FAQs and procurement-ready answers
Short answers you can share internally — covering product basics, evidence safety, DSAR operations, and commercial terms.
Hash-first (HMAC-SHA256)
Identity indexing
Masked by default
Evidence views
90 days
Default retention
Role-based (RBAC)
Access control
Product basics
What Sylure is (and isn't), how intake works, and what you get out the other side.
Is Sylure connector-based?
Today Sylure is uploads-first. You bring exports, archives, case folders, and logs as ZIP bundles so intake is controlled, auditable, and easy to scope. We map exposures back to concrete assets (files/paths) so remediation is practical.
What kinds of data can we upload?
Common exports (CSV/JSON), documents, emails, and logs. Intake validates size and structure before scanning, then produces an inventory of assets and where personal data appears.
How does Sylure reduce noise?
Review workflows support ignore/suppress decisions at the finding level with traceability. The goal is consistent governance: the same decision should produce the same outcome across views and exports.
Evidence safety
Masking, minimisation, access controls, and retention patterns for review workflows.
Do you store raw personal data values?
Sylure is designed for minimisation. Where possible, identities are matched using hash-first indexing and masked evidence views. Raw values may exist inside the customer-provided source files you upload; presentation layers can be masked by default to reduce exposure during triage.
Can we keep evidence masked for most reviewers?
Yes. You can use role-based access and masked-by-default review views for routine triage, only revealing sensitive values when absolutely necessary for resolution.
How do retention and deletion work?
Retention is policy-driven. Typical patterns include lifecycle-based deletion for uploads and aligned database retention for derived artefacts. If you have a specific retention window, we can align configuration and documented procedures.
DSAR operations
Review-first DSAR bundles, consistent decisions, and draft outputs designed for human validation.
What is a "DSAR bundle" in Sylure?
A DSAR bundle is a structured export that collects matched evidence (with an audit trail), reviewer decisions, and supporting context into a package that is easier to validate internally and share with counsel or the request handler.
How do you handle false positives during DSAR review?
Reviewers can mark findings as irrelevant, suppressed, or ignored with optional notes. Those decisions are tracked so subsequent exports remain consistent and defensible.
Can we generate a draft response letter?
Sylure can generate draft summaries and DSAR-facing language as a starting point. Draft outputs should always be reviewed by a human and are not legal advice.
Pricing & procurement
Commercial terms and practical expectations for volume, AI outputs, and onboarding.
What does "unlimited DSAR bundles (fair use)" mean?
Bundles and exports are not charged per request. "Fair use" means reasonable use aligned to normal operational volumes. If you need high-volume automation or larger upload allowances, the Enterprise plan is a better fit.
What counts as "AI reporting" usage?
Each generation produces one draft output (for example, an executive summary or a DSAR-facing draft). Outputs are designed for review workflows and should be validated before sharing externally.
What if we exceed the included monthly upload allowance?
For higher volumes we can increase allowances under an Enterprise plan. The goal is predictable operations: clear limits, clear guardrails, and transparent commercial terms.
Still have questions?
Tell us your environment (data sources, expected volumes, and review model). We'll suggest a safe, practical path to production.