“Scan your data on local and cloud-based systems for sensitive information in minutes. DataMapper is a Sensitive Data Discovery tool that scans your data to find the documents, emails and images that contain words and terms related to privacy regulations such as UK-GDPR. DataMapper is for companies that has lost track of its sensitive data on e-mail, hard drives, cloud etc., and who lack the time to go through it all.
DataMapper is a cloud-based SaaS (Software as a Service), that use artificial intelligence and machine learning algorithms to find numbers and words which can be categorised as sensitive across your company’s employees and data systems. It automatically classifies files into 80 different categories with up to 98% accuracy.
After a scan, you will be presented with an overall overview of the files that are at risk of containing sensitive information. The administrator can see where the inappropriate workflows are, so you can improve your practices for handling data. DataMapper is run from a browser-based and can be used by all your employees or an administrator who can scan the entire company’s data.”
Sebastian Allerelli
Founder & COO
How DataMapper can help you
Clean up
Cleaning up your sensitive data can be a daunting task. Even if you spent weeks at it, it would be impossible to be sure you didn’t miss something important. DataMapper flags your risk data accurately in just minutes.
Enhance IT security
Most companies don’t know they are putting people’s privacy at risk until it is much too late. Use DataMapper to spot your data processing mistakes now and fix them before they affect your customers.
Avoid fines
Storing sensitive data unprotected can result in privacy fines, that cost up to 4% of your annual turnover and irreparable damage to your reputation as a data processor. DataMapper shows you exactly what data you need to protect to reduce privacy risks and liability.
Here is your overview with DataMapper
After a scan, you can see how many documents you have with GDPR risk
See documents sorted by age
See user activity
See development of risk over a period of time for selected users
See the most frequent risk numbers
See the users with most risk documents
See risk expressions categorised according to GDPR’s 8 categories for sensitive information
Filter the identified files by category, risk number, risk name, risk keyword, age, and users
Filter files by risk level
Filter files by data source
Files that meet the search criteria are displayed in a list
Now it’s up to you to delete, move, or approve the file
DataMapper automatically identifies all accounts in your Office 365 environment. As an admin, you can invite the employees you want to help clean up.
Import the names of the individuals the risk expressions should relate to
Add country-specific risk expressions
Add customised risk expressions
Enable notification emails every 14 days for selected employees
Add the data sources you want to monitor
Want to see it for yourself?
Features
Privacy Scanner
Scan your documents, emails and images for sensitive words and numbers.
Dashboard
Get a complete overview and key statistics about your risk files.
Risk Score
Files are classified as high, medium or no risk of containing sensitive data.
Categorisation
Files are categorised by age, location, document type, personal data, sensitive terms, risk numbers and relationships.
Smart Filters
Filter files by name, age, relationships, location, risk rating, document category and sensitive terms.
Insight
For each file, you can see the file location, who created the file, who has access to the file, etc.
Preview
Open a preview of the document and see where sensitive terms appear in the text or image.
File Manager
After a scan, you can easily decide what to do with the document; open, move or delete the document directly in DataMapper.
Workflows
Set up deletion rules, file moves, notification emails and other automations through integration to Logic Apps.
Administrator
Admins can invite users, see which employees have the most sensitive data, and monitor risk files for the whole company.
Custom Risk Keywords
Create the privacy search engine that suits your business by adding your own sensitive terms. Or leave out those that are irrelevant to you.
Risk over time
Follow developments in the processing of sensitive data over time.
Documentation
With a Power BI-tool you can get complete reports on how you handle sensitive data to use as documentation for data audits.
Notifications
Get clean up assistance with a notification mail once every month with updates to your data containing sensitive data.
Auto-scan
Outlook folders you select will auto-scan daily to keep your data inventory up-to-date and complete.
Languages
DataMapper detects sensitive words and numbers in English, Danish and Swedish. More languages coming soon.
Setup
Get started in minutes
It only takes minutes to get started with DataMapper. Our Customer Success department takes you through an onboarding plan with 6 simple steps and won’t let go of your hand until you’re self-driving. If you have any questions afterwards, we are ready to provide support by phone, chat or email. If you need help with larger projects, we offer a PassCard.
Integrations
Made for you
DataMapper offers three types of integrations that allow you to connect to your data sources:
- Native integrations – These include Microsoft OneDrive, Microsoft Outlook, Microsoft SharePoint, Google Drive, Google Mail, Azure Blob Storage, Local Drives and Network Drives (Windows Fileshare).
- Logic Apps – We have integrated DataMapper with Azure Logic Apps to provide access to over 1000 connectors. See the full list here.
- Custom Connector – Logic Apps allows for integration to any RESTful API, providing flexibility for customers who have specific requirements.
Search
Look for sensitive content
DataMapper scans for words and numbers that, according to privacy regulations such as GDPR fall into the sensitive category. The list is constantly being expanded with new words and numbers. In addition, you have the option of adding or omitting words and numbers from a scan. DataMapper scans for these three categories of sensitive terms:
- Personally identifiable data/PII (ID, driver’s license, passport and credit cart)
- Sensitive personal data (e.g. trade union, health info or sexual orientation)
- Business-critical terms (e.g. contract, budget or IP document)
To identify sensitive content, DataMapper uses a combination of search methods.
File types
Search through documents, images and emails
Find sensitive information in these file types:
- Documents (txt, rtf, pdf, doc, docx, gdoc, odt, pptx, ppt, xls, xlsx, gsheet, html, htm)
- Images (jpg, jpeg, png, heic)
- Emails (msg, txt)
Overview
All your sensitive data in a list
After a scan, all files containing sensitive content are displayed in a list. As an administrator, you gain a comprehensive overview of the entire company’s sensitive data, while individual users receive an overview of their own sensitive data. This allows you to quickly identify areas and processes that need attention to enhance your compliance efforts.
Categorisation
Understand Your Data
Files with GDPR risk are categorised by age, file location, file type, type of personal data, risk words, risk numbers, and the individuals related to the file. You can sort and filter by these categories, making it easy for you to get an overview of your files.
Action
Delete, move or approve
With just a few clicks, you can delete or approve files with sensitive content and ensure proper cleanup. DataMapper simplifies adherence to your privacy policy and data processing rules. Any deviations from the company’s data policy are automatically recorded, prompting users to clean up according to internal guidelines and applicable data legislation.
Notifications
Help to clean up
Turn on notifications, and have DataMapper send your users a notification email once every month. By doing this, the employees get a small reminder to clean up. The notification email will also contain updated statistics on how many files with privacy risk the employee has.
Control
You are in charge
As an administrator, you manage DataMapper on behalf of your company. You can invite new users and have rights to customise the cleanup on behalf of your employees. You get key statistics for both the entire company’s and the individual employee’s processing of sensitive data. As an admin, you get an overview of which processes generate risk.
Documentation
Demonstrate your compliance
The DataMapper administrator has access to key statistics of the company’s data processing. This facilitates the preparation of reports for internal audits or demonstrations of compliance to, for example, the Information Commissioner´s Office.
Business Intelligence
Get the Full Overview with Power BI
With Power BI integration, you can gain deeper insights into your company’s data management and identify risk areas.
- Reports: View detailed key metrics and create your own customised reports.
- Visualisation: Use interactive visualisations to present data and get a clear overview.
- Integration: Power BI works seamlessly with Excel and other Microsoft products, so you can export data to your existing systems.
- Decisions: Interactive reports and accurate data empower you to make more informed, data-driven decisions.
Workflows
Clean up big scale
The administrator has the opportunity to create automations and get sensitive data processing done much faster. For example, set up rules such as:
- Delete all files with National Insurance numbers that are over 5 years old
- Approve all word files that contain the word “corona”
- Move all CVs to a special folder
Note: only applies to Private Tenant users.
Trust
Make privacy an advantage
When you’ve gone to great lengths to protect sensitive information, you should let the world know about it. In Safe Online, we have created a DataMapper Digital Trust Badge, which shows that people can confidently trust you with their sensitive information. The badge means that you are dedicated to handle sensitive data responsibly. Use the badge on email signatures, websites, etc.
IT security
Protect data following best practice
DataMapper encrypts your data to ensure that files are only accessible to you. No changes are made to your local folder structures where files are stored. DataMapper’s security reflects data security best practices and recommendations.
Pricing
DataMapper SubscriptionSubscription
£ From 214
monthSelect integrations (see list) and invite the employees you want to clean up. All users get monitoring and insight into their data, as well as the option to delete. Your price depends on the number of users and integrations. See price examples for price indication*.
- Subscription
-
Option to delete
-
Continuous monitoring of data
-
Personal onboarding & support
14 Days Free TrialTry for free
£ 0
-Create an account in DataMapper and scan test data or upload your own data (max. 1,000 emails, documents or images). This is a terrific opportunity to see if DataMapper is for you. The trial version does not allow you to delete or monitor data.
- 14 days trial
- Scan test data
- Scan your own data (max 1.000 files)
Option to delete
GDPR Risk ReportAnalysis
£ From 685
-If you want an overview of your sensitive data, get a GDPR Risk Report. This solution is popular for companies that are unsure of what sensitive data they store. Read more here.
- GDPR Risk Report
- Personal support
Option to deleteContinuous monitoring of data
* Price Example 1: Outlook, 24 users = £214/month, Price example 2: Outlook, 90 users = £378/month, Price example 3: Office 365, 170 users = £764/month
FAQ
How can DataMapper help you comply with regulations? What should you do with high-risk documents you find? Get answers to frequently asked questions.
What is DataMapper?
DataMapper is a file scanner that helps organisations identify, classify, and manage sensitive data across their internal systems. Technically, DataMapper is a Data Discovery tool.
Why do you need to keep track of the company's sensitive data?
Companies often handle sensitive data such as personal information or business-critical documents. These data must be protected in accordance with international regulations such as GDPR, CCPA, and PIPL. Failure to secure these data properly can result in privacy fines and serious consequences in the event of a data breach.
How can DataMapper help me comply with data privacy regulations?
DataMapper scans and identifies sensitive information across your systems, providing a clear overview of where files containing sensitive content are stored. This makes it easier to comply with privacy requirements such as the right to access, deletion, and secure data processing.
Is DataMapper cloud-based or on-premise?
DataMapper is cloud-based.
What systems does DataMapper integrate with?
DataMapper supports integrations with various systems, including cloud storage, ERP systems, CRM platforms, and file servers. DataMapper offers three types of connectors for automation:
- Native Connectors, which integrate with the platforms Microsoft OneDrive, Microsoft Outlook, Microsoft SharePoint, Google Drive, Google Mail, Azure Blob Storage, local drives, and network drives (Windows Fileshare).
- Logic Apps integration, providing access to over 1,000 apps via Logic Apps.
- Custom Connector, allowing integration with any RESTful API, offering flexibility for specific integration requirements.
Who is DataMapper for?
DataMapper is ideal for businesses looking to gain control over their sensitive data and ensure compliance. It is particularly relevant for companies that handle large volumes of sensitive information.
How does DataMapper search for sensitive data?
DataMapper uses a combination of advanced AI and Machine Learning algorithms to detect terms classified as sensitive. Read more here.
What does DataMapper search for?
DataMapper detects words and numbers classified as sensitive under privacy regulations like the GDPR.
- Personally identifiable data/PII (ID, driver’s license, passport and credit cart)
- Sensitive personal data (e.g. trade union, health info or sexual orientation)
- Business-critical terms (e.g. contract, budget or IP document)
You can also customise your scans by adding or excluding specific words and numbers, ensuring that DataMapper identifies exactly what you consider sensitive.
Is DataMapper for an admin or the employee?
DataMapper is designed for both administrators and employees – but with different roles. Administrators have full visibility into scans and risks across the organisation, but they do not have access to clean up individual employees’ files.
As a result, the clean-up process in DataMapper is intentionally decentralised: the administrator sets the framework, defines the clean-up method, initiates scans, and monitors progress. However, it is the individual employee who is responsible for reviewing and managing their own files.
This division of responsibility was chosen because proper clean-up often requires the employee’s own understanding of a file’s content and context. It also aligns with GDPR principles and helps prevent an overwhelming burden from falling on the administrator.
What kinds of files can I scan?
DataMapper supports files smaller than 30MB and with following formats:
Documents:
txt, rtf, pdf, doc, docx, gdoc, odt
Email types:
msg, txt (email bodies)
Presentations:
pptx, ppt
Spreadsheets:
xls, xlsx, gsheet
Hypertext:
html, htm
Images:
jpg, jpeg, png, heic
What can we expect to find?
It is difficult to predict exactly what DataMapper will detect in your data. However, our scans show that up to 7% of all documents, emails, and images contain sensitive information.
What should I do with files containing sensitive information?
If DataMapper identifies sensitive data, they should be reviewed and either deleted, secured, or moved to a protected data location, depending on your company’s data privacy policies.
Should I delete files with sensitive information?
Not necessarily. Privacy regulations makes you responsible for protecting the data with sensitive information shared with you. Your company probably needs to store certain information – information about employees and customers, for example – in order to function normally.
However, it is normal for companies to have sensitive data that they should no longer have. How long you store data depends on the data rules that apply to your companies.
If you store sensitive data for too long, even if it is stored securely and not misused, you may still be in breach of the requirements. By reducing the amount of sensitive data you collect and store, you can minimize the damage from a data breach.
Why does it ask me to add names of employees and customers?
Sensitive data in itself is not always considered personally identifiable information. It only becomes personal when linked to an individual. Adding employee and customer names allows DataMapper to refine its detection. If no names are entered, DataMapper can still identify high-risk files in your system, as some terms are inherently classified as sensitive.
How many users should I add?
Administrators can invite any employees who have a Microsoft account.
Is DataMapper difficult to set up?
No, with DataMapper you can get started on your own in just a few minutes. If you have any questions during or after implementation, our customer support team is always ready to help.
What is the security behind DataMapper?
DataMapper processes all of personal information as confidential, including basic details such as names and email addresses. The system is crafted to adhere to the highest standards of data security. Read more about the security in DataMapper here.
Why not just use Microsoft Purview?
There are three reasons why DataMapper is more appropriate to use for cleaning up sensitive files than Microsoft Purview:
- Difficult implementation and setup – Purview requires a complex setup with Azure integration, access rights and data classification policies, which can take weeks or months and often requires external consultants. DataMapper works out-of-the-box without extensive IT involvement.
- Not suitable for users or to clean up – Purview identifies data, but does not give users a concrete overview or the opportunity to clean up themselves. Everything is handled centrally by IT and compliance, which makes cleanup difficult and inefficient. DataMapper shows exactly what needs to be removed and makes it easy for users to take action themselves.
- No OCR scanning – Purview can only read text, while DataMapper also scans images, scanned documents and non-editable PDFs for sensitive information.
Why not just delete files older than 5 years?
While it may seem straightforward to delete everything older than five years, this is rarely a sustainable approach. Different types of data are subject to varying retention requirements depending on legal obligations and processing purposes. Some data must be kept for longer – for example, in connection with accounting, employment, or contractual obligations – while other data should not be retained that long at all. Many files also contain a mix of information, some of which must be deleted and some of which must be preserved, meaning careful assessment is required rather than automatic deletion. A blanket five-year rule can therefore lead to either unlawful retention or unintended data loss.
Why not just search for sensitive content manually?
Manual searching for sensitive files might initially seem like a good solution, but this method comes with significant limitations that make it time-consuming and inefficient:
-
The volume of data: It can be overwhelming to review all files manually.
-
Human factor: Employees can make mistakes and overlook important files.
-
Limited search knowledge: Employees often don’t know what to look for, as many sensitive terms are unfamiliar.
-
Evolving sensitive expressions: GDPR and other regulations change continuously—new risk terms emerge all the time.
-
Sensitivity hides in images: Data may be stored in scanned documents, images, or notes—difficult to review without automation.
-
Context is everything: Words like “COVID” are only considered sensitive when linked to a person.
-
Language and formats vary: Sensitive information appears differently depending on language and country.
Read more here.
Where can I get DataMapper?
To get started with DataMapper, you can contact us here. You can also purchase DataMapper through your Microsoft subscription on the Azure Marketplace.
How much does DataMapper cost?
DataMapper is the cheapest Sensitive Data Discovery tool on the market because of its simplicity. The price of DataMapper depends on which integrations, number of users etc. you need. Contact us to get a price tailored to your company.
DataMapper is part of PrivacyHub
DataMapper belongs to the SaaS platform, PrivacyHub, which is a platform for handling the company’s sensitive personal data. PrivacyHub has divided the processing of personal data into three phases. With RequestManager, it is possible for a company to receive data requests. To locate data, data must be found – here DataMapper is used. ShareSimple is used to securely share (or receive) personal data. With PrivacyHub, a company gets the opportunity to automate the process from personal data entering the company’s data systems while personal data is in the company until personal data leaves the company again. The three services work separately, but can work in a symbiosis. PrivacyHub is created so that companies can start with one solution and add another if the need arises.
How ShareSimple works with DataMapper
DataMapper users find loads of sensitive data in old emails and attachments. Identifying all this sensitive data with DataMapper makes it quick and easy to clean up your inboxes. But if sensitive data keeps coming in emails, you may find yourself repeating the same steps over and over, just to keep up. By using ShareSimple sensitive information is kept out of your emails and inboxes altogether.
ShareSimple is a user-friendly add-in for Microsoft Outlook that instantly creates an encrypted connection for sharing sensitive information securely. Why is this so awesome? When you share personal data with regular email, two or more copies are created. This increases the risk of data leaks and breaches. With ShareSimple, no extra copies are made; and all data is encrypted and deleted automatically within a set data retention period.
How RequestManager works with DataMapper
DataMapper makes it easy to keep track of all the personal data you store about your customers, employees and others. But what about someone sends you a request about their data? Many of the companies we talk to say they still don’t have a system in place for receiving data requests and responding to them. Enter RequestManager. RequestManager receives, verifies and delivers all your data requests to one dashboard, then reminds you to respond on time. Then, just use DataMapper to quickly pull up all the data you store about the requester and deliver it neatly and safely before the deadline.
Get our Newsletter!
In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.
When you sign up for our newsletter you get a free license for ShareSimple, which will give you a secure email in Outlook. This offer is limited to one user per company.
