What types of PII can the KavachOne scanner detect?

KavachOne PII Scanner detects 500+ PII types including India-specific data like Aadhaar, PAN, GSTIN, Passport, Voter ID, and international types like SSN, credit cards, emails, phone numbers, and biometric data.

Does the PII scanner send data to the cloud?

Never. Our zero-knowledge, agent-based architecture runs entirely within your infrastructure. Only metadata is reported — actual data values never leave your environment.

Which compliance frameworks does the PII scanner support?

We support DPDP Act 2023, GDPR, CCPA, HIPAA, ISO 27001, SOC 2, RBI Guidelines, and IT Act with pre-built compliance mappings for all frameworks.

Discover, Classify & Protect Sensitive Data Across Your Entire Enterprise

Discover, Classify & Protect PII Across Your Enterprise

PII Scanner is a production-grade PII Discovery Scanner deployed as an agent inside your own infrastructure. Your data never leaves your perimeter. Scan every database, cloud bucket, and file share — mapped to DPDP Act 2023, GDPR, and HIPAA.

Agent-Deployed On-Prem

DPDP Act 2023 Ready

GDPR Compliant

HIPAA Aligned

Offline / Air-Gap Ready

100%

DPDP Compliant

99%+

Detection Accuracy

50+

Data Sources

10+

Frameworks

Core Capabilities

Everything You Need to Discover, Manage & Protect Sensitive Data

Enterprise-grade PII discovery and protection — deployed as a lightweight agent on your servers.

Intelligent PII Detection

99%+ Accuracy

Comprehensive sensitive data types: Aadhaar, PAN, Passport, SSN, IBAN, SWIFT, IMEI, GPS coordinates, Medical Record Numbers, Blood Group, Name, Address, Phone, Medical, Email, Gender, Age, UPI ID, GSTIN and more.

Universal Data Connectors

Multi-Source

Scan wherever data lives: local/network filesystems, SFTP, Windows SMB shares, MongoDB, AWS S3, Google Cloud Storage and more.

Enterprise Database Scanning

Relational + Cloud DBs

Deep scanning of PostgreSQL, MySQL/MariaDB, Oracle, IBM DB2 and cloud databases with schema discovery and streaming sampling and more.

Compliance-Grade Reporting

Audit-Ready

Executive-ready PDF reports and multi-sheet Excel workbooks including risk score, severity classification and compliance mapping and more.

High-Performance Scanning

5,000 files/min

Pool utilizing all CPU cores. Streaming scanning engine processes thousands of files per minute and more.

ROT Data Analyzer

Data Minimization

Identify data bloat with duplicate detection, staleness scoring, obsolete files and automated retention recommendations and more.

Smart Masking & Redaction

Zero Data Egress

Type-aware masking for every detected PII type including Aadhaar, PAN, email, phone and more.

Columnar & Document Formats

12+ Formats

Support for CSV, Excel, Parquet, JSON, PDF text extraction, DOCX, ZIP/GZIP archives and structured datasets and more.

Enterprise Rule Engine

Rule Packs

Industry rule packs for financial, healthcare and e-commerce sectors with contextual keyword detection and more.

Web Dashboard

SSE + Live Monitoring

Browser-based dashboard with real-time scan progress and integrations and more.

Enterprise Licensing

Air-Gap Ready

Secure offline-first licensing. Works in air-gapped and restricted environments and more.

Real-Time Scan Monitoring

Live Monitoring

Track scanning progress live with detailed logs, file-level insights, and instant alerts for sensitive data detection and more.

Live Dashboard Preview

See PII Scanner in Action

A purpose-built PII scanning mode — with compliance-mapped findings, risk distribution analytics, and one-click audit-ready reports, running entirely within your own infrastructure.

GDPR · DPDP · HIPAA · PDPA

Active

Risk distribution across Critical / High / Medium / Low severity

PII type breakdown—Aadhar,DOB,Phoneno,Age,and more

One-click PDF, Excel & CSV compliance export

Detailed scan insights with affected files,tables,and columns

✓ All data processed within your own infrastructure

datasentinel.internal/dashboard

PII Tier License

PII Data Discovery Dashboard — PII Scanner

Live scan · GDPR · DPDP · HIPAA · PDPA covered

On-Premise Agent Architecture

Your Data Never Leaves Your Environment – 100% Secure & Private

Our deploys as a lightweight agent inside your own perimeter — on-premise, private cloud, or air-gapped. It scans, reports, and masks entirely from the inside.

Runs Inside Your Perimeter

The agent installs on your own servers. Connects to internal data sources directly — no relay, no proxy, no middleman.

Direct Data Source Integration

Connects securely to databases, file systems, and internal applications to scan sensitive data without exporting or transferring it outside your environment.

Masking Happens In-Place

PII values are masked before they appear in any report. Raw sensitive values are never written to disk outside their source.

Reports Stay On Your Infrastructure

PDF and Excel compliance reports are generated locally and stored on your designated output path. The web dashboard is accessible only within your internal network.

Your Organization's Infrastructure

Internal Perimeter — Fully Isolated

Databases

File Shares

Private Cloud

MongoDB

SFTP / SMB

Data Lakes

PII Scanner

Scanning · Classifying · Masking · Reporting

RUNNING

PDF/Excel Reports

Stored locally

Web Dashboard

Internal access only

Zero Data Crosses This BoundaryZero Egress

External Cloud / Internet — No PII ever transmitted outbound

Smart Masking Examples — Format-Preserving, Type-Aware

Raw values never stored or transmitted

PII Type	Original Value	Masked Output	Status
Aadhaar	9876 5432 1890	XXXX XXXX 1890	Masked
PAN Card	ABCDE1134F	ABCDE****F	Masked
Email	john@acme.com	j***@acme.com	Masked
Phone	+91 99765 43210	+91 ***** 43210	Masked

Regulatory Coverage

Built for DPDP, GDPR & HIPAA Compliance Requirements

Finding-level mapping across major regulatory frameworks — a complete evidence trail for your DPO and auditors.

India

India DPDP Act 2023

Digital Personal Data Protection Act

First-class support for Indian PII categories with native Aadhaar and PAN validators using government-standard algorithms. Detects UPI IDs, GSTIN, Voter IDs, and other India-specific identifiers. Multilingual NER support for regional Indian scripts and languages.

Aadhaar ValidatorPAN ValidatorUPI ID DetectionGSTIN DetectionVoter ID

Europe

GDPR

General Data Protection Regulation

Comprehensive personal data discovery across all data stores. Right-to-erasure support via smart masking. Data mapping output for Article 30 records of processing activities. Cross-border transfer risk flagging.

Personal Data DiscoveryRight to ErasureData Mapping (Art. 30)Risk ScoringMasking Support

USA · Healthcare

HIPAA

Health Insurance Portability & Accountability Act

Dedicated PHI classification covering Medical Record Numbers, blood group, health diagnoses, treatment data. Full Protected Health Information taxonomy. Maps findings to HIPAA Safe Harbor de-identification standard.

Medical Record NumbersBlood Group DetectionPHI ClassificationSafe Harbor MappingHealthcare Rule Pack

GDPR Art. 30

RoPA

Records of Processing Activities

PII Scanner's scan output feeds directly into your RoPA documentation workflow. Every scan produces a structured data inventory — data categories found, storage locations, retention indicators, and processing risk level.

Data Category InventoryStorage Location MappingRetention Indicators (ROT)Controller / Processor ViewArt. 30 Ready Export

GDPR Art. 35

DPIA

Data Protection Impact Assessment

Scan results provide the evidence layer for DPIA documentation. Risk scores (0–100), CRITICAL/HIGH/MEDIUM/LOW severity ratings, data volume exposure, and compliance gap findings map directly to DPIA necessity assessment, risk description, and proposed mitigation sections.

Risk Score per FindingSeverity ClassificationExposure Volume MetricsNecessity Assessment InputMitigation Evidence

50+ Integrations

Scan Sensitive Data Across Cloud, Databases, Endpoints & Files

From legacy on-premise databases to cloud data warehouses, file shares to object storage — connect your entire data estate without moving a byte.

Relational DatabasesCloud DatabasesNoSQL & DocumentObject & Cloud StorageNetwork & File SystemsFile FormatsRelational DatabasesCloud DatabasesNoSQL & DocumentObject & Cloud StorageNetwork & File SystemsFile Formats

Relational Databases

6 sources

Cloud Databases

6 sources

NoSQL & Document

2 sources

Object & Cloud Storage

3 sources

Network & File Systems

4 sources

File Formats

6 sources

3-STEP PROCESS

Three Steps to Achieve PII Visibility & Compliance

From zero visibility to full PII control — in days, not months

Connect

Point at any data source — database, cloud storage, filesystem, or network share. Configure credentials once; the factory-pattern connector handles the rest.

Discover

ML + rule engine scans, classifies, and risk-scores every piece of sensitive data. Multi-core parallel processing with checkpoint persistence for uninterrupted scanning.

Act

Get compliance reports, trigger real-time alerts, mask data in place, and export audit-grade findings mapped to DPDP, GDPR, and HIPAA controls.

Not Just a PII Scanner – A Complete Data Discovery & Protection Platform

Built ground-up for enterprise requirements that generic open-source and cloud-based scanners simply cannot meet.

Capability	PII Scanner	Generic Scanners
Offline / Air-Gap Operation	✓ Fully offline, no cloud dependency	✕ Requires cloud check-in
Machine-Bound Licensing	✓ Offline cryptographic machine binding	✕ SaaS / cloud-only keys
ML-Powered NER	✓ ML-powered NER, 99%+ accuracy	~ Regex-only
India DPDP Act 2023 (Native)	✓ Aadhaar + PAN validators, GSTIN, UPI	✕ Not supported
ROT Data Analysis	✓ Duplicate detection, staleness scoring	✕ Not included
Checkpoint / Resume Scanning	✓ Persistent checkpointing, resume from exact position	✕ Restart required on failure
Web Dashboard + SSE	✓ Real-time scan progress via SSE	~ Basic CLI or SaaS portal
Data Never Leaves Perimeter	✓ Masking in-place; raw PII stays on source	✕ Uploads samples for analysis

FAQ About PII Scanning & DPDP Compliance

No. PII Scanner is an agent deployed directly on your own servers — it never leaves on prem, never transmits scan data, and never uploads findings externally. All scanning, classification, masking, and reporting happens entirely within your infrastructure. Licensing is cryptographically verified offline with no cloud check-in required — suitable for air-gapped and classified environments.

PII Scanner provides finding-level mapping to three major frameworks: India DPDP Act 2023, GDPR (EU), and HIPAA (US healthcare). Every finding in every report includes explicit references to the applicable regulatory control — not a summary, a finding-level audit trail.

Yes. You provide database credentials during scan configuration; the scanner connects and operates using read-only transactions exclusively. It never modifies, locks, or alters source data in any way. Credentials are stored securely on-premise and never transmitted.

Enterprise+ tier includes our ML-powered NER engine achieving 99%+ accuracy with multilingual support for Indian and global scripts. All tiers also include the dual-engine rule system combining pattern matching and contextual keyword analysis.

Yes. Built-in checkpointing persists job state continuously (configurable interval, default every 100 files). If a scan is interrupted by power loss, crash, or manual pause, it resumes from exactly where it stopped — not from the beginning. Incremental scanning uses file-hash change detection to avoid re-scanning unchanged content.

Yes (Enterprise and Enterprise+ tiers). A full programmatic interface is provided for orchestrating scans, retrieving findings, managing configurations, and integrating with your SIEM or data governance platform. The Web Dashboard uses Server-Sent Events (SSE) for real-time scan progress.

Get In Touch

Request an Enterprise Demo

Talk to a solutions engineer. We'll tailor a demo to your exact data sources and compliance requirements.

Enterprise Demo

See it work on your own data

Not synthetic data — your real environment. We'll walk through your compliance requirements and show you exactly what DataSentinel Pro finds.

Fast Deployment

Deploy on-premise in under 4 hours. No infrastructure changes required.

Your Data Stays Yours

Demo runs in your environment. No sample upload, no cloud egress.

Compliance Roadmap

Leave with a tailored compliance gap assessment for your top frameworks.

Trusted by enterprises across BFSI, healthcare, Retail and Many More

Full Name *

Company *

Work Email *

Country

Phone *

Data Sources in Use (select all that apply)

Message

Typically respond within 1 business day