GDPR Discovery

Take the fundamental first step to becoming GDPRsafe

GDPR Discovery is a finding technology that provides the automated means to answer the What, Why, When, How, Where and Who of personal data discovery for GDPR compliance

GDPR Discovery is a complete, automated software platform to support GDPR compliance at its most fundamental level. It is a single, best practice, secure architecture that provides for modular deployment and installation to best suit the individual requirements of each customer. 

So there is a choice of three, complementary modules that address each of the primary sources that are at risk of holding or hiding personal data - Paper, Files and Data. And these modules can be easily configured into any permutation to provide the most relevant, affordable and deliverable solution to the customer.


GDPR means that you cannot now avoid digitising all paperwork that may contain personal data. Having scanned it, you then need to discover the exact existence & nature (or not) of personal data across and within all the scanned documents. And this needs to be a constant process of paper scanning, processing and reporting for personal data as new scans are generated.


Similar issues apply to any document images (e.g. BMP, GIF, JPEG, PNG, TIFF) and digitally generated documents (e.g. Microsoft Excel, Publisher, PowerPoint, Visio, Word or HTML, PDF, RTF and Text files and so on). Any of these may contain personal data which must be found, reported and managed.


Here, discovery is performed against relevant Line of Business systems, databases and data sources to find all instances of personal data; in particular, finding within metadata  fields  (data item labels) and free text sequences/silos (i.e. unstructured text in a structured data system)

Dynamic Discovery

This refers to the automated monitoring and identification of any changes to the items in the host sources so that new, updated or amended data, documents, files or records are automatically processed for personal data identification, analysis, classification and reporting. Effectively, the three primary discovery processes are cyclical as they constant monitor, check and repeat themselves to ensure that the results are automatically kept up to date for GDPR compliance purposes.

Analysis, Reporting & Visualisation

There is a constantly renewing presentation of meaningful output from all the above processes. All the results generated by the various discovery processes are analysed, interpreted and reported upon automatically so the organisation can see at a glance exactly what it is dealing with in terms of personal data for GDPR compliance purposes.

All personal data items found are defined in detail per data stream, document, file and record. For instance; the number and nature of unique PID and instances of each classified as to their 'proximity of identification' (e.g. 'direct ', 'sensitive' and relative weighting/ranking of risk as identifying a data subject). And the source of each & every item of personal data is made available for on screen viewing (e.g. in a data stream or a PDF document where all occurrences and instances of personal data are simultaneously highlighted in situ).

All of these granular results are automatically aggregated (with drill-down and drill-up facilities) into illuminating charts and illustrative visualisations for easy reference and an overview of the personal data situation. And all charts and visualisations are presented via a dashboard which is user specific (i.e. each dashboard is personalised to the access/view permissions of each authorised user).