Automate PII discovery, data misplacement detection & multi-jurisdiction compliance — DPDP India, GDPR Europe, UK GDPR, Singapore PDPA, and GCC PDPL. Built on 480+ ML algorithms. Not an audit. Not a consultant. An automation tool that runs 24/7 on your premises.
Manual audits take weeks and miss 80% of misplaced data. Shield automates this — scanning continuously, not once a year.
Revenue figures, customer pricing, and deal terms sitting in finance shared drives. Who approved this access?
Confidential P&L, margin data, and financial projections accessible to sales reps who don't need them.
Customer Aadhaar, PAN, and bank details found in HR folders, onboarding drives, and training materials.
Vendor bank details, GST certificates, PAN copies scattered across procurement, accounts, and project folders.
RBI imposed 353 penalties totalling ₹54.78 Cr in FY2025 alone. Under DPDP, penalties go up to ₹250 Cr per violation.
Meta / WhatsApp
₹213 Cr
Privacy policy & data-sharing abuse
ICICI Bank
₹12 Cr
Multiple regulatory violations
Citibank
₹4 Cr
Compliance breaches
Kotak Mahindra Bank
₹4 Cr
Regulatory breaches
Reliance General Insurance
₹1 Cr
Unauthorized commission payouts
Bajaj Finance
PRODUCT BAN
eCOM & Insta EMI Card suspended by RBI
The biggest fear for BFSI is NOT fines — it's lending bans, license cancellation, and business restrictions that destroy operations overnight.
Shield is built for global enterprises operating across India, Europe, UK, Singapore, and the GCC — with PII detection tuned to each region's regulatory requirements.
India
DPDP Act 2023Europe
GDPRUnited Kingdom
UK GDPR / DPA 2018Singapore
PDPA 2012 (Amended 2021)GCC / UAE / KSA
PDPL · UAE PDPL · DIFCWhether your enterprise operates from Mumbai or Dubai, serves customers in London or Singapore, or processes data under multiple frameworks simultaneously — Shield's agent adapts its PII detection ruleset to the jurisdiction of your choice, without any additional configuration or cloud connectivity.
Shield automates the entire DPDP compliance lifecycle — discover, classify, prioritize, assign, track, escalate, and audit.
Scan
Auto-detect PII across all files
Classify
40+ types mapped to DPDP tiers
Check
Right data in right folders?
Notify
Grouped alerts, not 200 emails
Survey
Employee action with deadlines
Escalate
Auto-escalation + audit trail
Shield runs silently at 0.1% CPU. No manual file selection. No spreadsheet tracking. No weekly audit meetings. Your compliance team gets a dashboard — not a workload.
Automated. Continuous. Not a consultant.
PII Detection & DPDP Mapping
480+ ML algorithms embedded in every agent for PII detection — Verhoeff checksum, Luhn validation, NLP entity recognition, and structural pattern matching. Covers 40+ Indian PII types plus GDPR, UK GDPR, Singapore PDPA, and GCC PDPL data classes. Scans 24 file formats deep inside every cell, paragraph, and attachment. DPDP 5-tier priority classification (P1–P5).
Data Misplacement Detection
Finds data where it shouldn't be. Finance data in sales folders? Customer PII with HR? Balance sheets on shared drives? Shield flags every access violation with department mapping.
Smart Scanning → Grouped Alerts → Employee Surveys → Auto-Escalation
After every scan, Shield checks each PII file against folder rules. Files inside designated folders are marked compliant with time-box tracking. Files outside trigger notifications.
Notifications grouped by category, not individual files. 200 Excel files with Aadhaar on Desktop? Admin sees ONE alert — not 200 separate emails.
Admin sends unique survey link. Employee picks: "I moved it" (which folder?) | "I'll move later" (reason + deadline) | "Needs to stay" (business justification + expiry).
If employee says "I moved it" but next scan finds the SAME file still there — a strict second survey triggers automatically. First time: friendly. Second time: escalated.
First offense — gentle reminder. Second — strict warning + admin alert. Repeated violations — compliance dashboard flag + management escalation. All automatic.
Every survey response stored: who responded, when, what action they chose, what reason, what deadline. Audit-ready evidence for DPDP compliance reviews.
Right data. Right department. Automatically enforced.
| Department | Owns This Data | Violation Example |
|---|---|---|
| HR | Aadhaar, PAN, Employee records, Salary, DOB | Finance agent has Aadhaar files → VIOLATION |
| Finance | Bank accounts, Credit cards, GST, Invoices, Balance sheets | Sales agent has balance sheets → VIOLATION |
| Sales | Customer emails, Mobile numbers, Addresses | HR agent has customer database → VIOLATION |
| IT | Employee IDs, System credentials, Access logs | Sales agent has system credentials → VIOLATION |
| Legal | Board resolutions, Contracts, Director PII | Operations has board minutes → VIOLATION |
Critical
Aadhaar (Verhoeff validated), PAN, Bank Account, IFSC, UPI ID, Credit/Debit Card, Biometric
High
Passport, Voter ID, Driving License, GSTIN, Health Records, Insurance Policy, ITR
Moderate
Name+DOB, Email, Mobile, Address, Employee ID+Salary, CIN/DIN
Low
Gender+Age, Caste/Religion, Vehicle Registration, Ration Card, Education, License Numbers
Minimal
Standalone Names, Phone Numbers, Generic IDs, Public Information
24 File Formats: Excel, PDF, Word, CSV, TSV, Tally XML, SAP Exports, JSON, Emails (.eml/.msg), Text, Logs, PPTX, SQL, DB, ZIP, RAR, MBOX and more
| What Matters | Manual Audit | Global DLP Tools | Cloud Scanners | Mitrak Shield |
|---|---|---|---|---|
| Indian PII Coverage | 5-10 | 8-15 | 10-20 | 40+ types |
| Aadhaar Checksum | ✗ | ✗ | Some | ✓ Verhoeff |
| Data Misplacement Detection | ✗ | ✗ | ✗ | ✓ Built-in |
| Vendor Compliance Check | ✗ | ✗ | ✗ | ✓ Automated |
| 100% On-Premise | ✓ | Mostly | ✗ Cloud | ✓ Always |
| DPDP + GDPR + PDPA Mapping | ✗ | GDPR only | Partial | ✓ All 5 Jurisdictions |
| Indian Formats (Tally/GST) | Manual | ✗ | ✗ | ✓ Built-in |
| Time to First Scan | Weeks | Weeks-Months | Days | ✓ Minutes |
| Daily Auto Scanning | ✗ | ✓ | ✓ | ✓ Incremental |
| Typical Cost | High (team) | Very High | Per-GB | ✓ Flat license |
Raw PII never leaves the employee's machine. Server runs as a sealed Docker container on YOUR infrastructure.
Desktop Agent scans all local drives, network & USB using read-only permissions. Only metadata (file names, PII types, counts) is transmitted via TLS 1.3 to the Shield Server running in a sealed Docker container. The Web Dashboard shows only aggregated scores — no individual PII values are ever displayed.
Zero PII Transmission
Raw data stays on agent
India Data Residency
All servers in India
Docker Containerized
Sealed binary, no code access
AES-256 At Rest
DB encrypted on server
TLS 1.3 In Transit
All API calls encrypted
Read-Only Agent
Never modifies source files
Role-Based Access
Admin / DPO / Auditor levels
Agent-Based or Network-Based — you choose. Or use both together.
Lightweight EXE installed on each machine. Scans locally using 0.1% CPU.
No agent installed — scans remotely via WinRM. Zero install on endpoints.
Recommended: Hybrid Deployment
Agent on all laptops & desktops (catches personal folders, USB, offline work) + Network scan on file servers & NAS (no agent needed) = 100% coverage across your entire organization.
19 Modules. 83 Gap Items. Shield covers Sections 4-16, Rules 17-21 of the DPDP Act.
70
Fully Built (84%)
7
Partially Built (9%)
6
Remaining (7%)
83
Total Gap Items
M1: Data Discovery
S.4, S.8
M2: Processing (RoPA)
S.4, S.8
M3: Privacy Notices
S.5
M4: Consent Capture
S.6
M5: Legitimate Use
S.7
M6: Rights Management
S.11-14
M7: Grievance Redressal
S.8(9)
M8: Security Safeguards
S.8(5)
M9: Breach Management
S.8(6)
M10: Children's Data
S.9
M11: Retention & Erasure
S.8(7)
M12: Cross-Border
S.16
M13: Vendor Governance
S.8(2)
M14: SDF / PIA
S.10
M15: Regulatory Proceedings
S.27-33
M16: Compliance Reporting
Rule 17
M17: Records & Archival
Rule 19
M18: Enforcement
Rule 20
M19: Appeals Management
Rule 21
BFSI-Approved compliance and security certifications.
Vulnerability Assessment & Penetration Testing by CERT-In empanelled auditor
Privacy Impact Assessment. Zero data exfiltration. Zero cloud dependency.
100% on-premise processing. Zero offshore transmission. RBI/IRDAI compliant.
OWASP Top 10 compliant. Code review & dependency scanning documented.
Read-only guarantee. Scan state recovery. Graceful degradation.
Full dependency inventory. CVE scan completed. License compliance verified.
Information Security Management System Certification
Security, Availability, Confidentiality, Privacy. CPA-audited controls.
| Client | Revenue | Tenure | Industry / Detail |
|---|---|---|---|
| Muthoot Finance | ₹27,542 Cr | New | India's #1 gold NBFC. 5,000+ branches, 29 states. |
| Chambal Fertilisers | ₹16,800 Cr | New | K.K. Birla Group. Largest pvt urea plant. |
| MedPlus Health | ₹6,538 Cr | 2+ Yrs | India's 2nd largest pharmacy. 4,900+ stores. |
| Page Industries (Jockey) | ₹4,600 Cr | New | Exclusive Jockey licensee India. 100,000+ retail outlets. |
| Apparel Group | $3.5 Bn | 2+ Yrs | Dubai HQ. 2,300+ stores, 85+ brands, 14 countries. |
| Bata India | ₹3,500 Cr | New | India's largest footwear retailer. 1,800+ stores. |
| USV Pharma | ₹3,000 Cr | 6 Mths | #1 anti-diabetic. WHO-GMP & USFDA approved. |
| Sumitomo Chemical | ₹2,940 Cr | 6 Mths | Japan's Sumitomo subsidiary. Crop protection. |
| Lux Industries | ₹2,873 Cr | 4 Mths | India's largest innerwear. 700,000+ touchpoints. |
| VIP Industries | ₹2,190 Cr | 6 Mths | Asia's #1 luggage maker. 9,000+ outlets. |
| Mafatlal Industries | ₹2,140 Cr | 6 Mths | 120-year textile legacy. BSE listed. |
| EIH (Oberoi Hotels) | ₹2,100 Cr | 1+ Yr | Oberoi & Trident chains. 32 luxury hotels. |
| Safari Industries | ₹1,995 Cr | 2+ Yrs | Leading luggage brand. BSE/NSE. |
| Hero Cycles | ₹1,840 Cr | New | World's largest cycle maker. 70+ countries. |
| GM Modular | ₹1,750 Cr | New | India's #1 modular switches. Red Dot Award. |
| Silver Pumps | ₹1,610 Cr | 6 Mths | India's largest pump plant. 10M units/yr. |
| Munjal Auto | ₹1,200 Cr | 3 Mths | Hero Group. Auto components for 2W/4W OEMs. |
| Keventer Agro | ₹1,080 Cr | 1.5+ Yrs | Largest dairy in East India. 125-yr legacy. |
| Aspire Systems | ₹1,020 Cr | New | Global IT services. 4,000+ employees. |
| V-Trans Logistics | ₹800 Cr | New | Express logistics. Pan-India hub network. |
| Servify | ₹787 Cr | New | Device lifecycle platform. Apple/Samsung partner. |
| Celio Fashion | ₹600 Cr | New | French menswear. 200+ stores India. |
| Nuberg Engineering | ₹580 Cr | New | Global EPC. 60+ chemical plants in 32+ countries. |
| Indian Terrain | ₹345 Cr | 3+ Yrs | Premium menswear. 200+ outlets. |
Industries: Retail, Manufacturing, BFSI, Pharma, Logistics, E-commerce, Hospitality, Agriculture, EPC — across India, UAE, KSA & Kenya
What EY/Deloitte do manually in 4-8 weeks with sample-based coverage (10-20% of files), Shield does automatically in minutes with 100% coverage — every cell, every page, every attachment.
Misplaced data. Hidden PII. Uncertified vendors. Shield finds them all — 100% on your premises. 15 minutes to set up.