Data & More | We delete illegal data
GDPR, CCPA and PIPEDA makes it illegal for organisations to keep any personal data that you cannot document legitimate interest in. The D&M GDPR, CCPA and PIPEDA Toolbox gives end-users an overview of potential unlawful data. It provides a simple interface to remove unwanted data from email, file share, teams SharePoint, and other data repositories.
You can define specific data polices and rules how to handle the non-compliant data and identify key documents types (e.g. salary slips, job application, travel documents) that you handle in your organization.
You can monitor your level of compliance across your data sources like mails, attachments, file shares, laptops, SharePoint, Intranet and any other data that can be connected to the Toolbox.
There is no need to ask your employees to go through many years of collected documents, mails and attachments. The toolbox can handle the job without interfering the daily routines of your employees, much more efficient and with better results. And the toolbox will continue to monitor the data to keep you compliant.
The toolbox can even move or delete non-compliant mails and documents from eg. Office365
Simply connect your data directly from the interface, let the toolbox do a quick analysis, and you get a first view of how much personal data you have, where it is located and the risk of being non-compliant.
You can easily set up data policies and document rules and instantly follow the level of data compliance across the organisation and all profiled data as the toolbox continuous to keep an eye on the data.
This is an AI generated video
Insight
Dashboard
How compliant are we? What departments work in a non-compliant way? What data policies are not being followed? Where is the sensitive data located?
Recognition
Automatic
By utilizing combinations of taxonomies, regEx and Natural Language processing (NLP) and any client specific inputs, the toolbox identifies sensitive and personal data
Speed
High Performance
One thing is finding the needles in the haystack - the other thing is how fast it takes. You decide the speed. It is just a matter of hardware.
Resources
Time for coffee
Our concept is automation - whenever possible. And minimal involvement. So don't expect a need for new colleges.
Get a free Privacy & Security review and identify your Data Privacy Risk Premium
- What volume and percentage of documents in the organization contain personal data that may be non-compliant with GDPR?
- What types of personal sensitive data are most commonly found across the organization’s unstructured data?
- How old is the non-compliant personal data retained by the organization?
- Which user accounts or departments hold the largest share of privacy risk?
- Is the volume of non-compliant data in the organization increasing over time?
- What is the average number of non-compliant documents per user account?
- How does the organization’s compliance rate compare to industry benchmarks?
- What are the trends in data production versus the creation of privacy-risk data?
- How many unique individuals (data subjects) are exposed through retained data?
- Which documents in the organization affect the highest number of data subjects?
- How much personal sensitive data has been shared via email or external channels?
- What are the most common categories of documents containing personal data?
- Which types of GDPR-sensitive data (e.g., health, political, union) are detected?
- What is the estimated annual financial risk due to privacy non-compliance?
- What criteria define non-compliant personal data within the organization?
- What types of documents pose significant IT security risks to the organization?
- Which file types most often contain privacy or security-sensitive data?
- How is security-sensitive information distributed across users or departments?
- What techniques and tools are used to identify and classify risky data?
- How do the organization’s data management practices affect operational, financial, and reputational risk?
Cases

Screenshot of the Data Miminization Manager
By utilizing a combination of taxonomies, regEx and Natural Language processing (NLP) our profiler can identify a wide variety of texts. Including all of the GDPR category 9 expressions such as health terms, financial indications, political and sexual orientation, biometric information empowerment.
Dashboard, overviews and reports
What is our risk status? How compliant are we? Which departments work in a non-compliant way? Which data policies are in risk? Where is our sensitive data located? What are our high risk areas? These questions and many more are answered quickly using our dashboard.
You can easily even create your own reports, with the content from the toolbox that suits your needs.
What constitutes personal data besides what is stated in GDRP differs from organizations to organization and is often influenced by business segment, culture and context.
Named entity recognition & GDPR article 9 information
By utilizing a combination of taxonomies, regEx and Natural Language processing (NLP), our profiler can identify the content of e.g. mails, attachments and documents. Including all of the GDPR article 9 expressions such as e.g health terms, financial indications, political and sexual orientation and financial information. By combining article 9 expressions with terms that identify data subjects or could lead to identification (PII), the toolbox detects Personal Data.
You can even supplement and customize your definitions of Personal Data to match the way it used in your organization.
For each source the user can select which dictionaries as well as languages that should be used to analyze the source documents.
Custom taxonomies
We currently have more than one million entries in our taxonomies and are expanding these when necessary.
The user can also add client specific dictionaries and RegEx and rate the impact of the custom factors with respect to sensitivity and to what extent the entry can be used to identify or infer data subjects.
Depending of the clearance the user can have access to the labels or to the labels as well as the label values. E.g. First Name is the label and David is the name.
Labels
When the toolbox is profiling your data, it sets the relevant labels for each document (or data set) that is connected to the toolbox along with a range of other metadata, e.g. d
ocument age, creation and modified data and other key points that is relevant for how the data should be classified and handled. All these data can be used to filter, search or be included in a report
Data sources and file types
Out of the box D&M 2.0 CLOUD can connect to Office 365 including Outlook, OneDrive, OneNote and SharePoint documents stored in OneDrive as well as gDrive including all Google apps document types. D&M 2.0 also provides a RESTful API that can be used for custom reporting
The toolbox supports data sources based on Windows, Linux and MacOS file shares as well as Windows laptops. All the data sources can be mapped to specific departments used as parameters when setting up data policies and included when handling document classes
Document class builder
In order to make the most effective data polices, it is often efficient to identify a number of different document classes that your Data Policies can use. Document classes can be build using Labels and text value. An employment contact might be defined as a document containing the words “Employment contract” OR “Ansættelseskontrakt” and FULL_NAME” AND CPR. This might not identify an actual contract, but a mail with the information for a contract. Never the less both instances should be identified as sensitive personal data. If one would like to “only” identify employment contracts as a document and not mails about contracts, the user would add document Type is .doc in order not to find mails.
Data policy builder
One of the core features of the toolbox, is the unique opportunity to define data policies and monitor the compliance levels directly.
The user can easily set up any number of data policies by using logic operates and wildcards on e.g. document classes, data source, departments, a specific file folder, data label, document dates and type, data type as well as any GDPR article 9 labels or any custom defined label.
The Toolbox can support the organization on many of the ways the non-compliant data can be handled.
Non-Complient Data Handling
Organizations have various ways to handle the identified non-compliant data. Some choose on a monthly basis automatically to inform the relevant employees with a list of the non-compliant mails and documents, some organizations have their Toolbox responsible (or DPO) to contact the individuals, while other organizations choose to automatically clean or move the related data to a more secure area. The handling depends on e.g. company culture, risk, severity, compliance maturity and company size. The Toolbox can support the organization on many of the ways the non-compliant data can be handled.
Departments & Users
The toolbox lets you create multiple users and assign the users to different departments to be able to access, manage, and get insight. Each data source, account or folder within a data source can be assigned to a department. By assigning users to departments, you restrict the access of the user to a specific data set. This is very useful if the usage, cleanup and monitoring process is distributed to several departments within the organization.
The Toolbox quickly lists all relevant data sets and their location.
Search Across All Data Sources
The Toolbox has extremely powerful search functionality, and can in just a few seconds locate all documents, mails and attachment related to a specific person (data subject) or specific search words and filters. This is done across all profiled sources and departments in the organization. The Toolbox quickly lists all relevant data sets and their location.
D&M 2.0 ON PREMISE also supports Windows, Linux and MacOS file shares as well as Windows laptops.
Types of Installation
The Toolbox can be installed on-premises at the client site, at a hosting partner or be used from a GDPR, CCPA and PIPEDA approved Cloud environment.
Our cloud version can instantly connect to Office 365 including Outlook, OneDrive, OneNote and SharePoint documents stored in OneDrive, as well as gDrive including all Google apps document types. The toolbox also includes a RESTful API that can be used for custom data integration to e.g. a Business Intelligence site
Our on premise also supports Windows, Linux and MacOS file shares as well as Windows laptops.