ConsentLedger

ConsentLedger is a web app (with optional CLI) that continuously verifies whether your product’s real data flows still match what you promised in consent banners, privacy policies, and DPAs. It connects to your event pipeline and key SaaS tools (Segment/RudderStack, Snowflake/BigQuery, Salesforce, Braze, etc.) to map where personal data is collected, transformed, and sent. It then flags “consent violations” like sending marketing identifiers without opt-in, retaining data past stated limits, or exporting to an unapproved vendor. This is not a legal doc generator; it’s an engineering control that produces evidence: versioned data-flow graphs, alerts, and audit-ready reports. It also supports privacy engineering workflows: change requests, approvals, and automated checks in CI for new tracking events. Expect some setup effort—if your instrumentation is chaotic, the tool will expose that fast.