Controls You Can Take To Procurement
Sylure is designed for privacy operations where you need fast visibility without widening exposure: validated intake limits, least-privilege roles, evidence minimisation, audit traceability and policy-driven retention.
Hash-first indexing
HMAC-SHA256
Masked by default
Evidence views
Role-based access
ADMIN / ANALYST / VIEWER
Customer-controlled deletion
You choose when data is removed
Quick answers
Can we use Sylure during procurement evaluation?
Yes. We provide security questionnaire responses, DPA templates and retention documentation on request.
Where is data hosted?
Sylure is UK-founded. We aim to host and process data in the UK.
Is there an audit log?
Yes. Key actions (authentication events, exports, raw bundle access, member / role changes) are logged and exportable.
Bounded upload processing
Uploads are processed inside strict intake boundaries to prevent oversized or malicious payloads from reaching the scanning pipeline.
ZIP intake limits (anti zip-bomb)
3GB ZIP cap, 20GB uncompressed and up to 100,000 eligible files processed per bundle.
Antivirus scanning
Antivirus scanning can be enabled as a defence-in-depth step. Designed to reduce handling risk, not to replace your endpoint controls.
Structure validation
Intake validates file types and structure before scanning. Unsupported or malformed files are rejected early rather than silently ignored.
Built for data minimisation without losing auditability
Sylure helps teams answer "what personal data do we have, where is it and what did we do about it?" without unnecessarily persisting sensitive values. Identity matching uses normalised, keyed hashes (HMAC-SHA256) so teams can search and de-duplicate exposures without storing raw identifiers as plain database fields.
Hashing pipeline
Ingest
Bring exports
Archives, case folders and logs as ZIP bundles.
Normalise
Canonicalise
All identifiers for matching.
Hash
Keyed indexing
Values aren't stored as plain text in the database.
Match
DSAR & mask
Power search and triage with masked evidence views.
Evidence safety principles
- Evidence views are masked by default in the UI and exports (default behaviour).
- Reviewer dispositions (e.g. ignore overrides) apply consistently across dashboards, DSAR workflows and exports.
- Role-based permissions limit who can view evidence, trigger exports and access raw bundles.
- DSAR exports include a masked/unmasked toggle — masked by default, with unmasked mode available when authorised.
Least-privilege roles and audit traceability
Controls designed for privacy operations teams who need fast visibility with clear boundaries: bounded intake, least-privilege access and full audit traceability.
Least-privilege roles (RBAC)
Roles support separation of duties: ADMIN, ANALYST, VIEWER. Share dashboards with stakeholders while keeping action controls restricted to authorised users.
Audit traceability
Audit logs capture key actions (Authentication events, Exports, Raw bundle access) so teams can evidence governance controls during review.
Masked collaboration
Share exposures with stakeholders while reducing exposure. Use masked evidence views for review and sign-off without revealing raw values.
Policy-driven lifecycles and shareable outputs
Privacy operations often involve temporary evidence handling. Sylure supports policy-aligned retention so raw bundles and derived outputs don't linger longer than they need to. Exports are designed for DSAR operations and stakeholder briefings, keeping evidence minimised.
Retention model
- Raw bundles auto-expire after 1 days (configurable).
- Derived data (exposures, identity hits, assets) persists until you delete it.
- Prepared uploads expire after ~24 hours.
- Tombstone record remains for audit history.
- Admins can delete bundles and derived data on demand.
Export formats
Reports
HTML · Excel extracts
DSAR exports
Excel · JSON
Audit logs
Excel
AI (where enabled)
Draft output for human review
Next step
Ready to see controls in action?
We'll walk through intake, evidence handling, RBAC, audit logging and retention — tailored to your review requirements.