ShadowPII
ShadowPII is a web app (with optional lightweight desktop agent) that continuously detects and reduces “shadow” personal data scattered across SaaS tools and internal file stores. It connects to Google Drive, Microsoft 365, Slack, Jira/Confluence, Zendesk, and common cloud buckets, then scans for likely PII/PHI using pattern matching plus an AI classifier to reduce false positives. It produces a living RoPA-style inventory: where data lives, why it exists, who can access it, and how long it’s been sitting there. The app flags high-risk exposures (public links, overly broad permissions, stale exports, forgotten spreadsheets) and guides remediation with one-click actions where APIs allow (remove link sharing, tighten permissions, create retention rules, open tickets). It also generates audit-ready evidence packs for GDPR/CCPA/ISO 27001, but stays realistic: it won’t “solve compliance,” it will just make data sprawl visible and fixable.