the Consent Privacy Plugin Center, including the removal of topic selection in Step 3 and the change of “custom js” to “Tag Manager” in Step 9 of the cookie plugin.
    8. Scramble Job Summary for Failed Pre-Check (12181):
      • Introduction of a scramble job summary for the failed pre-check report and process.
    9. Owner Concept for Quiklinks (12267):
      • Implementation of an owner concept for Quiklinks to enable responses to issues.
    10. Scramble Jobs Configuration for Owner Email (12268):
      • Configuration option for owner email in Scramble jobs.
    11. Scramble Job Notification for Configuration Issues (12269):
      • Notification for configuration issues during the verification pre-check in Scramble jobs.
    12. Pre-Check Verification in Scramble Job Creation (12284):
      • Verification pre-check during the creation of a Scramble job in Step one.
    13. Preview Data When Applying Rules (10893):
      • Users can now preview data before applying rules, enhancing accuracy and control in the data management process.
    14. Enhanced UI for Scramble Job Completion Percentage (11260):
      • The user interface has been updated to display the completion percentage of a scramble job, providing users with real-time insights into job progress.

    • Rate Limits for Password Reset (11892):
      • Rate limits added to password reset functionality.

    • No security patches are included in this release.

    • Cassandra Support Upgrade (12263):
      • Support for the latest version of Cassandra in APIs and Quiklinks.

    • Disabled regulations with underlying enabled request types still appearing in all configuration pages (12038)
    • Access Requests completed with no data getting two completion emails (12095)
    • Consumer only requests show “All Brands” in the brands field (12117)
    • Azure monitor alert MySQL production query alert (12130)
    • “Add your first vendor” not showing up in the correct location (12157)
    • Verification questions are displaying on the request details page after the request creation when they are in disabled mode for the organization (12160)
    • Client favicon is replaced with the Truyo default when logged into the portal (12167)
    • Cookie name selection showing it is selectable when it is not on the topic page (12204)
    • View Assessment link showing internal server error (12207)
    • Compliance report misspellings (12299)
    • Requesters able to submit requests with an invalid email addresses format (12300)
    • New Zealand misspelled in the default regulation summary (12303)
    • Secure Vendors cannot see verification questions/answers for requests with portal accounts (12304)
    • Org users are not shown verification questions when submitting a request on behalf of a customer (12345)

    • Getting an error in Truyo when trying to make an extension (12228)
    • Prod download request report not sent out (12251)
    • Support not receiving email alerts/tickets for SMTP errors (12260)
    • Errors when sending test emails while the emails have actually been sent (12262)
    • Hide/Accept only necessary button showing multiple times on step 4 in the consent workflow (12265)
    • Unable to delete erroneous conditional output rule and create a new one (12266)

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    6. Enabling AI governance feature to scan source code repositories, structured content, unstructured content and emails for presence of AI

    Truyo Product Release version 6.11.0

    1. Risk Register (11737):
      • Implementation of a Risk Register feature to systematically manage and assess organizational risks.
    2. AI Governance Feature (12092,11643,12103):
      • Introduction of an AI governance superlative setting, offering advanced control and customization options.
      • Introduction of a dedicated AI scanning landing page with enhanced capabilities.
      • Ability to survey employees on usage of AI
      • Supports multiple AI frameworks including NIST, EU, and Biden Executive Order
    3. Email SMTP Settings Tab (12102):
      • Reorganization of Email SMTP settings, now accessible through their dedicated tab in the configuration section.

    • CORS Trusting Arbitrary Origin and ACAC (11899):
      • Addressed the issue of Cross-Origin Resource Sharing (CORS) trusting arbitrary origin and Access-Control-Allow-Credentials (ACAC) vulnerabilities.
    • CORS Misconfiguration (11891):
      • Resolved the CORS misconfiguration, ensuring a more secure system.

    • No security patches are included in this release.

    • No infrastructure updates are included in this release.

    1. XMLHttpRequest Issue with Cookie Plugin (12172):
      • Resolved the XMLHttpRequest issue preventing the loading of the cookie plugin due to access control checks.
    2. Default Population of Cookie Banner Local Storage Key (12203):
      • Fixed the issue where the cookie banner was populating the truyoConsentOptOut local storage key by default.
    3. Cookie Banner Topic Rename (12168):
      • Addressed the topic rename issue in the cookie banner for improved clarity and consistency.

    • Delete Subscription Topic Failure (90):
      • Fixed the error causing the failure of deleting a subscription topic.
    • Cookie plugin not backwards compatible for launching popup dialog (12222)

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.
    6. Enabling AI governance feature to scan source code repositories, structured content, unstructured content and emails for presence of AI

    Truyo Product Release Version 6.10.0

    1. Extension Options for Do Not Sell Requests in CCPA (12037):
      • Introducing optional extension days selection for DNS requests across all regulations supporting DNS. Users can choose 15 or 45 days, without impacting default extensions unless explicitly checked.
    2. Compliance Reports (8925):
      • A comprehensive report by regulations showcasing request types, including amounts received, accepted, rejected, and average days to complete.
    3. Rejected Status for Assessments (11950):
      • Users can now designate the “Rejected” status for assessments, enhancing transparency in assessment outcomes.
    4. French Translations for Truyo Terms of Service and Privacy Statements (11841):
      • Truyo’s Terms of Service and Privacy Statements are now available in French for users with French browser settings.
    5. Automatic Extension Functionality (11840):
      • When selected, this feature automatically extends requests two days prior to their due date, streamlining request management.
    6. Vendor Listing Page Enhancements (11959):
      • Added assessment status column for vendor assessments (complete, in progress, not started).
      • Introduced tiles for total completed assessments, in-progress assessments, and assessments not started.
      • Added a column for the expiration date of assessments.
      • Removed the Security Assessment column.
    7. Consent and Class Naming Enhancement (11834):
      • Consent and class names will now begin with unique identifiers to avoid existing website conflicts and organization.
    8. Dashboard Tile Additions (11911):
      • Added two new tiles on the Dashboard for Verification Review and Data Approval, highlighting items in “In Review” and “Final Review” status.
    9. Utah’s Data Privacy Requests (11473):
      • Do Not Sell is now part of the default request types for Utah’s data privacy requests.
    10. Proactive Reporting of Quiklink Failures (11700):
      • Similar to SMTP failures, the system will proactively open a support ticket for Quiklink failures, ensuring prompt attention to potential issues.
    11. Request with No Account Flow Layout Update (11427):
      • If more than 8 requests are supported in a regulation, a dropdown selection option is now available for improved user experience.
    12. French Translations for Truyo Terms of Service and Privacy Policy (11841):
      • French translations of Truyo’s Terms of Service and Privacy Policy are now presented for users with French language preferences.
    13. Verification Review and Data Approval Tiles (11991):
      • If the Review or Data Approval options are utilized, additional tiles on the Dashboard page provide insights into associated data.
    14. Reject All Optional Cookies Button (12036):
      • Introduced a “Reject All” button on the detailed cookie banner for streamlined user consent management.
    15. Production Scalability for MySQL Scramble Jobs (10911):
      • Improved scalability of MySQL scramble jobs for enhanced production efficiency.
    16. Proactive Alerts for Quiklink Failures (11700):
      • Proactive support ticket alerts will be generated for Quiklink failures, ensuring timely resolution.

    • CSRF vulnerability on password change has been addressed (11897).

    • No security patches are included in this release.

    • No infrastructure updates are included in this release.

    1. Topics and Cookie Updates Sync with Plugin (11833):
      • Ensure seamless synchronization of topics and cookie updates with the plugin, maintaining consistency across the platform.
    2. Gateway Design Bugs and Inconsistencies (11477):
      • Resolved design bugs and inconsistencies in the gateway.
    3. Manual Consent Cookie Dialog Overlaps Form Validation with Plugin Configuration (11650):
      • Fixed the issue where the manual consent cookie dialog was overlapping with form validation in plugin configuration.
    4. Business Partner CSV Upload Function Not Working (12043):
      • Fixed the issue where the Business Partner CSV upload function was not functioning.
    5. “Fully Branded Sub-Brands” Option Display Issue (12071):
      • Addressed the display issue where the “Fully Branded Sub-Brands” option was erroneously showing on the parent consumer page.

    Hot Fixes (Impacting Release Version 6.9.0):

    • Issues fixed and merged to production:
      1. Create Download Request Failing Due to Too Many Requests (12070):
        • Resolved the issue causing the failure of creating download requests due to excessive requests.
      2. Scramble Table Run Reflecting Current State (12072):
        • Ensured the scramble table reflects the current state even before completing/failing a job.
      3. Some Organizations Logos Not Displaying (11695):
        • Fixed the issue where logos for some organizations were not displaying.

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • Framework Assessments for AI with Scanning Capabilities.
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
      • Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.

    Truyo Product Release Version 6.9.0

    1. Consent Metrics (11825):
      • We’ve introduced consent metrics to provide detailed insights into consent-related data.
    2. All Regulations Option for Quiklink Rules Configuration (11762):
      • Quiklink rules are configurable for all regulations, offering more comprehensive rule management.
    3. Multi-Selection of Vendors (11815):
      • Multi-selection of vendors, supporting vendor assessment-only functionality.
    4. Import/Export of Vendors (11824):
      • Import and export vendors in bulk, simplifying the process of adding vendors with minimal information and saving them without immediate assignment to a system or request type support. Additionally, this feature allows the export of vendors to a CSV file.
    5. Internal Comments in Verification Review (11835):
      • The capability to include internal comments in the verification review reject request response, enhancing communication and record-keeping.
    6. Task Table Update (11837):
      • When tasks are closed via an API, the last modified information is now recorded in the task table.
    7. Cookie Panel Dropdown (10994):
      • A dropdown for the cookie panel type has been added, improving user interaction.
    8. GAP Assessment Regulation Removal (11850):
      • You no longer need to select a regulation when landing on the GAP assessment page. Instead, you can create a “named” assessment.
    9. Consent Requests Dropdown Style Update (11890):
      • The selection view on the consent requests dropdown section has been updated to match the product’s style for a cohesive user experience.
    10. Audit Log Enhancement (11852):
      • A consent summary has been incorporated into the Audit log, providing a comprehensive overview of consent-related activities.
    11. Global JavaScript Variable Update (11832):
      • The Cookie Consent plugin has been refined, including the renaming of the global JavaScript variable for improved integration and functionality.
    12. Persistent Page During Cookie Re-Categorization (11932):
      • To enhance user experience and continuity, active pages will now be retained during the cookie re-categorization process.
    13. Oracle Database Integration (10912):
      • The Oracle database has been added to the list of supported databases for data scrambling, enhancing data security and compliance.
    14. Scramble Database Table Transition (11768):
      • We have transitioned to new database tables for defining the scramble job and storing historical data, optimizing data management.
    15. Scramble History and Dashboard (11769):
      • The Scramble feature now includes a basic history and dashboard page, offering a comprehensive view of data scrambling activities.
    16. Scramble Job Details Page (Completed, Failed, In Progress) (11770):
      • We’ve introduced a dedicated job details page for completed, failed, and in-progress data scramble jobs, streamlining data management and analysis.
    17. Scramble Job Details Page  (11771):
      • A new job details page has been created for data scramble activities, facilitating better monitoring and control. This includes Database information section, Details to include full error details, table, fields and configuration in read only mode with pagination. No filtering added at this time.

    Our proactive security measures continue to ensure robust protection. No reported security breaches or attacks are associated with the addressed issues.

    • Stored XSS on the portal name functionality corrected (11895)
    • Stored XSS on Domain and Ban Email list corrected (11913)
    • Stored XSS on Access Control Page under Privacy portal corrected (11944)
    • HTML injection vulnerability in Verification Questions corrected (11908)
    • Stored XSS on Request forms functionality (11893)
    • Stored XSS on Privacy Portal details (11945)
    • Blacklist based file upload bypass (11901)

    • No security patches are included in this release.

    • There are no infrastructure updates in this release.

    1. Send Test Email Button (11670):
      • The “Send test email” button on the email settings page is no longer throwing an error while successfully sending emails.
    2. Domain Ban Email List (11907):
      • Unwanted translation tabs have been removed from the domain ban email list.
    3. Download Request Report (11800):
      • CSV download request reports no longer include blank rows that previously interfered with sorting capabilities.
    4. Quiklinks Visibility (11763):
      • Org portal users can now consistently see Quiklinks with Azure AD OpenID Connect, resolving sporadic visibility issues.
    5. Cookie Plugin Preview (11723):
      • The cookie plugin preview now functions as expected, ensuring a seamless user experience.
    6. Account and Verification Sidebar Styling (11963):
      • Styling on the account and verification sidebars now consistently matches the product’s style.
    7. GPC Signal not working as expected with GTM Integration (12045)

    • The following issues have been addressed from the 6.8.0 release:
    1. Cookie Auto Scan (11931):
      • Cookie auto scan functionality now works correctly.
    2. Task Emails for System Owners (11905):
      • System owners no longer receive task emails with auto-rejection rules set up due to rule priority.
    3. Naming Correction (11933):
      • Duplicate naming for “Right to Object/Opt Out” has been corrected to “Right to Opt Out” and “Right to Object” to align with descriptions.
    4. Vendor System Editing (11929):
      • Users can now edit brands, entities, and dependencies for a new vendor system.
    5. Open Vendors File Upload (11978):
      • Open vendors can now successfully upload files.

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • Framework Assessments for AI with Scanning Capabilities.
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
      • Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.

    Truyo Product Release version 6.8.0

    1. AI Assessment and Capability (11529):
      • Introduced the AI risk assessment tool, extending the capabilities of the Truyo platform.
      • This tool enables clients to comprehensively evaluate the usage and risk associated with AI within their organization.
      • Unlike conventional assessments, this introduces a scan-and-verify assessment to our platform.
    2. Extended Visibility for Open Vendors (11655):
      • Open vendors can now access task information for up to 30 days after a request has been closed.
    3. Improved Error Message Handling (11496):
      • Enhanced error message handling to display more informative messages in persistent banners.
    4. Additional Details for Fixed Download Request Report (11671):
      • Added extra information to the fixed download request report to provide a more comprehensive overview.
    5. Expanded Request Type Options for Regulations (11697):
      • Included additional request types in the optional section of all regulations, giving you more flexibility in your compliance processes.
    6. Quiklink Failures in Persistent Error Banner (11698):
      • Quiklink failures are now included in the persistent error banner for improved visibility and issue resolution.
    7. Vendor Regulation/Save Workflow Update (11735):
      • Updated the vendor regulation/save workflow, making request processing off by default.
      • Regulation selection is no longer mandatory when saving a vendor.
      • An alert message will prompt users to select supported request types if a regulation has been chosen.
      • This update accommodates the addition of vendors for assessment-only purposes that won’t be handling requests.
    8. Privacy Center Workflow (11735):
      • Implemented an updated workflow within the Privacy Center.
      • This workflow aligns with existing organization settings and features regarding requests supported and cookie consent management.
    9. Quiklink not loading table columns in the UI to configure rules (11740)

      1. Addressed an issue where Quiklink was not loading table columns in the UI for rule configuration.
      2. To improve user experience and accommodate very large data sets that were causing timeout errors, we have revamped the design of the table columns page.
      3. This enhancement ensures a smoother page and data load process, enhancing overall performance and usability.

    • We continue to proactively implement security measures as part of our comprehensive security plan. To date, there have been no reported security breaches or attacks related to the addressed issues.

    • No security patches are included in this release.

    • There are no infrastructure updates in this release.

    1. Cookie Preference Module Theme Color Fix (11453):
      • The toggle on the cookie preference module now correctly matches the organization’s theme colors.

    • The following issues have been resolved from the 6.7.0 release:
    1. Special Characters for French Translations (11801, 11796):
      • Special characters have been enabled to support accurate translations for French in verification answers and email template subject lines.
    2. Special Characters in Vendor Names (11797):
      • Special accent characters are now accepted in vendor names.
    3. Language-Specific Character Issue (Not Specified):
      • An issue where special accent characters for certain languages were not displaying correctly in name fields has been addressed.
    4. Quiklink Display Issue with Azure AD OpenID Connect SSO (11763):
      • Quiklink now consistently displays when using Azure AD OpenID Connect SSO.
    5. French Translation Rendering Issue for Name Fields (11819):
      • French translations now render correctly in name fields.
    6. Need QPSA Conditional Output Rules to save if rejection reason has special characters (11831)

      1. Allowed accent characters to be used for rejection reasons

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • Framework Assessments for AI with Scanning Capabilities.
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
      • Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
    3. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    4. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    5. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.

    Truyo Product Release version 6.7.0

    1. Allow Skipping Verification Review for Specific Request Types (11328): Introduced the ability to enable the skipping of the verification review process for select request types. This setting can be found in the features and regulations configuration section within the request processing tab. The following request types are eligible for this skip:
      • Do Not Sell
      • Right to Limit the Use and Disclosure of Sensitive Data
      • Right to Opt out of Sharing
      • Right to Consent
      • Right to Withdraw Consent
    2. Multi-Language Support for Request Form Generator (11268): The request form generator now offers the capability to support multiple languages, enhancing user accessibility and engagement.
    3. Configurable Email Verification Duration (11335): Introduced the ability to allow for the customization of the duration of time required for email verification.
    4. Enhanced Error Messaging for Privacy Request Processing (11454): A more accurate and informative error message has been implemented to convey proper handling when Truyo encounters issues in processing privacy requests.
    5. “None of These Apply” Option for Request Forms (11524): Request forms have been enhanced to include the option “None of these apply,” providing users with a more comprehensive range of choices.
    6. Clearer Text for Opt-In/Out Slider for Consent (11609): The cookie consent mechanism has been updated to include clearer language on toggle buttons, facilitating a better understanding of whether a user has opted-in or out.
    7. Update Request Type Names per Regulation (11525): Corrected naming conventions have been applied to accurately display request type names aligned with organizational regulations within the portal.
    8. Support for “ext” Query Parameter (11608): “Do not sell” and “opt” request forms now accommodate an optional “ext” query parameter. This parameter, if sent by an organization, maps to the externalConsumerId value in the make request API call.
    9. Persistent Upload Button for In-Progress Tasks (11696): Tasks that are in an in-progress status now feature a consistent upload button, ensuring seamless document submission.
    10. GPC Do Not Sell Request Workflow Enhancement (11659): Portal administrators are now empowered to select the desired regulation for GPC-based Do Not Sell requests, offering more flexibility in request processing.

    • A continuous implementation of proactive security measures has been underway as part of our comprehensive security plan. No confirmed security breaches or attacks have been reported for the addressed issues to date.

    • A security patch has been applied to resolve potential vulnerabilities associated with the Resend Verification email link (11663).
    • External calls have been reduced to enhance security. (11573)

    • The consent traffic flow has been optimized to reduce load on the product.

    1. Carriage Returns Allowed (11564): Carriage returns are now permitted, ensuring proper formatting of content.
    2. Responsive Custom Content with reCAPTCHA (11306): Custom content is now responsive on pages with reCAPTCHA enabled.
    3. Updated Request Names/Descriptions (11525): Names and descriptions of requests within the organization portal have been aligned with actual regulation naming conventions.
    4. Centered Icons on Assessment Action Items (11590): Icons on assessment action items are now properly centered for enhanced visual consistency.

    • Production updates (6.6.0) have been applied to address various issues, including completion of Account download tasks (11617), random parameter addition to client image URLs (11600), and rendering of text areas for authorized agents (11494).

    1. Infrastructure Upgrade: Upcoming upgrades for components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to improve performance and security.
    2. Pre-Categorization of Cookies: Enhancements to the cookie scanner will enable automatic categorization of cookies, streamlining data management.
    3. Assessment Improvements:
      • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
      • Framework Assessments for AI with Scanning Capabilities.
      • DOD Scoring for CMMC Assessments.
      • Data Mapping Enhancements.
      • Privacy Risk Register allowing organizations to track and mitigate risk across multiple projects or initiatives.
    4. Email Template Editor: An advanced template editing and viewing feature for email templates will be introduced, enabling tailored communications.
    5. Verification Questions Enhancement: The verification question system will be fortified, offering different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.
    6. Data Privacy Assessment Editor: Organizations will gain the ability to customize assessment questions within the Data Privacy Assessment module, enabling tailored evaluations.

    Truyo Product Release Truyo 6.6.0 Release

    Mobile App Regulation (11305)

    • The Mobile App regulation has been implemented to facilitate compliance with both existing and new Mobile delete requirements. Notably, it includes two additional request types: Apple Delete and Android Delete. Moreover, several other request types have been incorporated into this new regulation to offer users various options. Importantly, the Mobile App regulation is a standalone entity, separate from any other regulations.

    Conflict API (11276)

    • The Conflict API has been introduced to ensure that conditional outputs do not conflict with pre-existing conditions set for task and request handling. This measure helps maintain consistency and accuracy in data processing.

    Form Generator Text Editing Capabilities (11330)

    • The Request form generator now boasts text editing capabilities, allowing for enhanced customization of new forms. Users can now tailor form content to meet specific requirements.

    Left Navigation Highlight (11367)

    • A more effective indicator has been implemented to highlight the current section the user is navigating within the platform’s left navigation interface, enhancing user experience and ease of navigation.

    Removal of Prefilled Questions Column on the Add Assessment Page (11368)

    • The unused column for prefilled questions has been removed from the Add Assessment page, streamlining the user interface and simplifying the assessment creation process.

    Sorting by Date of Last Activity on the Framework Assessments Page (11369)

    • Users can now filter and sort assessments based on the date of their last activity, providing greater control and visibility over assessment management.

    Enhanced Design for the Tooltip (11478)

    • The design of the tooltip has been revamped to ensure a consistent and improved appearance throughout the platform, promoting a seamless user experience.

    Consultant Mode Enhancements (11307)

    • Consultant Mode now features group-based control of assessments, granting consultants enhanced management capabilities.

    Highlight Indicator for Assessments Actions Icons (11556)

    • An indicator has been introduced under the actions icons for assessments, making it easier for users to identify and understand the corresponding functions.

    Consent Stability Improvements (11412)

    • The API’s performance has been optimized to handle the increased load from consent traffic. Additionally, filtering mechanisms and logic have been integrated to facilitate future reporting enhancements for the consent dashboard.

    Consent Management: “/” for Additional Page Scanning (11452)

    • In the Manage popup, a new + icon now allows users to add subpages for a domain, with a maximum of five subpages allowed per domain. Subpages’ cookies will be associated with the domain URL after the scan. The Scan button has been updated to offer more granular control over URL scanning, displaying scan statuses – in progress, complete, or failed. The Daily auto-scan option has been removed to reduce server load, as clients primarily opt for Weekly or Monthly scanning without any adverse impact on functionality.

    Continual implementation of aggressive and proactive security measures as part of our comprehensive security plan has been ongoing. No confirmed security breaches or attacks have been reported concerning the addressed issues to date.

    Infrastructure Updates:

    • The default SMTP URL has been updated from Sendinblue to Brevo to ensure uninterrupted email service.

    Data Use Text Areas Character Limit (11557)

    • The character limit for data use text areas has been increased to 3,000 from 300, and carriage returns are now allowed, offering users more flexibility in inputting data.

    Inconsistent Table Setting Header (11585)

    • Header consistency has been restored in the Security and Vendor Assessments pages, ensuring a cohesive visual experience.

    Quiklink Displaying “Not Found” (11702)

    • The issue causing Quiklink to display “Not Found” on the listing page has been resolved.

    Duplicate Requests Message in Guest Mode (11474)

    • Guest mode requesters will now receive a duplicate requests message when attempting to process a request of the same type that is already being handled.

    Status Change Issue for “Start Request” Button (11549)

    • The “Start Request” button status in the GCP environment now changes correctly, improving the overall user interface functionality.

    Favicons and Logos Display Issue (11588):

    • We have identified and corrected the issue where favicons and logos are not displaying correctly.

    Colorado Data Privacy Act Regulation Request Extension Missing (11601):

    • We have noted that the Colorado Data Privacy Act regulation lacks the ability to extend requests, which is an essential feature to accommodate varying user needs. We deeply value compliance with relevant regulations, and addressing this oversight is of utmost importance to us.

    Updates to production have been made for items in release 6.4.0, including the handling of duplicate task creation in specific scenarios and enabling Quiklinks for administrators based on appropriate permissions settings in the database.

    Infrastructure Update:

    • Components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements are set to be upgraded to their latest versions, ensuring improved performance and security.

    Compliance Reports – Embedded:

    • Organizations will gain the ability to embed compliance reports onto public-facing web pages, facilitating transparency and accessibility for stakeholders.

    Pre-categorization of Cookies:

    • Enhancements to the cookie scanner will enable it to provide “best guess” categorization of cookies, streamlining data management processes.

    Assessment Improvements:

    • SSP Generation for CMMC (Cybersecurity Maturity Model Certification).
    • Enhanced ISO Framework Assessments.
    • Framework Assessments with Scanning Capabilities for Potential Cross-population Analysis.
    • DOD Scoring for CMMC Assessments.
    • User Groups Functionality for Assessments.
    • Data Mapping Enhancements.
    • Records of Data Processing Activity.

    Email Template Editor:

    • A more robust template editing and viewing feature for email templates will be introduced, enabling organizations to tailor communications effectively.

    Verification Questions:

    • The verification question system will be strengthened, allowing for different questions based on request type, origin, and attributes. Support for conditional questions, answer formatting, and required fields will be included.

    Data Privacy Assessment Editor:

    • Organizations will be empowered to customize assessment questions within the Data Privacy Assessment module, facilitating tailored evaluations.

    Truyo Product Release Truyo 6.5.0 Release

    GDPR RoPA (Record of Processing Activities) support (11206)

      • Implementation of support for GDPR RoPA, enabling organizations to maintain a comprehensive record of their data processing activities.
      • Generation of a PDF report containing the necessary outputs to meet GDPR requirements.

    Country of origin field for data sources (11302)

      • Introduction of a country of origin field in data sources, facilitating awareness and control over the geographical location of an organization’s data.
      • Inclusion of a table view on the Quiklink landing page, featuring a dedicated tab for easy access to the country of origin information.

    Priority alerts (11259)

      • Display of high priority alerts in a prominent banner visible on all pages of the platform.
      • Accessibility of priority alerts to all user roles, while actions to address the alerts remain role-specific.

    Employment portal SSO settings (11222)

      • Provision of configuration options for Single Sign-On (SSO) settings specific to the employment portal.
      • Enablement of Employment SSO customization within the SSO settings section.

    Manual re-triggering of Quiklink tasks from the UI (11241)

      • Addition of a button for each Quiklink, allowing users to manually re-trigger tasks that may have encountered errors.
      • Visibility of the re-trigger button exclusively when the Quiklink is in the Active state.

    • Ongoing security updates:
      • Continual implementation of aggressive and proactive security measures as part of our comprehensive security plan.
      • No confirmed security breaches or attacks reported thus far in relation to the addressed issues.

    • Migration to MySql 8 (11352)
      • Transition to MySql 8, improving the platform’s underlying database infrastructure.

    • Resolution of employment URL redirection issues (11240)
      • Rectification of URL inconsistencies causing incorrect page redirections.

    • Updates implemented for release 6.4.0, addressing specific issues.
    • Updates to the consent module to enhance performance (11440)
      • Optimizations made to the consent module to improve overall system performance.

    • Infrastructure update:
      • Upgrading components such as Spring Cloud, Spring Boot, JDK, Swagger/JUNIT, and related elements to their latest versions.
    • Compliance reports – embedded:
      • Introduction of the ability for organizations to embed compliance reports onto public-facing web pages.
    • Pre-categorization of cookies:
      • Enhancement of the cookie scanner to provide “best guess” categorization of cookies.
    • Assessment Improvements:
      • SSP generation for CMMC (Cybersecurity Maturity Model Certification).
      • Enhanced ISO framework assessments.
      • Framework assessments with scanning capabilities for potential cross-population analysis.
      • DOD scoring for CMMC assessments.
      • User groups functionality for assessments.
      • Data Mapping enhancements.
      • Records of Data Processing Activity.
    • Email template editor:
      • Introduction of a more robust template editing and viewing feature for email templates.
    • Verification questions:
      • Strengthening of the verification question system, allowing for different questions based on request type, request origin, and other attributes.
      • Inclusion of support for conditional questions, answer formatting, and required fields.
    • Data Privacy Assessment Editor:
      • Empowering organizations to customize assessment questions within the Data Privacy Assessment module.

    Truyo Product Release Truyo 6.4.0 Release

    • Employment availability is now offered as a selectable option within each regulation (11221).
      • Users can now choose the specific regulations they wish to support for Employment-related requests from the regulations and features section.
      • Management of Employment-related requests can be done through user-level permissions, and added as a system owner.
    • The selection of regulations is now available on the systems page (11136).
      • Each system is capable of supporting specific regulations.
    • Bulk conditional output rules (10985) have been introduced.
      • Users can create conditional outputs for multiple regulations and request types in a single entry.
      • Rules have been implemented to prioritize specific outputs over wildcard entries.
        • If the system, regulation, or request type is specified, the entered value will be accepted as is.
        • If none of the above are selected, it will be assumed to apply to all.
        • The bulk deletion of rules is now available, with no impact on the current rules set.
    • Alert functionality has been added to notify Truyo support of any issues with an organization’s SMTP settings (11202).
      • An automatic email will be sent to Truyo support when SMTP fails.
      • This alert will trigger once every 24 hours until the issue is resolved, creating a support ticket each time.
    • A usability update has been made to the Regulation/Request feature (11153).
      • A status banner indicating whether a regulation is active or inactive is displayed on the regulation page.
        • If a regulation is active, all related request types will be displayed in their respective places.
        • If a regulation is inactive, the selected request types will not be shown outside the regulations and features settings section.
    • Users now have the ability to skip specific steps in the cookie plugin configuration setup (10957).

    Ongoing security updates: 

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release

    Employment URL’s pointing to the wrong content (11240)

    Not all requests being pulled when running an external report (11304)

    Updates fixed to release 6.3.0

    Default regulation is not honoring the configured response times (11295)

    View files instead of downloading within the Egnyte platform (11083)

    Egnyte QL scanning not completing properly (11124)

    Data use section changes are not storing in the Quiklink rules page (11184)

    Org users are not able to update the intake form success/error state messages (11313)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • Enhanced ISO framework assessments
    • “Scan” framework assessments for potential cross population
    • DOD scoring for CMMC
    • User groups for assessments
    • Data Mapping
    • Records of Data Processing Activity

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Truyo 6.3.0 Release

    SMTP settings for MSO365 OAuth ()

    • New settings for organizations using MSO365 OAuth.
      • Dropdown selection on the email settings page to select basic SMTP or MSO365 .

    Vendor option to send the email and auto close the task (10977)

    • Add/edit a vendor and select if you just want to notify them of the task and close it.
      • This will automatically generate a conditional output for the vendor and accept the task.

    Reopen a task on an open request (11095)

    • Ability for an Admin or Compliance Manager to re-open a task as long as the request is still open.

    Download request related data for Truyo (11096)

    • Download request related information for further reporting
      • Link at the bottom of the reports page will open another page for you to select the Date range you want for the report.
      • The report will be emailed to the person who initiated the report for download.
      • Report can only be ran once per 24 hours.

    Allow commas in Brand names (11160)

    • Commas will be available in the Brand creation steps.

    System/task owner bulk reassignment when deleting a user (11094)

    • Note will be shown to remind you to assign a new user to the system before deleting the current user.
      • This will automatically assign the new user to the open tasks for this system.

    Sequencing workflow includes NAND option (11024)

    • System A gets a task first. If accepted then no further tasks are created.
    • System A gets a task first. If rejected then tasks will be created for all other systems.

    Remove redundant popups from consent (11245)

    • Topic update and Delete Cookie popups have been removed.

    Reminder message when adding a new regulation or request type (11093)

    • Reminder message will display letting the user know to update the system settings when adding a new regulation or request type to ensure no orphaned tasks are caused by not having a system assigned.

    Assessment improvements

    • Generation of System Security Plan for CMMC Assessments
    • ISO27001 framework assessment is now included

    Ongoing security updates: 

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Enabling WAF in all lower environments (10403)

    Fixing PHP depreciated values (11031)

    Unable to toggle field level data fetch options (11158)

    Languages selection will display in the correct language on the consumer portal (11113)

    Custom CSS not working for other languages (11112)

    Sub Brand portal

    Updates fixed to release 6.2.0

    Consumer can’t disable”Sale Cookie” without first disabling “Advertising cookies” (11111)

    Sub Brand portal are re-directing to the login page when guest mode is enabled (11190)

    Spanish accent letters are appearing as symbols when emails are sent out. (11191)

    APC settings only showing if an organization has parent only org set (11207)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • Enhanced ISO framework assessments
    • “Scan” framework assessments for potential cross population

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 6.2.0

    Update handling of the Default Regulation (10984)

    • Ability to set custom due dates for the regulation
    • Create extensions up to the original due date

    Request Form Generator (10919)

    • Provide the ability to create custom request forms, by setting parameters such as regulation, request type and more.
    • Create as many request forms as needed

    Filter by Pending on the Task page (10992)

    • Ability to filter by Pending on the Task pages

    Guest Only workflow (10955)

    • Allow an organization to be able to turn off the signup and login functions of the consumer portal.
      • Additional configuration may be needed to fully extend this functionality

    Batch closing of Tasks functionality (10956)

    • Multi selection of tasks and bulk complete
      • Can select Approved or Rejected
        • If rejected all tasks will get the same rejection reason
        • Can enter internal notes that will show on all tasks

    Assessment file upload error messaging (11078)

    • Added a check for the file upload in an assessment and show an error if there was an issue uploading the file

    Updated request breakdown headers under each regulation (10986)

    • Changed the request type headers from “Recommended and Additional” to “Default and Optional”

    Ongoing security updates: 

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None with this Release

    CDPA Opt Out of Targeted Advertising email templates tied to Right to Consent process flow (10978)

    New organizations not respecting mapping of regulations/requests (11155)

    Redirecting to the requester search page after clicking Submit new Request button using the CSR flow (11032)

    Breadcrumb position is not consistent on Custom content section pages (11033)

    Update selection pointer to hand pointer when the mouse hovers over to skip the upload link in the Authorized agent workflow skipping a document upload (11141)

    Consumer cannot disable “Sale Cookies” without first disabling “Advertising Cookies” (11111)

    Updates fixed to release 6.1.0

    Copy/paste functionality not working in verification questions (11103)

    Employment brand not allowing a user to create the brand from the admin portal (11107)

    Updating functionality of the continue button on forms using custom CSS (11127)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • Enhanced ISO framework assessments
    • “Scan” framework assessments for potential cross population

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Handling of MSO365 OAuth settings

    • Ability for an organization to set their email OAuth to use MSO365

    Truyo Product Release version 6.1.0

    New task reminder email for system owners (10667)

    • Single email sent daily to alert the system owner that they have tasks that are due in 5 days

    Search box added for the activity page (10483)

    • Added a search box on the activity page so the auditor can navigate the page faster
      • Search by Request type, Brand and date

    Framework page updated for Consultant mode admins (10947)

    • Removed the following:
      • Link, Country, State and Risk level fields
    • Added:
      • Owner name (person who created the assessment)

    Removed the customized indicator on the custom content pages (10960)

    • As a performance update we removed the customized indicator from the custom content page to help with the page load speed

    Error handling for the Pre population function of Framework assessments (10953)

    • Now shows and error and stops the auto populate when there is an issue with the file or files coming from the file storage location.

    Support for Egnyte Secure and Govern access token, specific to an assessment

    • Allows an assessment to utilize a unique Secure and Govern platform per assessment

    Ongoing security updates: 

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Potential cross site scripting issue addressed in the forgot password flow for employment and consumer portals (10976)

    Upgraded jQuery version for cookie plugin (56)

    • Now using version 3.6.0

    Fixed spacing on the conditional output page where we select to send and email to let the owner know the task was created (10954)

    Customer requests have mismatched residencies (10943)

    Custom CSS page ont functioning correctly (10995)

    OpenID Connect SSO not working in the instance that both SSO settings were not set. This has been uncoupled in this update (11043)

    General Email list not displaying if we revisit the page from other Organization Emails (11036)

    Updates fixed to release 6.0.0

    SMTP settings not visible on the Email settings page (10991)

    Add new cookie not adding and getting stuck (10987)

    Cookie getting an error with the import/export functionality adding a space to the name not letting it be recognized (11011)

    Updated custom text not displaying in the employment portal (10950)

    Logo’s not showing correctly in the employment portal (10993)

    No tasks being created in pre production only when there is an Employment setup issue (11044)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 6.0.0

    New option for CCPA/CPRA Opt Out of Sharing (10830)

    • This request type will have an option to decrease the response time for this specific request

    Optional view of Email templates (10741)

    • Provide the ability to view the templates by request type via a new toggle in the upper right corner of the Email Template page

    Unique naming for two similar request types Email templates (10792)

    • Separated the templates for Right to Opt Out and Right to Withdraw Consent request types

    Extension for Colorado Appeals requests (10863)

    • Provide the ability to extend requests for the Colorado Privacy regulation Right to Appeal for an additional 60 days

    Assessment Consultant Option (10889)

    • This is a new product offering that allows consulting organizations to be able to create multiple framework assessments of the same type.

    Assessment Consultant user role (10888)

    • This role is available without having the Consultant feature but will only have the ability to see the assessments they have created.

    Employment brand update (10838)

    • Added custom content specific to the employment portal
    • Systems that take employment only requests will no longer receive tasks for requests that are not employment related

    Optional class prefix addition (10664)

    • Added in special handling to prevent issues with class names for the banner and pop up in the consent module

    Cookie plugin and Privacy Center to sanitize special characters (10879)

    • Content fields will look for special characters and sanitize them to their ASCII equivalents to avoid runtime errors that prevent them from rendering on their website.

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release 

    Assessment file upload naming not updating correctly if there was a space in the name (10790)

    Unable to rename the Right to Limit the use and Disclosure of Sensitive Data  for CPRA (10786)

    Updates fixed to release 5.9.0

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release version 5.9.0

    Added a simplified request form (10668)

    • Enabled a new simplified request form in the custom content > privacy portal > Request Page

    Added task comments to appeals requests (10799)

    • Appeals tasks will now have the details related to the appeal request

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release 

    Regulation summaries missing from the consumer portal (10705)

    Rejection reason not showing in consumer logged in portal when request is declined during secondary verification (10822)

    Consent clients unable to edit the cookie topic (954/CM-43)

    Organization portal SSO settings could not be made without having to click in other areas to save updates (10785)

    Sub brands cannot be disabled once they are enabled (10787)

    Updates fixed to release 5.8.0

    Email templates format fixes and added tags (10808)

    Request and task rejection reasons not showing in the consumer portal (10772)

    Auth agent flow : Request re-verification emails are not going to consumer / authorized agent when appeal accepted (10781)

    New organizations are not able to see reports (10804)

    Secure vendors were not getting appeal details (10806)

    New organizations missing the Right to Object request type (10829)

    Changes to one privacy portal account email template was also being made in others (10783)

    New organizations supporting GDPR were not able to see the Right to Object request type (10829)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.8.0

    Updated Appeal process (10482)

    • Providing a workflow to allow the organization to create a request for an accepted appeal.

    Dispute/Amend flow update (10709)

    • Updated the dispute process, giving more control to the organization and more clarity to the consumer when creating the request.

    Open up apostrophes, commas and periods for organization names (10693)

    • Organizations can now add the proper punctuations in their org names if they contain periods, commas or apostrophes.

    Global notifications for Admins (10638)

    • The product now has a notifications tab in the left navigation area for product notifications

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release 

    Clicking Cancel on Delete Modal from Employment portal redirects user to Consumer portal (10745)

    Updates fixed to release 5.7.0

    Re-routing to the correct page after canceling or pressing an expired link from an employment request (10730)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.7.0

    Support for regulation specific naming of consumer rights (10621)

    • Provides a closer match to the regulation definition

    Singapore Data Privacy Act support (PDPA) (10646)

    • Added support for Singapore in the regulations and features
    • This update is off by default

    Added additional request types to some regulations (10694)

    • Added Opt out of sharing for Virginia
    • Added Do Not Share to Colorado, Connecticut and Utah
    • Added Do Not Sell to Utah
    • Added Right to know abbreviated to Colorado, Connecticut and Utah

    Assessment flagging (10637)

    • Allows the ability to flag specific questions for another user inside the assessment module

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release

    None in this release

    Assessment files not synching correctly (10710)

    Open Vendor not able to upload documents (10711)

    Unable to reassign task owners (10742)

    Employment requests submitted by an authorized agent not getting verification emails (10735)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.6.0

    Email Performance Update: (10617)

    • Optimized the loading performance of the email templates page

    Consent only organizations can now access the user screen (10632)

    • Access is now available for organizations with Consent only subscriptions

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    • Updated Elastic Search to Version 7.17.7
    • Helm chart update to Version 7.17.3

    • None this release

    Disable the Common controls tab under Assessments temporarily (10643)

    Open vendor not able to upload a document (10711)

    Verification questions missing in tasks (10662)

    Support for apostrophe in the organization name for Privacy Policy Generator customers (10636)

    Update button not showing on task details page (10685)

    Authorized agent flow not working correctly (10687)

    SMTP error handling for failed/bad credentials (10697)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.5.0

    Update Task statuses and filtering option on the Task and Request views (10628)

    • Updated the Tasks to show more detailed status of the task
      • Tasks status include Pending, In Progress, Accepted and Rejected
    • Sorting on the Task view page has been updated to show Tasks associated with open requests and account for archived tasks
      • filter all tasks associated with an open request
        • Pending, In Progress, Accepted, and Rejected will be visible
      • Completed tasks associated with a closed request will also be visible in the Accepted or Rejected filter

    Colorado Data Privacy Act now has the Do Not Sell request available (10639)

    • This request has a default SLA of 15 days and has it’s own SLA selection

    Filtering by regulation to the Requests created report (10647)

    • The request created report is updated to allow filtering by regulation
    • Update the Extensions report to reflect the week the request was extended in instead of the date the original request was created for better clarity

    Some assessments (Privacy Policy and some others) to allow “Pre-fill” from previous assessment (10630)

    • Some assessments will have the ability to “pre-fill” a new assessment with answers from the previous assessment.

    Improved naming convention for regulations 

    • Updated the product to reflect improved terminology regarding the requests as they pertain to each regulation

    Default settings for SalesForce Quiklink tables (10213)

    • This update automatically looks for known tables within salesforce that have PII to reduce the initial setup and scanning time
    • The product also allows you to add additional tables specific to your instance to the list of fields to be scanned for data

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None in this release

    Better redirect for request form only organizations (10660)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC
    • “Scan” framework assessments for potential cross population
    • Support for flagging questions to specific users

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.4.0

    Added in the ability to sort by brands on the reports pages (10598)

    • Brand sorting is now available on reports

    Additional messaging when there is an error from SMTP settings (10556)

    • Notification, indicating SMTP error

    Updated the Account download flow to be more consistent across the appropriate regulations (10626)

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    None with this release

    Unable to search users by alternate id’s from the user search flow (10612)

    Better handling of email templates when HTML tags are not properly closed that previously prevented the user from restoring defaults and edit. (10630)

    Updated the forgot password link for an organization to be sent and used as a permalink (10624)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Data Privacy Assessment Editor

    • Ability for an organization to customize questions on data privacy assessments

    Truyo Product Release version 5.3.0

    Cookie plugin updates  (10505,10507,10511,10512)

    • Option to initiate a Do Not Sell request upon detection of the GPC signal.
    • If GPC is detected, optional notification for the consumer.
    • Support for custom javascript events: three new fields to cookie only topics
      • Enable code, Disable code and Only for Do not Sell
    • Added opted-in/opted-out topics in the “truyoConsent” cookie.
      • Updated when the user changes the option in the popup.
    • Enhanced support for Google Tag manager and potentially Adobe data collection
      • Added a flag to the topic called “Process Google Consent”
      • When the flag is set, if the topic is Deactivated/opted-out we make a call to deny the ad_storage and analsytics_storage.

    New regulation filter option on request processing pages (10436)

    • Enhanced the regulation filter for the TODO pages.
      • By selecting the filter the product will only show the items associated with that regulation for that particular page.

    Alternative Amend/Dispute workflow (9615)

    • Added an option to select whether or not a field is disputable.
      • Configure > Data Settings > Data Categories
      • Select an existing data field to edit and check the “Is this disputable” box in the modal.
      • Add a new data field and select the “is this disputable” check box in the modal
        • This will make the selected field one that will be available to the consumer to do a Right to Amend or Dispute request.
      • There is no change to how a disputed field is displayed in a Dispute/Amend request
        • This flow will only allow one Amend/Disputable field at a time
      • If there are no disputable fields checked then the existing workflow will be honored and no changes will be made to the requester workflow.
    • Consumer flow:
      • When raising an Amend/Dispute request the requester will be given a drop down selection that will contain the fields that were made available by the organization to select from.
      • Once selected then they have the opportunity to enter the corrected value in the text box.

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Update Kubernetes to version 1.23.8 (10550)

    Fixed a misspelling on the organization portal password change (10537)

    Cursor on the forgot password link on the org portal was not using the hand icon (10538)

    Wrong cursor on the organization forgot password link (10538)

    Start request button for “Right to withdraw consent request” is not displaying for Utah residents in the consumer portal (10523)

    Final review not showing tasks for the request details (10478)

    Unable to edit/restore email templates if the HTML tags are not closed properly (10360)

    Sorting by Default regulation on the requests and tasks page not being displayed when selected (10594)

    Cache issue causing the status to not match when re scanning a QL connector (10569)

    These fixes were added to Version 5.2.0 prior to its production deployment

    Request tasks are not visible after completion of the request (10349)

    Error message displaying when a vendor attempts to open a task to be completed (10399)

    User unable to close tasks due to an error message (10429)

    Auto save is not working for anything beyond the second page on on the requests screen (10510)

    Both Start and Renew assessment buttons are displaying after completion of an assessment (10541)

    Updated Data Privacy assessment page heading to match the left navigation to say Data Privacy Assessments (10540)

    Wrong breadcrumb name displaying on the view past assessments page (10539)

    Disable cache on the first call to get brand by filter (performance need) (10527)

    Task information is not displayed when a user clicks on the TaskId from the Task tables (10499)

    Unable to edit existing Session cookies-cookie consent (10494)

    Right to Opt out Automation Request processing email template missing in the Org UI (10481)

    Default regulation not allowing the requests to be extended after 45 days when the default is 60 days (10572)

    Requests section on the reports pages not displaying information (10571)

    Unable to configure the Employment portal (10564)

    Systems getting renamed upon request closure and requests being dropped as the result (10596)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population
    • Privacy Policy generator

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.2.0

    In App Help

    • Fly out help menu for contextual help per page is now available in the product.
      • The help pages are accessed by clicking on the question mark next to the alerts icon in the top right section of the page.

    Video Tutorials

    • Video library focused on specific feature training for the platform is now available.
      • The video tutorials are accessed by clicking on the question mark next to the alerts icon in the top right of the page.
        • Click “Video Tutorials” and you will be taken to a page that has all of the available help videos.
          • New videos will be added on a regular basis.

    Update the Auditor settings/permissions (10280)

    • The Auditor permissions have changed.
      • Auditor permissions only include consumer (or requestor) search page.  On this page, an auditor, will only have access to compliance activity, not specific personal information.

    Automated Privacy Policy Generator (10354)

    • This feature also the organization to define multiple privacy policies.  Each privacy policy allows you to fill out pertinent information to generate a privacy policy.

    Updated handling of access to pages that an organization is not subscribed to (10466)

    • As the platform grows in capabilities and depth of offering, Truyo will no longer “hide” features that are not available based on your subscription.  The platform will provide information about the feature and instructions on how to enable, providing you with visibility into new major enhancements that might otherwise not be available.

    Added the Right to Opt Out of Automation requests for Virginia and Colorado (10437)

    • Right to opt out of Automation is now available as a supported request for Virginia and Colorado data privacy laws. The initial setting for these request types are “disabled”.  To enable these features, review the “Regulation and Features” page.

    Added $EFFECTIVE_REGULATION tag to the task reminder email (10438)

    • For organizations that leverage advanced email templates, the “Effective Regulation” tag is available for  use in the task reminder email template

    Reporting by sub-brand now available (10419)

    • The product now allows reports by sub-brand if your organization is setup as a multi-brand organization.

    Global delete update (10435)

    • In the event that all tasks are completed, but with some rejected tasks, the consumers privacy account will be deleted upon completion of the request.

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Implemented cache in the backend services for Quiklink (10415)

    Updated the Quiklink API’s to reduce heap space (10467)

    Organization email template, appeal from requester, where not being triggered normally (10476)

    Final Review page not showing tasks (10478)

    Quiklink rules displaying error (10485)

    Cookie consent module – Unable to edit existing session cookies (10494)

    Auto save not working on the second page of the regulations page (10510)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • SSP generation for CMMC Assessments
    • “Scan” framework assessments for potential cross population
    • ISO 27001, Soc-2 readiness and NIST 800-171 assessments

    Expansion of Framework assessments – within Common Controls

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing
    • Provide easy ways to update email templates
    • Import/Export
    • Workflow to visually see email triggers

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions inside Data Privacy Assessments

    Truyo Product Release Version 5.1.0

    Cleaned up wording inside support and about modals (10151)

    • Cleaned up wording in the support and help modals. 
    • Renamed the Truyo Assessments to Data Privacy

    Added links to each regulations website for customer reference (10348)

    • Added links to the regulations home page with the link icon so our customers have an easy way to reference the actual regulation.
      • This link will open a new browser window.

    WCAG updates for the Privacy Center and Consent module (10172)

    • Made minor updates to the product impacted areas of the consent and privacy center areas. 

    Allow clients to define what vendors and regulations to create assessments (10372)

    • Vendor, Security and GAP assessments are now controlled by the organizations

    Ongoing security updates: (None needed in this release)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Updated Cassandra to version 3.11.3 (10383)

    Verification links taking employment portal requesters to the consumer portal (10371)

    System display name text box max characters is larger than allowed in the database (10400)

    Unable to de-select brands when raising a dispute request from the consumer portal (10408)

    Request tasks are not visible after completion of the request (10349)

    Error message displaying when a vendor attempts to open a task to be completed (10399)

    User unable to close tasks due to an error message (10429)

    Infrastructure update

     

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

     

    In App Help

     

    • Providing fly out help menu for contextual help per page

     

    Video Tutorials

     

    • Provide a library of videos focused on specific feature training for the Truyo platform

     

    Compliance reports – embedded

     

    • The ability for an organization to embed compliance reports to public-facing web pages

     

    Pre categorization of cookies

     

    • The ability for the cookie scanner to “best guess” cookie category

     

    Assessment Improvements

     

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population
    • Privacy Policy generator

     

    Expansion of Framework assessments

     

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

     

    Email template editor

     

    • More robust template editing and viewing

     

    Verification questions

     

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

     

    Updated Right to Amend workflow

     

    • Ensuring the workflow better fits our client’s needs to support their customers

     

    Truyo Assessment Editor

     

    • Ability for an organization to customize questions

    Truyo Product Release Version 5.0.0

    Scramble system

    • Part of the Quiklinks modue, scramble (if activated) provides your the ability to connect to a production database and scramble the personal data.  This data, can then be used in other environments without risking exposing personal data.
    • This is only for use for MySQL and SQL Server.

    Quebec’s Privacy law support (9916)

    • Quebecs Data Privacy law is available within the product.

    Connecticut Data Privacy Act (10010)

    • Connecticut’s Data Privacy law is available within the product

    Utah Data privacy Act (9744)

    • Utah’s Data privacy law is available within the product

    Expanded the current “do not sell” permalink to include Do Not Share and Limit the Use of Sensitive Data (10319)

    • The additional rights of Do not share and Limit the use of sensitive data are controlled through the query string.

    Moved cookie plugin.js to CDN (10281)

    • For better performance of the cookie plugin, internally it has moved to a CDN.  No action is required to enable this update.

    Ongoing security updates: (10287)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Quiklink consumer tasks were being created even if the connector was inactive (10134)

    Links on the employment portal redirected to the consumer portal pages (10327)

    Truyo request service not closing requests (10248)

    Various Quiklink Automation user errors (10358)

    User unable to add rejection reasons (10334)

    Quiklink tasks being created even when a system has been deleted. (10134)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population
    • Privacy Policy generator

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 4.14.0

    Active request/tasks performance improvement (9885)

    • In the on-going effort of improving performance across the product, task and request indexes and storage has been improved.  This should result in faster page load and response.

    Adding the ability to extend requests made using the Default regulation (10188)

    • Added in the option to allow extensions when using the Default regulation up to 45 days

    Email templates listing page (10222)

    • Improved the email templates landing page to include search

    Added progress indicator during the file upload selection flow (10187)

    • Once the file to be uploaded has been selected you will see a progress bar under the file selection area. The Next button will not show up until the file has been uploaded completely.

    Expiring the Audit log after 6 months (10220)

    • Audit log entries expire after 6 months.

    Ongoing security updates: (9872, 10109, 10235)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    CSR role not able to create requests using a requesters phone number (10206)

    “Not found” error on Quiklinks landing page after roughly 15 minutes (10178)

    Quiklinks: Consumer tasks are being created even if a connector is inactive (10134)

    Features and Regulations not showing in pre production environments (10273, 10288)

    Business partner forms not showing request types (10196)

    CSR’s not able to submit requests for requesters without an email address (10206)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 4.13.0

    Infrastructure: Bypass Kong for download services phase I (9725)

    • In order to get larger files to download we removed a redundant step so our upload/download accepts larger files.  Limitation is currently 100MB.

    WCAG updates to the consumer portal (10167)

    • Ongoing updates to cookie consent, privacy center and consumer portal for WCAG 2.0 compliance.

    Quiklink: Monkeysoft connector added to the platform (10175)

    • Ongoing effort to expand Quiklink footprint: Moneysoft connector.

    • Assessment dashboard,  fixed incorrect count on assessments (10136, 10158)
    • Media/binary files missing in the download zip file 4.12.0 (10171)
    • Request page date range was limited to the past 12 months (10149)
    • Allow reset after a rule is set on QuikLink. (10135)
    • All selected request options not appearing for each regulation. (10148)
    • Minio ingress update for responses to 400 error (10123)

    • Egnyte authentication not retrieving the token after the 4.11.0 release (10157)
    • Updated Egntye Authentication domain entry: format is: yourdomain@egnyte.com and the platform can auto-complete the remaining url portion (10155)
    • Media/binary files missing from the download packet (10171)

    Ongoing security updates: (10101)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC
    • “Scan” framework assessments for potential cross population

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Verification questions

    • More robust verification question system, allowing different questions based on request type, request origin and other attributes.  Including conditional question support and answer formatting, as well as required fields.

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 4.12.0

    Added ability to customize the request types in the consumer portal (10020)

    • This update will allow an organization to customize/translate the request types in the consumer portal. Previously this was the only section that was not available for translation support.
      • Configure > Languages
        • This will allow you to select the languages that will be available to the consumer.
        • The language selector on the consumer portal is in the footer on the far right
        • The selected languages here will show in the new custom content areas that are in the privacy portal configuration
      • Configure > Custom Content > Privacy Portal > General
        • Here each request type is listed individually to customize with the translation. Currently this is a manual translation. So each supported request type will have to be done individually. These will then display in the consumer portal when that language is selected.
        • There will be a pill icon with the languages that you selected in the language configuration section. Only the ones selected will show in this area.
          • This also is available throughout the custom content section in other areas

    Assessments Dashboard (10003)

    • Adding in an assessment specific dashboard under the assessments tab in the left menu
      • Will show an assessment snapshot of in progress assessments
      • Recently updated assessments
        • List of the last 5 updated assessments
      • Oldest incomplete assessments
        • List of the 5 oldest, still open, assessments
      • Recently completed assessments
        • List of the last 5 most recently completed assessments

    Performance update for the audit log page (10086)

    • Added more indexing to improve the load times

    Update Business partner workflow to support Apple Delete

    • Added in an additional means of verification utilizing bearer tokens since this support will be a direct call.

    Ongoing security updates: (10106, 10107, 10154, 10102)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    No bug fixes in this update pertaining to the previous release

    Unable to add verification questions (10122)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 4.11.0

    Assessments table of contents: (9905)

    • This update allows a quick view to see the categorization and progress any assessment.
      • Moved the Pills view to a table view for better visibility and tracking at the assessment section level.

    Populate assessment based on assessment templates questions: (9910)

    • Allows an organization to have their own set of questions for any Truyo assessment.

    UI update for the Egnyte Quiklink connector: (9956)

    • Remove/hid the clientId and client secret from the UI for new Egnyte connectors being setup and now only need/ask for minimal information.
      • Data Source
      • Connect
      • Egnyte Protect Locations selection (US/EU) US is the default

    Ongoing security updates: (9870,9871,9880,9881,9882,9883,9884)

    • As part of our ongoing aggressive and proactive security plan, we have continued to increase security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    • Unable to verify requests from users without an account from the org portal. (10038)
    • Employment portal was not being activated (10057/10091)
    • Large data fetch files failing in Quiklinks (10061)
    • Quiklink data fetch response not returning as much data. (10017) – Related to 10061
    • Unable to login from the privacy center subscriptions tab – Consent module. (10077)
    • Breadcrumb was redirecting from “Review: Document Review” to the dashboard. (10078)

    No Hot Fix items this go around

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    Assessment Improvements

    • Plan of action and milestone report for CMMC

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Assessment Editor

    • Ability for an organization to customize questions

    Truyo Product Release Version 4.10.0

    Forgot password flow update:(9877)

    • Updating the forgot password flow in both portals to be more in line with updated security protocols
      • Click the forgot password link results in an Email sent to the email address supplied.  By clicking  link provided in the email the user will be redirected to the change password page. 

    Allowing the “+” to be part of the email address: (9936)

    • Emails with a “+” are now allowed in the request intake form.

    Removed the counter on the Quiklink rules page: (9980)

    • Removed the counter that was previously on the Quiklink rules page as well as made the view a single line view for each section.
      • This page will be undergoing an overhaul in the look and usability in the coming months.

    Removed the Risk profiles from the Assessment Navigation: (9941)

    • Removed the Risk profile option at this time. We will be retooling this area to be a dashboard view in the near future.

    Addition of the Automation user to the UI (9894)

    • The automation user role has been added to the UI and can be set up by an organization on their own.  This role is specifically for use with connectors created for the Truyo Platform.  These accounts will not be able to manually log into the portal.

    Ongoing security updates: (9871, 9869, 9873, 9872, 9876, 9870)

    • As part of our aggressive and proactive security plan, we have increased security around the platform.
      • To date, there have been no confirmed attacks related to the issues updated.

    • Request type selection not saving for Quiklinks (9954)
    • Rules page selection not showing in quiklinks table section (9979)

    Fixes that were added to the 4.9.0 release: 

    • Rules page not displaying at all in the QA environment. 
    • Quiklink values are inconsistent with DB values (10019)
    • Quiklink stuck in review status (10008)
    • Quiklinks showing not found on the list page for SSO or Regular login organizations (9965)

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • The ability for an organization to embed compliance reports to public-facing web pages

    Pre categorization of cookies

    • The ability for the cookie scanner to “best guess” cookie category

    CMMC Assessment Improvements

    • Plan of action and milestone report
    • Dynamic updates to metrics
    • Dashboard specific to the assessments

    Expansion of Framework assessments

    • Support for over 100 different assessments based on standards
    • Support for common controls framework also strict adherence to other framework types

    Email template editor

    • More robust template editing and viewing

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our client’s needs to support their customers

    Truyo Product Release Version 3.8.0

    New Portal Features:

    Honor Category restrictions (9827)

    • This update will allow for an organization to prevent someone from using the pre screening QR code/URLs multiple times

    Truyo Product Release version 4.9.0

    Performance updates for Quiklink (9731)

    • With this update we have implemented a save as you go approach for speed and to avoid any accidental page exits. Any changes made will be saved as soon as they are made so no need to endlessly scroll to the bottom of the page or back to the top in order to save any changes you made.

    CMMC Assessments updates (9482, 9433, 9483)

    • CMMC clients that use Egnyte have the ability to pre populate questions that are already satisfied based on their relationship using the Egnyte Enclave.
      • In order to start this process you must first login to the Truyo organization portal > Configure > Egnyte Authentication > complete the section to get your bearer token. Instructions are provided on the page.
      • Next you will go to Assessments > Framework > Add New (button) > Select CMMC Level 1 or Level 2
      • The selected assessment type will now be available to edit. Open the assessment > Settings (Pill on top row) > Select Storage method (in this case Egnyte) > Fill in the Document storage path > Fill in the email address associated with the Egnyte account > Press Pre Populate > this will start the pre population process presented with a progress update on the page.
    • The ability to upload artifact documents directly to your protected Egnyte environment.
    • Save as you go feature automatically saves the question as soon as it is answered so there is no risk of the questionnaire not being saved by accident. All answers are editable up until the final approval.

    Truyo Connector limit (9833)

    • This update now limits each organization to one Truyo task connector (used to ensure tasks are created and completed) to avoid any issues with Quiklinks being able to process their requests appropriately.

    Update Slack connector parameters (9861)

    • Updated the slack connector to support a change made by slack to their API that included scim host variable

    Fixed the timing of the cookie pop up (9857)

    • Updated the timing to close the popup as soon as the save button is pressed instead of waiting for the call to complete in the background. This provides a better user experience.

    Updating 429 error handling for connectors (9903)

    • This update allows the connector to continue retries in the event of a connector reaching pre set limits from the source.

    Update the Shopify connector (9919)

    • Updated the Shopify connector to reflect the updates made by Shopify to their API’s adding the need for the admin API access token

    Email template updates (9848, 9856, 9862, 9914)

    • Updated the default email templates to fix some missing tags, formatting and some redirects not working correctly.

    Ongoing security updates (9874, 9875,9868,9896)

    • As part of our aggressive and proactive security plan, we have increased security around the platform.
      • No confirmed attacks related to the issued updated to date. However, certain vulnerabilities could be exploited if the correct access was obtained.

    Framework Assessment flow update (9845)

    • During the add or renew flow we removed the modal that was being used to select the assessment. Now you are taken to a page that you select the available assessment.

    Quiklinks stuck in scanning state intermittently (9942)

    • On occasion a Quiklink connector would get stuck in scanning status due to how it was being tracked in the database causing an overwrite that was not correct.

    Fixes to version 4.8.0

    Slow loading task and request pages (9913)

    • Added indexing to the task and request pages to help the performance

    Infrastructure update

    • Updating: Spring Cloud, Spring Boot, JDK, Swagger/JUNIT fixes, and related components

    In App Help

    • Providing fly out help menu for contextual help per page

    Video Tutorials

    • Provide a library of videos focused on specific feature training for the Truyo platform

    Compliance reports – embedded

    • Ability for an organization to embed compliance reports to public facing web pages

    Pre categorization of cookies

    • Ability for the cookie scanner to “best guess” cookie category

    CMMC Assessment Improvements

    • Plan of action and milestone report
    • Dynamic updates to metrics
    • Dashboard specific to the assessments

    Expansion of Framework assessments

    • Support for over 100 different assessments based off standards

    Email template editor

    • More robust template editing and viewing

    Updated Right to Amend workflow

    • Ensuring the workflow better fits our clients needs to support their customers

    Reset password workflow

    • Updating the reset password workflow to be more in line with the latest security standards