Data Inventory · PII Discovery Module

Discover Every Place Personal Data Lives

DPDPA Shield's built-in PII discovery module scans your connected data sources for Aadhaar, PAN, phone numbers, and 40+ Indian identifiers — then auto-populates your Data Inventory and RoPA.

Undiscovered PII in logs, backups, or dev databases is a silent ₹250 crore liability — invisible until a breach exposes it.

See it in action →Start free trial
🔒 Tenant-isolated — data never crosses boundaries🇮🇳 Built for Indian PII patterns (DPDPA Schedule II) Auto-imports findings into Data Inventory📋 RoPA updated automatically
Detection Coverage

40+ Indian PII Types Detected

Built around DPDPA Schedule II and India-specific identifier formats — not a GDPR port.

Identity

  • Aadhaar number (masked + unmasked)
  • PAN card number
  • Passport number
  • Voter ID
  • Driving licence

Financial

  • Bank account numbers
  • IFSC codes
  • Credit / debit card numbers
  • UPI IDs
  • GSTIN

Contact

  • Indian mobile numbers
  • Email addresses
  • Pincode + address combinations

Digital

  • IP addresses
  • Device IDs
  • Session tokens in logs
  • GPS coordinates

Health

  • ABHA (Ayushman Bharat) IDs
  • Medical record numbers
  • Diagnosis codes in flat files

Other

  • Names adjacent to sensitive data
  • Date of birth patterns
  • Custom patterns via config
Connected Sources

Scans Every Place PII Hides

Most compliance tools only ask you to declare your data. DPDPA Shield discovers it.

Databases
PostgreSQL, MySQL, MongoDB, Supabase
File Stores
S3, R2, GCS, local directories
Data Exports
.csv .xlsx .json .parquet dumps
API Logs
HAR files, request/response logs
Integrations
Sync with connected data sources
Backups
Archived and compressed files
Discovery Workflow

Connect. Scan. Inventory. Done.

01

Connect your data sources

Link your databases, file stores, and cloud buckets to DPDPA Shield from the Data Inventory tab.

02

Run a PII scan

Trigger a scan from the dashboard. The module scans connected sources and classifies every finding by severity.

03

Review severity-ranked findings

Critical (Aadhaar, PAN) → High (financial) → Medium (contact). Each finding shows the data source, field, and DPDPA risk.

04

Import directly into your Data Inventory

One click auto-creates Data Assets from findings — pre-populated with PII type, DPDPA category, and suggested retention policy.

Scan Results

Severity-Ranked, Actionable Findings

Every finding maps to the exact data source, field, and DPDPA section at risk.

DPDPA Shield — PII Scan Report
Scanning connected sources ████████████████ 100% 4 sources
── CRITICAL (2 findings) ──────────────────────────
✗ AADHAAR_NUMBER · prod-db / users.kyc_data
Raw Aadhaar in unencrypted column → DPDPA S.8 · Penalty: ₹250Cr
✗ PAN_CARD · s3-backup / exports/users-2024.csv
PAN in S3 export with no retention policy → DPDPA S.4 · Penalty: ₹250Cr
── HIGH (5 findings) ──────────────────────────────
⚠ BANK_ACCOUNT · analytics-db / payment_events
Account number in analytics table · no processor DPA linked
... 4 more HIGH findings
── MEDIUM (12 findings) ───────────────────────────
... 12 MEDIUM findings (phone, email, IP address)
19 findings across 4 sources · 2 not yet in Data Inventory
→ Import 2 new assets into Data Inventory — one click
Part of the Data Inventory Module

Discovery is just the start.

PII discovery feeds directly into the rest of the DPDPA Shield compliance workflow — from Data Inventory and RoPA to consent notices, retention policies, and processor DPAs. One discovery run can pre-fill weeks of manual compliance work.

  • Auto-create Data Assets from scan findings — zero re-entry
  • Map PII types to DPDPA categories (DPDPA Schedule II)
  • Suggest retention periods and legal basis per asset
  • Link assets to published consent notices automatically
  • Flag processor assets without a signed DPA (DPDPA S.8(2))
  • Cross-reference findings against your existing RoPA for gaps
Book a DemoStart Free Trial

14 days free · No card required

Frequently Asked Questions

The Data Protection Board is operational.

Hidden PII you haven't inventoried is a liability you can't remediate. DPDPA Shield's discovery module finds it and puts it in your inventory automatically.

See PII Discovery in Action →Start Free Trial