Category: Uncategorized

Truyo Product Release Version 9.6.0

New Features & Enhancements

Self-Healing Retry Logic for QuikLink Connectors (16352)

    • Engineered automatic retry logic into QuikLink connectors for transient authentication and network failures eliminating immediate error states, removing the need for manual restarts, and ensuring uninterrupted privacy request processing.

Automated Alerts and Notifications for Repeated Connector Failures (16413)

    • Strengthened QuikLink connector resilience by introducing self-healing task recovery: failures are retained in Pending (P) for automatic retry and instantly raise email and portal alerts with complete failure context.

Client-Configurable Weekend Due Date Shift for Privacy Requests (16332)

    • Added a configurable option that allows clients to automatically reschedule privacy request due dates falling on a Sunday to the following Monday, with the original Sunday date and reschedule reason recorded on the request details.

Data Retention extension for Preference Center Analytics (16533)

    • Extended Preference Center data retention (TTL) to 3 years, enabling long-term analytics and reporting continuity.

Controlled Auto Data Fetch Creation for New Identification Keys During Upload (16397)

    • Introduced a configurable setting that determines whether adding new identification keys during the Upload Data process automatically generates additional Data Fetch requests, with the setting enabled by default to preserve existing behavior.

Security Updates

App-Wide CSRF Protection with SameSite Cookie Attributes and Server-Side Token Validation (15721)

    • Fortified the application against site-wide Cross-Site Request Forgery (CSRF) attacks by enforcing SameSite, HttpOnly, and Secure attributes on session cookies, implementing server-side CSRF token validation for all state changing requests, and eliminating the 2-minute exploitation window ensuring every privileged action is cryptographically verified and immune to cross-origin forgery.

Secure File Upload Endpoint (15723)

    • The file upload endpoint has been secured with authentication, CSRF validation, file type/MIME restrictions, size limits, and encoding validation to prevent unauthenticated access, malicious file hosting, stored XSS, and storage abuse.

Egnyte Authentication Security (15725)

    • Strengthened the Egnyte Authentication integration by enforcing strict allowlisting of trusted domains, preventing bearer token transmission to user-supplied endpoints, and reinforcing CSRF protection and secure session handling to mitigate Blind SSRF and token exposure risks.

Stored XSS in Assessment Submissions Mitigation (15720)

    • Added server-side HTML sanitization to assessment free-text inputs, stripping dangerous tags, removing inline event handlers, and blocking javascript injection attempts to prevent stored XSS payloads from executing when administrators review submitted responses.

Reflected XSS Vulnerability Mitigation via WAF Bypass (15724)

    • Fixed a reflected XSS vulnerability where attackers could bypass WAF rules using backtick-based character-stripping to inject malicious scripts, by adding contextual output encoding, and strict input.

Reflected XSS Vulnerability Mitigation in Forgot Password portal_type parameter (15726)

    • Fixed a reflected Cross-Site Scripting (XSS) vulnerability in the Forgot Password flow by adding server-side input validation, output encoding, and client-side sanitization for the portal_type parameter to prevent execution of malicious inline scripts.

Infrastructure Updates

No infrastructure updates included in this release.

Bug Fixes

  • Resolved incorrect cookie domain capture in the Cookie Scanner (16357)
  • Fixed an issue where a deep scan could get stuck and block subsequent scans from being initiated (16517)
  • Resolved an issue where certain clients were unable to add new cookie domains or mobile consent apps due to missing organization configuration (16562)
  • Fixed an issue where the Verification Success page content displayed to consumers after request verification did not reflect the message configured in Custom Content (16532)
  • Resolved an intermittent issue where consumers encountered security warning messages when accessing the Consumer portal. (16535)

 

Hot Fixes Version-9.5.0

  • Assessment owners now receive an email notification containing the assessment name, type, and a direct link to the assessment whenever they are newly assigned to a DSAR or any other assessment type. (16546)
  • Increased the maximum character limit for discussion comments from 3,000 to 7,000 characters, enabling users to provide more detailed and comprehensive discussion entries. (16544)

 

Upcoming Features

Multiple Data Subject Requests Using the Same Email Address
Support to submit multiple data subject requests using the same email address, with dedicated information fields, DOB collection, and clear data subject identification across request and task detail views.

Consent Audit Trail Enhancements
Logging GPC opt out events and consolidating cookie plugin consent save and audit log operations into a single atomic API call.

View Assigned Groups for Cookie Domains in Consent Module
Support for an ‘Assigned Groups’ column in the Consent > Domain tab, empowering users to seamlessly identify which groups hold permissions for each cookie domain directly from the domain list

Remove Assigned Groups from Cookie Domains 
Support for removing Assigned Groups from Cookie Domains on the Consent > Domain tab, empowering users to effortlessly revoke group permissions and maintain precise control over domain access.

 

Truyo Product Release Version 9.5.0

New Features & Enhancements

Extension of TTL for Preference Center Analytics Data (16400)

    • Enhanced data lifecycle management for Preference Center analytics by implementing a 6-month retention policy with automated purging of obsolete records.

Alphabetical Sorting of Location Lists in Compliance Advisor (16409)

    • Streamlined location discovery within Compliance Advisor by enforcing alphabetical ordering across all country and state selectors, delivering a more seamless and efficient geolocation configuration experience.

Refinement of Task Count Filtering in Tasks Summary Email (16291)

    • Optimized the Tasks Summary email to curate task counts exclusively from assignments directly attributed to the recipient or their affiliated groups, delivering a personalized task visibility experience.

Introduction of Error Details Visibility for Compliance Advisor Scans (16391)

    • Introduced an error details modal within Compliance Advisor scan history, empowering users to instantly diagnose failed scans by surfacing contextual error summaries upon clicking the ‘Error’ status indicator.

Consent Audit Trail & Legal Defence Audit Framework (16049)

    • Launched a legally defensible audit framework that captures granular consent history, GPC signals, and timestamped choices in a Cassandra-backed store with minimal PII footprint, role-restricted access, automated thirteen-month retention purging, and IP logging reserved strictly for legal defense.

MS Purview Connector Enhancements (15266)

    • The MS Purview Connector has been updated to stop automatic file uploads to Minio and instead create the case, run the estimation search, and automatically mark the task as Accepted or Rejected based on whether data is found, with a configurable dependent task feature available in the Org portal for setting up task dependencies.

Security Updates

Salesforce Core QL: OAuth 2.0 Client Credentials Flow Support (16011)

    • The Salesforce Core QL integration now authenticates using the OAuth 2.0 Client Credentials flow, replacing the deprecated SDK Password flow to ensure compatibility with newer Salesforce environments and improved security.

Infrastructure Updates


MySQL 8.0 to 8.4 Upgrade: Precheck Validation and Schema Compatibility Remediation (16162)

    • Conducted and remediated MySQL 8.0 to 8.4 pre-upgrade validation findings by reviewing precheck results, resolving schema, foreign key, charset, and authentication compatibility issues, and confirming that the upgraded configuration passes validation without blocking errors.

Kubernetes Cluster Upgrades – AKS, EKS, and GKE from v1.32 to v1.33 (16164)

    • Upgraded all managed Kubernetes clusters on Azure (AKS), AWS (EKS), and Google Cloud (GKE) from v1.32 to v1.33 to keep the platform within standard Kubernetes support, maintain full security patch coverage, and reduce the risk of service interruptions associated with out-of-support cluster versions.

Kafka: Client Version Discovery Reliability and Strimzi Cluster Migration to KRaft (16163)

    • Updated Kafka client version detection to use supported protocol mechanisms instead of an unsupported /version endpoint and migrated the Strimzi operated Kafka cluster from ZooKeeper to KRaft with node pools, ensuring safer automation compatibility and a more resilient platform.

Bug Fixes

  • Fixed an issue where weekly Privacy Summary Report emails were incorrectly being sent to administrators of decommissioned organizations that are no longer active customers. (16331)
  • Fixed an issue where state picklist dropdown values with accented characters were displaying as broken/garbled text in the preference center. (16403)
  • Added configuration option for organizations to control whether Portal Account users see verification questions (15956)

 

Hot Fixes Version-9.4.0

  • Resolved an issue where account verification requests could not be approved in the Organization portal due to missing consumer ID and email data in the approval form. (16404)
  • Resolved an issue where the portal account user’s language preference was not consistently respected across verification pages, verification question pages, and email templates throughout the account lifecycle process. (16195)
  • Resolved an issue where External Systems were wiped from a Customized User Group when clicking “Continue” before the system list fully loaded, by disabling the Continue button until all External Systems are loaded. (16326)
  • Improved the reliability of logo and favicon uploads in Branding & Interface by implementing cache-invalidation techniques, reducing upload failure frequency. (13589)
  • Resolved an issue where the Submit button on the Correction Request form remained grayed out after completing all fields, requiring users to click into another field to enable it. (16349)

Upcoming Features

Alert and Notification for Repeated Connector Failures
Pending status for failed connector tasks and an email notification to the Quiklink owner, eliminating the need for manual database intervention and ensuring automatic re-processing on the next scheduled run.

Preference Center – Opt-Out Updates
Ability to capture and store a reason for opt-out in the Preference Center.

Advanced tagging and reporting for assessments
Detailed reporting on specific answers inside assessments to help organization quickly identify assessments that meet certain thresholds.

Configurable option to not schedule due dates on Sundays
A configurable option that automatically reschedules request due dates falling on a Sunday to the following Monday, helping clients comply with privacy regulation timelines without counting the adjustment as an extension.

 

Truyo Product Release Version 9.4.0

New Features & Enhancements

Notification to Assessment Owners on Assessment Status Changes (15908)

    • Implemented system generated email notifications to assessment owners for every assessment status transition, ensuring they are promptly informed.

Preference Center – Analytics Reporting (16180)

    • Introduced advanced Preference Center analytics and reporting that accurately captures, aggregates, and surfaces user preference activity to deliver deeper insights.

Compliance Advisor Geolocation Options for US States and Countries (16243)

    • Expanded Compliance Advisor’s geolocation configuration to support US states and countries with data privacy laws.

Redaction Option for PDF Files in Access Request Final Review (16265)

    • New setting is added to enable redaction for Access Requests in ‘Final Review’ under Request Processing Settings.
    • When disabled, PDF redaction is not available for any access requests.
    • When enabled, PDF redaction is available only when the Access Request status is Final Review.
    • Users can highlight and redact sensitive content in PDF files, with changes saved directly to the task.

Org-level flag to control authorized agent email recipients (16261)

    • Introduced an organization-level configuration that governs whether verification emails for authorized agent requests are delivered to the consumer or directly to the authorized agent.

QuikLink integration with QSR GuestBook for DF search and deletion (15794)

    • Implemented a new QuikLink integration that connects Truyo to QSR’s GuestBook API, enabling DF request processing against QSR by searching guest records and deleting matching guests directly from the QSR GuestBook.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

No specific infrastructure updates included in this release.

Bug Fixes

  • Ensured that portal account users’ selected language is consistently applied across verification pages and all related notification emails, including the final account removal confirmation. (16195)
  • Resolved an issue where Compliance Officers and other users could not view tasks assigned directly to them or to their groups. (16325)
  • Requests that omit matchingKeys and residency will now automatically derive matchingKeys from the consumer’s email and set residency to ‘NA’. (16113)
  • Disabled the Continue button on customized user groups until all external systems finish loading, preventing configured external system access from being unintentionally removed. (16326)
  • Updated the Tasks views so customized user groups can see the correct person or department each task is assigned to, rather than an ‘automated’ or blank assignment. (16379)
  • Corrected task assignment logic so tasks reliably display the true user who performed the work instead of incorrectly assigning them to a different user. (16102)
  • Updated the ‘Too Many Open’ modal so the request type name is displayed in the consumer’s selected language instead of always showing the English value. (16347)
  • Ensured the ‘None of these apply’ guest request page now displays all left-side navigation text in the consumer’s selected language, with translations configurable through the organization’s custom content settings. (16350)

Hot Fixes Version-9.3.0

  • Restored SMTP error handling so that any SMTP configuration failures once again generate a persistent notification and corresponding alert. (16297)
  • Resolved an internal transaction handling error so that authorized clients can successfully delete custom user groups. (16266)
  • Resolved a jQuery error that occurred on page load for native JS enabled plugins even when the ‘use your website’s jQuery’ toggle was disabled. (16233)
  • Resolved an issue where duplicate ‘Right to Data Portability’ requests got created and remained stuck in Pending. (16305)

Upcoming Features

Consent Audit Trail & Legal Defense Audit Framework
Support for maintaining a compliant, legally defensible consent audit trail that logs user consent history.

Process Flow for Enabling New Regulation/Request Types
Standardized process flow to streamline the enablement, configuration, and rollout of new regulation or request types, improving compliance consistency and reducing setup time.

Preference Center – Opt-Out Updates
Ability to capture and store a reason for opt-out in the Preference Center.

Advanced tagging and reporting for assessments
Provide detailed reporting on specific answers inside assessments to help organization quickly identify assessments that meet certain thresholds.

Weekly Tasks Summary Counts Aligned to User’s Assigned Tasks
Configure the Weekly Tasks Summary email to surface only tasks assigned to the recipient.

User Group Filtering Optimization
Support for assigning any valid user to owner groups without filtering by role or group type.

Truyo Product Release Version 9.3.0

New Features & Enhancements

Email Summary Notifications for Almost Due and Past Due Requests (15945)

    • Organizations can now automate summary email notifications to Admins, Compliance Managers and system owners, providing visibility into data privacy requests that are almost due and past due (requests that have exceeded their due date).

Assignment of questions to user groups (16056)

    • Inside assessments, organizations can now set questions to automatically be assigned to a user group upon activation of the question.

Compliance Advisor auto-refresh and scan status indicators (15800)

    • Enhanced Compliance Advisor to show an in-progress scan indicator and automatically refresh the page/table once a site scan completes, ensuring scan results appear without requiring a manual refresh.

Final Review email notifications for Admin and Compliance Manager roles (16022)

    • Added an ability to send Final Review notification emails not only to Approvers but also to users in the Admin and Compliance Manager roles.

Limit Org user ability to edit Verification Question responses (15607)

    • Enhanced control over who can edit Verification Question responses by restricting this capability to specific org user roles and an organization configurable custom permission.

TCF 2.3 migration and disclosedVendors compliance (16044)

    • Migrated CMP from TCF 2.2 to TCF 2.3 to meet 2026 IAB TCF and Google CMP certification requirements without re‑prompting users.

RequestWorkflow assessment type for routing data privacy requests through AssessmentWorkflow (15258)

    • Enabled a configurable AssessmentWorkflow processing mode that routes eligible data privacy requests through RequestWorkflow assessments for enhanced workflow flexibility and control.

Group Users – Group ID/Name column sorting enhancements (16169)

    • Added support for consistent alphabetical sorting on the Group ID/Name column in the Users → Group Users screen.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

Increase Owner Group name column size (16156)

    • Increased the gdpr_users.owner_groups.group_name column size from 50 to 100 characters to support longer group names.

Bug Fixes

  • Resolved an issue where the AI Governance > Training page indicated that users could import a new file, but the Import File button was missing. (16158)
  • Resolved an issue where editing verification question responses on an organization request caused questions to be duplicated instead of only showing the original and latest modified answers. (15958)

Hot Fixes Version-9.2.0

  • Resolved an issue where the consent cookies list returned cookies with null topic instead of returning the newly found cookies. (16072)
  • Resolved an issue where the cookie scan results had typo in the GPC signal popup. (16160)

Upcoming Features

Consent Audit Trail & Legal Defense Audit Framework
Support for maintaining a compliant, legally defensible consent audit trail that logs user consent history.

Process Flow for Enabling New Regulation/Request Types
Standardized process flow to streamline the enablement, configuration, and rollout of new regulation or request types, improving compliance consistency and reducing setup time.

Preference Center – Analytics Reporting
Support for analytics and reporting on Preference Center activity so admins can view and track user preferences over time.

Preference Center – Opt-Out Updates
Ability to capture and store a reason for opt-out in the Preference Center.

Advanced tagging and reporting for assessments
Provide detailed reporting on specific answers inside assessments to help organization quickly identify assessments that meet certain thresholds.

 

Truyo Product Release Version 9.2.0

New Features & Enhancements

Prevention of Tasks Entering the ‘E’ State in Bazaarvoice QuikLink (15952)

    • Updated Bazaarvoice QuikLink logic so that if an error occurs, tasks are returned to the ‘New’ state instead of being placed into the ‘E’ state, allowing them to be retried later.

Support for Personal Data Protection in Panama (LPDP) (15970)

    • Added support for Personal Data Protection in Panama (LPDP) to ensure client compliance with this regulation.

Support for Puerto Rico Privacy Policy Notification Act (PRPPNA) (15973)

    • Added support for Puerto Rico Privacy Policy Notification Act to ensure client compliance with this regulation.

Support for Thailand’s Personal Data Protection Act 2019 (TPDPA) (15976)

    • Added support for Thailand’s Personal Data Protection Act 2019 to ensure client compliance with this regulation.

Reimplementation of cookie consent using just native javascript (14316)

    • Reimplemented the cookie plugin using native JavaScript, removed jQuery dependency.

    • Enabled controlled rollout of the native JavaScript cookie plugin for selected clients.

    • For remaining clients, the original jQuery-based plugin continues to function as before.

Email Notifications for Quiklink Errors (15854)

    • Added support for sending email notifications to Quiklink owners when Quiklink errors occur, improving visibility and enabling faster issue resolution.

Display of Remaining Cookie Details After GPC Detection in Compliance Advisor (15799)

    • Added support to display details of cookies that are still found, allowing organizations to review and manage the remaining cookies.

Location Parameter & Proxy Support for Geolocation Banner Detection in Compliance Advisor (15798)

    • Added an ability to define a location parameter and route Compliance Advisor checks through a proxy server, ensuring geolocation-based banners are correctly detected and a green checkmark is displayed.

Auto Scan Setup for Compliance Advisor (15801)

    • Added support for organizations to configure Auto Scans in Compliance Advisor, enabling automated compliance checks.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

No specific infrastructure updates included in this release.

Bug Fixes

  • Resolved an issue where verification response updates did not display the ‘Modified By’ field in the Activity Log, ensuring accurate and complete audit tracking. (15959)
  • Prevented multiple copies of verification answers from obscuring the current answer. (15965)

Hot Fixes Version-9.1.0

No Specific hotfix done in this release.

Upcoming Features

Preference Management integration with Klaviyo CRM
Integration of Preference Management with Klaviyo CRM.

Process Flow for Enabling New Regulation/Request Types
Standardized process flow to streamline the enablement, configuration, and rollout of new regulation or request types, improving compliance consistency and reducing setup time.

Role‑Based Controls for Editing Verification Question Responses
Support for restricting the ability to edit verification question responses based on customized roles and permissions.

Topic‑Level Consent Data in Consent Updates
Support for including topic‑level consent details within consent update events.

Auto‑Refresh of Compliance Advisor Pages After Site Scan Completion
Support for automatically refreshing the Compliance Advisor table and related pages once a scan is completed.

Truyo Product Release Version 9.1.0

New Features & Enhancements

New cookie email notifications for the selected users (15905)

    • Added a searchable user dropdown and enabled triggering of new cookie email notifications for selected users.

Quiklink for Planhat (15853)

    • Added quiklink for Planhat, a platform to manage customer success, sales, and data analytics.

Quiklink for Gong (15707)

    • Added quiklink for Gong, an AI-powered revenue intelligence platform that captures and analyzes customer interactions

Support for Brazilian Data Protection Law (LGPD) (15838)

    • Added support for Brazilian Data Protection Law to ensure client compliance with this regulation.

Support for Hong Kong – Personal Data (Privacy) Ordinance (PDPO) (15841)

    • Added support for Hong Kong – Personal Data (Privacy) Ordinance to ensure client compliance with this regulation.

Support for Malaysia – Personal Data Protection Act 2010 (PDPA) (15844)

    • Added support for Malaysia – Personal Data Protection Act 2010 to ensure client compliance with this regulation.

Indicator in Data Approval to show which files have already been reviewed (15700)

    • Added an indicator in Data Approval to show which files have already been reviewed.

New fields for the CSR make a request process (15578)

    • Added new fields to the CSR ‘Make a Request’ process to display when a consumer’s request was created by the CSR.

Reassignment of AI Assessments (15848)

    • Added an ability for Admins to re-assign AI assessments to other users, providing greater flexibility.

Enhanced File Support for Privacy Delete Uploads (15871)

    • Added an ability to handle larger file sizes in Preference Management Privacy Delete Uploads, improving efficiency.

Security Updates

  • Resolved SRI vulnerabilities and related Brave browser issues.

Infrastructure Updates

No specific infrastructure updates included in this release.

Bug Fixes

  • Resolved an issue where template tags were not updating correctly in the ‘Access Request Completed No Data Found’ email template. (15921)
  • Resolved an issue where the error message did not persist when the Auth Agent email matched the requester email. (15526)
  • Resolved an issue where Data Fetch Rework requests were not assigned to brands appropriately. (15980)

Hot Fixes Version-9.0.0

  • Resolved an issue where access requests were generating more system tasks than expected. (15934)

Upcoming Features

Email Notification for Quiklink Errors
Ability to receive email notifications for quiklink errors, enabling users to stay informed and monitor changes in real time.

Quiklink Implementation for QSR
Quiklink connector integrated with QSR.

Quiklink Task State Update
Quiklink enhancement to prevent tasks from being placed in the ‘E’ state.

Support for Panama – Personal Data Protection in Panama (LPDP) 
Support for Panama – Personal Data Protection in Panama (LPDP) to ensure client compliance with this regulation.

Support for Puerto Rico – Puerto Rico Privacy Policy Notification Act (“Notification Act”)
Support for Puerto Rico – Puerto Rico Privacy Policy Notification Act (“Notification Act”) to ensure client compliance with this regulation.

Support for Thailand – Thailand’s Personal Data Protection Act 2019 (“PDPA”)
Support for Thailand – Thailand’s Personal Data Protection Act 2019 (“PDPA”) to ensure client compliance with this regulation.

Location Parameter & Proxy Support for Geolocation Banner Detection in Compliance Advisor
Ability to define a location parameter and route Compliance Advisor checks through a proxy server, ensuring geolocation-based banners are correctly detected and a green checkmark is displayed.

Truyo Product Release Version 9.0.0

New Features & Enhancements

Email Notification for New Cookies Added (15550)

    • Added an ability to send email notifications whenever new cookies are added after scan, keeping users informed instantly.

Support for Multiple File Uploads in Assessment Questions (15177)

    • Enhanced assessment questions feature to support multiple file uploads to the internal storage.

Quiklink for SMG (15770)

    • Added quiklink to integrate with SMG for data privacy requests.

Task Visibility Control for Custom User Groups (15195)

    • Enhanced task visibility for custom user groups, ensuring they only see tasks relevant to their responsibilities.

Support for Argentina Personal Data Protection Law (DPL) (15775)

    • Added support for Argentina Personal Data Protection Law to ensure client compliance with this regulation.

Support for United Arab Emirates-Protection of Personal Data (UAEPD) Regulation (15783)

    • Added support for United Arab Emirates-Protection of Personal Data to ensure client compliance with this regulation.

Support for Uruguay-Regulatory and Control Unit of Personal Data (URCDP) (15786)

    • Added support for Uruguay-Regulatory and Control Unit of Personal Data to ensure client compliance with this regulation.

Support for DeleteAccount Request Type via API for Ghost/Guest Users (15810)

    • Enabled acceptance of DeleteAccount request type from APIs for ghost/guest users.

Access Expansion for Assessment Consultant Roles (15855)

    • Expanded access for Assessment Consultant roles to assessments they are assigned to, in addition to those they own.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

No specific infrastructure updates included in this release.

Bug Fixes

  • Resolved an issue where requests could not be submitted for some clients. (15857)
  • Resolved an issue with the cookie banner failing to hide after clicking Accept Only Necessary button. (15818)
  • Resolved an issue where task instructions were not being saved. (15375)

Hot Fixes Version-8.9.0

  • Resolved SAML DUO Single Sign-On issue on the Data Privacy Portal. (15833)

 

Upcoming Features

Reimplementation of cookie consent using just native javascript
Reimplementation of cookie consent using native JavaScript to eliminate external dependencies and enhance performance, maintainability, and control.

Email Notification for Quiklink Errors
Ability to receive email notifications for quiklink errors, enabling users to stay informed and monitor changes in real time.

Quiklink Connector for Outreach
Quiklink connector for Outreach, a sales engagement platform.

Quiklink connector for Planhat
Quiklink connector for Planhat, a customer platform that provides software and services for businesses to manage customer success, sales, and data analytics

Support for Brazilian Data Protection Law (LGPD) 
Support for Brazilian Data Protection Law (LGPD) to ensure client compliance with this regulation.

Support for Malaysia – Personal Data Protection Act 2010 (PDPA)
Support for Malaysia – Personal Data Protection Act 2010 to ensure client compliance with this regulation.

Support for Hong Kong – Personal Data (Privacy) Ordinance (PDPO) 
Support for Hong Kong – Personal Data (Privacy) Ordinance (PDPO) to ensure client compliance with this regulation.

Indicator in Data Approval to show which files have already been reviewed
An indicator on the Data Approval page to show which files have already been reviewed, helping users identify unreviewed files.

Truyo Product Release Version 8.9.0

New Features & Enhancements

Customization of assessment type creation for client specific needs (15572)

    • Added an ability to create custom assessment types tailored to individual client needs, similar to client-specific assessment questions.

Support for multiple open requests per email (15348)

    • Added an ability to create multiple request types per email address.

MS Purview Quiklink Connector (15266)

    • Added quiklink connector to automate the searching of emails from the exchange server.

Support for Kentucky Consumer Data Privacy Act (KCDPA) (13932)

    • Added support for Kentucky Consumer Data Privacy Act (KCDPA) to ensure client compliance with this newly enacted regulation.

Support for Rhode Island Data Transparency Protection Act (13933)

    • Added support for Rhode Island Data Transparency Protection Act to ensure client compliance with this newly enacted regulation.

Support for submission of same request type for different sub‑brands (15525)

    • Added an ability for consumers to submit the same request type across different sub-brands.

Enhancements for handling a FOIA request (15382)

    • Enhanced request processing implementation for handling a FOIA request within Truyo.

Resolution for Task Errors in Responsys QuikLink Processing (15751)

    • Implemented a fix to resolve errors in task processing that were incorrectly bypassing Responsys QuikLink handling.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

Decommissioning of Privacy Center Plugin (15428)

    • Removed the privacy center plugin and all related features to eliminate deprecated components and streamline the application.

Timeout Handling in Compliance Advisor Processing (15729)

    • Enhanced Compliance Advisor to gracefully handle timeout issues during processing.

Bug Fixes

  • Resolved an issue when opening all files simultaneously for an access request caused inconsistent total file counts across tabs. (15584)
  • Resolved an issue when clicking on a task ID link incorrectly redirected users to the ‘All Tasks’ list instead of the specific task details page. (15744)
  • Resolved an issue where the full system name was not displayed in the “Add Rework Data Fetch Request” modal. (15703)
  • Resolved an issue where the Email Template screen incorrectly displayed the login page instead of the General Emails section. (15813)
  • Fixed an issue where pre-questions were not displayed on client request forms. (15774)
  • Fixed an issue where the Vendor/Council name was not displayed in the Collection Point field. (15702)
  • Fixed an issue where default requests remained stuck in Unverified status when pre-questions were used. (15793)

Hot Fixes Version-8.8.0

  • Resolved an unauthorized error occurring during email verification for portal account requests. (15662)
  • Resolved an issue where the request reminder email for verification was not sent. (15679)
  • Resolved an issue where the Verification Questions section was missing from the Request Verification page. (15680)
  • Resolved an issue where some consumers were not receiving Verification Questions during the request process, despite being eligible. (15681)

 

Upcoming Features

Reimplementation of cookie consent using just native javascript
Reimplementation of cookie consent using native JavaScript to eliminate external dependencies and enhance performance, maintainability, and control.

Email Notification for New Cookies Added
Ability to receive email notifications when new cookies are added, enabling users to stay informed and monitor changes in real time.

Quiklink Connector for Outreach
Quiklink connector for outreach, a sales engagement platform.

Quiklink connector for Gong
Quiklink connector for gong, an AI-powered revenue intelligence platform

Resolution for style collisions on customer websites
Updating all CSS classes with a prefix, helping prevent style collisions on customer websites.

New request workflow – Request Workflow
Ability to manage all data privacy requests through an assessment or questionnaire.

Additional Configuration for Customized User Group Task Visibility
Ability to further customize task visibility for user groups, allowing administrators to restrict access to tasks outside their designated scope.

Assessment Directive
New workflow for assessment directive.

Process flow for enabling a new regulation/request type
Process flow to support seamless configuration of new regulations and request types

Assessment Owner / Assessment Assignee Mode
Support for Traditional and Collaborative assessment modes, including privacy group permissions, reassignment capabilities, and enhanced assessment listings with owner and assignee details.

New tab on clicking “View” link on Data Approval page
Enhancement on the Data Approval page so that the ‘View’ link opens the item in a new tab.

Truyo Product Release Version 8.8.0

New Features & Enhancements

Ability to ask “verification questions” separate from the verification email process (15076)

    • Added an ability to configure verification questions that collect additional consumer information before request submission, without requiring email verification.

Alert when request types are not configured for systems (15416)

    • Added an ability to display an alert message when a ‘request type’ lack configured systems or vendors, helping to identify configuration gaps and take appropriate action.

Scrolling for the left side menu (15515)

    • Added vertical scrolling to the left navigation pane in admin portal.

“None of these apply” option to the Country residency list when “Country based request creation” is selected (15524)

    • Added a “None of these apply” option to the residency list when “Country based request creation” is selected, allowing users from unlisted countries to submit requests.

Search and Pagination for Apps in App Plugin (15425)

    • Added a search box and pagination for apps in the App Plugin tab to enable easy search and efficient navigation through long list of apps.

Search and Pagination for Domains in Cookie Plugin (15411)

    • Added a search box and pagination for domains in the Cookie Plugin tab to enable easy search and efficient navigation through long list of domains.

Searchable dropdowns in Add/Edit modals of Cookie, Topic, App, and Libraries (15511)

    • Added search functionality to all dropdowns in the Add/Edit modals of Cookie, Topic, App, and Libraries.

“Scan Date” column renamed to “Cookie Added Time” in Cookie tab (15420)

    • Renamed the “Scan Date” column to “Cookie Added Time” to clearly show the most recent date and time each cookie was added via scan, UI, or import.

Granular permissions for bulk delete (15251)

    • Extended granular permissions to Bulk Delete functionality. Now, if a user group doesn’t have delete permission, they will no longer be able to perform bulk deletions.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

No specific infrastructure updates included in this release.

Bug Fixes

  • Fixed an issue where editing discussion comments in assessments caused the formatting to be lost. (15330)
  • Fixed an issue where the Compliance Advisor scan was blocked by Akamai Bot and Cloudflare. (15386)
  • Fixed an issue where the app store URL dropdown did not appear in the app metrics tab when the total number of app store URLs was less than 8. (15506)
  • Fixed an issue where the search option was missing in ‘Add Group User’. (15509)
  • Fixed an issue where changes were not reflecting in the topic list for the default English language in plugin settings. (15323)
  • Fixed an issue where the “Strictly Necessary” tab in the cookie settings had a bug in HTML, causing the hyperlink to display as plain text (15585)

Hot Fixes Version-8.7.0

  • Fixed an issue where consent decline failed when the cookie name started with a numeric value. (15536)

 

Upcoming Features

Support for Kentucky Consumer Data Privacy Act (KCDPA)
Configurations to ensure client compliance with KCDPA as it comes into effect.

Support for Rhode Island Data Transparency Protection Act (The Act)
Configurations to ensure client compliance with Rhode Island Data Transparency Protection Act as it comes into effect.

Allow consumers to submit the same request type for different sub-brands
Support for submitting multiple requests of the same type for different sub-brands.

Enhancements for handling a FOIA request within Truyo
An ability for handling a FOIA (Freedom of Information Act) request.

“Relationship Type” selector for data privacy requests
Support for a ‘Relationship Type’ selector for data privacy requests.

New request workflow – Request Workflow
Ability to manage all data privacy requests through an assessment or questionnaire.

Assessment Email Questions Assignments
Support the ability for a user to select one or more questions and assign them to another user.

MS Purview Connector
Support for automated identification and deletion of emails from Exchange servers.

Truyo Product Release Version 8.7.0

New Features & Enhancements

Bulk Delete Feature for App Libraries (15261)

    • Added bulk deletion on the mobile app consent SDK configuration.

Plugin update to immediately and reliably store the consent state (15194)

    • Improved reliability to ensure consent state is properly stored and recognized even when users leave the page immediately after giving consent, for the cookie consent plugin.

Manual review before new cookies are added to the cookie banner (15200)

    • Added a new configuration toggle in the customized settings tab for the Cookie Plugin to control automatic republishing after scan or add/edit/delete cookie and topic. The toggle ‘Auto Publish’ defaults to enabled.

MS Purview quiklink Connector (15266)

    • New quiklink connector to automate the searching of emails from exchange server.

Search option within the dropdowns of consent module (15257)

    • Added a search option within dropdown menus, allowing users to type any substring to dynamically filter and find data more efficiently.

Display Next Run Date/Time for Auto Scan (15361)

    • Added visibility of the next scheduled run date/time for Quick and Deep auto scans in key interfaces.
    •  Enhanced user awareness by showing next run date/time messages upon selecting Quick Scan or Deep Scan radio buttons in the Scan Report.
    •  Improved accuracy of displayed next run date/time immediately reflecting any configuration changes after saving.

Admin login page redesign (15215)

    • Redesigned login page on admin portal for enhanced user experience.

Forgot password feature redesign for admin (15216)

    • Redesigned forgot password feature on admin portal for enhanced user experience.

Preference Management Delete Refinement (15189)

    • Enhanced functionality to restrict deletion capabilities if the user has any open data privacy requests.

Support “question visibility” in the assessment editor (15171)

    • Added the ability for assessment questions to be visually restricted to specific user groups.

Assessment notifications (15179)

    • Within the ‘assessments’ module, email notifications are enabled when an assessment is assigned an owner.

Updated request Id tag (15332)

    • The request Id tag inside the email templates is now the short form id, enabling users to easily correlate and recognize requests between email and portal for improved consistency.

Convert FreeTextArea to RTF editor in assessment module (15173)

    • The FreeTextArea questions pull up the RTF editor now.

Configurable response times for requests (14903)

    • Introduced support for country specific response times for requests, to comply with GDPR requirements. This feature allows handling varying response timeframes based on the request’s originating country ensuring adherence to their regulations.

Configurable Effective Date – Improvements (15139)

    • Added an editable date picker for effective dates directly within the regulation table, visible for both enabled and disabled regulations to allow quick and easy date management.

Search options to enhance drop downs with large amounts of data (15288)

    • Added a search option within dropdown menus, allowing users to type any substring to dynamically filter and find data more efficiently.

Security Updates

No specific security updates included in this release.

Infrastructure Updates

Kafka events for managing the ingress YAMLs automatically (15322)

  • Added support for automatic setup of default ingress definitions and provisioning of CORS policies for cookie consent when a domain is added or deleted.
  • Added the configuration to generate events in the todo Kafka topic or a new topic.

Bug Fixes

  • Fixed long delay in conditional output rules running. (10619)

Hot Fixes Version-8.6.0

  • Fixed incorrect mapping for Maryland Obtain Categories request type. (15367)
  • Updated CSP in meta file for fallback error (15419)
  • Fixed blocking of Compliance Advisor scan by Akamai Bot & cloud-flare (15386)
  • Fixed Compliance Advisor error message (15402)
  • Enhanced capability for NetApp user to create magic token without first name and last name (15417)
  • Fixed error for Test Email (15343)

Upcoming Features

Extend granular permissions for bulk delete
Support for extending granular permissions to bulk delete features in cookie and topic tabs.

Rename “Scan Date” column to “Last Date” in Cookie tab and display last date for all cookies
Enhancement to display last date for all types of cookies added via scan, UI or import file.

Allow user to configure amount of time to display GPC toast message
An ability to configure amount of time to display GPC toast message

Implement Search and Pagination for Domains and Apps in Plugin Settings
An ability for search and pagination of domains and apps in Plugin Settings

Assessment Email Questions Assignments
Support the ability for a user to select 1 or more questions and assign them to another user.

Enhancements for handling a FOIA request within Truyo
Process enhancement for handling a FOIA request within Truyo.

Ability to ask “verification questions” separate from the verification email process
Enhancement to ask consumers for additional information (using verification questions) before the request is submitted without requiring them to complete email verification.