DataMapper is a web application that finds and flags sensitive and personal data scattered throughout your systems that may present a risk of data breach and fines under new privacy regulations such as the GDPR, CCPA, PIPL, and more.

Since the GDPR and other regulations make you responsible for protecting all the personal information your company stores, you need an easy way to sort and keep track of any documents in your systems that contain personal data.

Find out where all your data is stored 

Classify data by its sensitivity/risk level, type and format 

Choose and implement effective and compliant security controls  

Create accurate Data Privacy Impact Assessments 

Report personal data breaches and security incidents on time 

Continuously monitor your risk level and assess the impact of your data processing activities 

Keep documentation and create audit reports to comply with other legal requirements 

DataMapper is designed for all companies that need to keep track of the personal and sensitive information they store for employees, customers and others.
By early 2021, 128 countries had legislation in place to secure the protection of data and privacy. Specific regulations vary, so make sure you are familiar with those that apply to your company.

Most of the personal data your company stores will be related to employees and customers. Copying a list of employee or customer names will help DataMapper find sensitive documents related to them that may present a risk of non-compliance and data breach.
If you do not enter any names DataMapper can still find high-risk documents by searching sensitive keywords throughout your systems. For example, keywords related to medical conditions and personal history. But you will get a more complete result and can find and organize all documents related to your employees and customers by entering lists of names.

Not at all, simply create an account and download the app.

Yes. You decide which storage folders you want DataMapper to scan. Only folders you select will be scanned.
DataMapper follows the Danish government’s Agency on Digitization’s best practice guidelines for IT providers.
All data tracked in DataMapper is encrypted and transferred over HTTPS using RSA with SHA-256. It’s processed on AWS(Amazon) and Azure(Microsoft) servers located in the EU.

Not necessarily.

The GDPR makes you responsible for protecting the personal information shared with you. Knowing where it is and who has access to it is the first step. DataMapper takes care of that easily.

Your company probably needs to store certain information on current employees and customers in order to run smoothly.

However, DataMapper may reveal that you still have sensitive information on file that is no longer needed. How long you retain data related to former customers and employees may depend on your company policies and local regulations for your sector.

If you keep sensitive data for too long, even if it’s being held securely and not being misused, you may still be violating requirements. Reducing the amount and types of personal data you collect and keep is one way to simplify compliance with the GDPR and stay data-ethical.

If DataMapper shows you have a high GDPR risk score, you can review the locations of high-risk documents and see who has access to them from your DataMapper dashboard.

This will help you decide if you should limit access to sensitive data, standardize storage locations, and perhaps delete data that is no longer needed.

Different members of your team may be storing company information in different locations online and on their own computers. Invite your whole team to join DataMapper so that all company information can be mapped for GDPR risk.

The account creator (Admin) will get a complete summary of all results on their dashboard, while individual team members will only view their own results.