How did your team operationalize DSAR handling at scale under GDPR?

We just crossed 500 DSARs/year and our manual triage process is breaking down. The 30-day clock doesn't care about ticket queues. Specifically: how are teams automating the identity verification + data discovery pipeline? We're evaluating whether to build an internal tool or integrate a third-party DSAR platform. Art. 12(3) deadlines leave no room for manual handoffs. Jurisdiction: EU, DE Confidentiality acknowledged.