PII Tools combines fast and accurate scanning with turn-key local deployment.

Service Architecture

PII Tools is built to scan personal data securely using a local web user interface, plus a clean set of RESTful APIs for automated workflows.

  • Term glossary
    • Central on-prem PII Tools server to orchestrate scans and generate reports
    • Connectors for scanning remote storages and databases
    • Device Agents as thin clients for scanning local devices
    • Asynchronous batch scans to analyze document storages and devices
    • Synchronous streaming scans to analyze individual files
    • Local inventory index to capture detected PII, with exports for reviews and Subject Access Requests
  • Web user interface
    • Web interface running locally on the PII Tools server
    • Launch scans, track progress and browse drill-down reports
  • Programmatic API to drive scans and reports
    • Encrypted HTTPS protocol for communication
    • Integrates with any programming environment through REST API
    • Clearly defined API endpoints, parameters and status codes for machine integration and automation
  • Data persistence and security
    • Files and extracted metadata never leave local network
    • No external internet or cloud calls; able to run in air-gapped mode
    • Batch scans index extracted metadata into an internal inventory index
    • Online scans return detected metadata right away (no indexing)

Installation and deployment

PII Tools runs as a virtual appliance. As a part of your purchase, you receive a pre-configured Docker image which you deploy on a server of your choice. No configuration or manual sysops needed.

  • Minimum server requirements: 4 GB RAM, 2 CPU cores, 6 GB disk space, any operating systems that supports Docker: Windows, Linux, OSX, Microsoft Azure, Amazon Web Services (AWS), IBM Cloud

  • PII Tools server deployed using a turn-key Docker image from a private Docker registry

  • Thin-client Device Agent executables run on local devices to be scanned (Linux, Windows or Mac OSX)

  • Termination and backups realized through terminating or snapshotting a Docker container

  • Software upgrades realized through deploying an updated Docker image

Data scans

PII Tools scans local devices and remote storages, using cutting-edge deep learning and document context to minimize false alerts.

  • Flexible scan configuration via JSON REST API:
    • input config, including include/exclude masks and per-filetype scan limits
    • authentication and credentials for accessing remote storages
    • (optional) detectors to use, including defining own rules and detectors
    • (optional) additional metadata to appear in reports
  • Analyze a single submitted file or an entire storage via JSON REST API
    • Launch multiple concurrent scans, from multiple users
    • Endpoint for tracking batch scan progress
    • Endpoint for generating a HTML, JSON, or CSV reports for finished scans
    • Endpoint for deleting scans and indexed inventories
  • Detect all major regulatory PII types
    • Financial: bank account number, credit card number, routing number
    • Personal: full name, home address, face, phone number, date of birth, email, first name, last name, street, city, country
    • Sensitive: sexual preferences, political views, race, gender, religious views
    • Health: personal health information (PHI), medical record
    • National: passport, driving license, SSN
    • Security: username, password, IP address
    • ability to define rules for custom PII type detectors on a per-scan basis, including context filters to improve precision
  • Severity levels to guide reviews
    • LOW: covered by GDPR in theory
    • HIGH: PII people actually care about
    • CRITICAL: direct risk of identity theft, financial loss, blackmail or loss of job

View a list of all supported PII types, connectors and file formats here.

Scanning reports

Data detected in a storage scan can be exported into HTML or CSV formats, to facilitate compliance reviews and to answer DSAR (data subject access requests).

  • HTML drill-down report with three layers for human reviewers:
    • summary layer with overall scan parameters, statistics and graphs
    • listing layer that displays all files matching selected criteria
    • file layer that shows detected PII for a concrete file, including the context of each detection in order to assess the match relevance
  • CSV reports, for easy import into Excel
  • REST endpoint for generating ZIP reports programmatically
  • Schema for exported PII instance for import into other systems


The PII Tools documentation contains step-by-step instructions for the installation process, REST API endpoints and examples of launching and managing personal data scans.

View the complete product documentation.

Show me the docs!