Case Study: Overstock.com achieves 10x ROI and minutes‑level automated privacy request fulfillment with DataGrail

eCommerce Giant Brings Home Automated Privacy Management for 10X ROI

Overstock, a leading online retailer, faced a scaling privacy challenge as regulations like the CCPA loomed: a small privacy team relied on manual spreadsheets, interviews, and costly engineering time to fulfill data subject requests, with “do not sell” requests taking up to three weeks. To modernize and centralize privacy operations they partnered with DataGrail and implemented DataGrail’s Request Manager to automate DSR handling.

DataGrail automated end-to-end DSRs (including Do Not Sell), integrated with data warehouses, on‑prem systems and customer platforms, and provided continuous data discovery with human oversight for sensitive deletions. The result: a 10x ROI, DNS fulfillment reduced to about 3 minutes (vs. 2+ hours), three weeks of effort saved in year one, a single IT compliance manager now manages requests while dozens of engineers were freed to focus on core work — demonstrating rapid, measurable impact from DataGrail’s solution.

Overstock

Brandon Greenwood

CISO, VP Security and IT