image of savannah discovery and redaction software logo white text

The Powerful GDPR
Discovery & Redaction System

Effortlessly analyse and manage your business-critical information with the powerful Savannah Discovery and Redaction System

Savannah Overview

The Savannah discovery and redaction system provides a powerful GDPR redaction service with the ability to map your data, analyse supported file formats, discover PII content and redact where required. This aids the DPO and broader business to ensure compliant management of regulated information. It includes the following modules:

image of savannah software discovery module panel

PII Discovery Module

Discovers the location of business dark data (hidden data within your networks) and maps known data locations specifically searching for Personally Identifiable Information (PII) including Special Category Data.

image of savannah redaction module panel

Redaction Module

Permanently obfuscate information that has been classified by the PII Discovery Module as PII. Your DPO will have full control over what is redacted or retained.

image of savannah software DSAR module panel

DSAR Module

Save endless wasted hours manually searching for information relating to a Data Subject. Uncover which files on your network and email system contain information on the subject of the DSAR.

If you don't know what data you have, you can't control manage govern protect it.

Savannah Discovery and Redaction Features


Efficiently perform a quick search of known data locations. Get detailed results from a specific location when you know where you need to look.


Savannah intelligently searches your entire network, analysing known data locations, and ‘dark’ unmanaged locations, categorising and cataloguing your data as it goes. Discover what is hidden in the furthest reaches of your networks and ensure only comprehensive and compliant GDPR redaction makes it to disclosure.


A key area of compliance risk for businesses is the use of email and a lack of user discipline. Savannah will find PII in both email and also their attachments: discovering, analysing and finally, redacting regulated information where required, helping to become, and remain GDPR compliant.


Generate comprehensive reports detailing the number of PII items found, their details and source filesSavannah will highlight the linkage of source file contents to PII details found, aiding decisions on what to redact.


Automate the delivery of your reports to run in-line with company policy. Produce ‘one-off’ bespoke reports for specific requests or schedule recurring searches, so you’re never left in the dark.


Through XML Savannah can interface with any compliance system such as GDPR Governor or ISO27001 Navigator. We can develop additional requirements on request.

Savannah Discovery and Redaction Benefits


Know what you hold and limit your data in-line with company policy. Article 5(1)(c) of the GDPR states that personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. Don’t fall foul of unnecessarily holding non-compliant information.


Save hundreds of hours lost to manual mapping and cataloguing of data. Reduce staffing pressures when having to respond to Data Subject Access Requests (DSARS), rapidly collating the information required, and safely redacting responses where needed.

Gain valuable insight

Learning about the data you hold and where it sits tells you a lot about your organisation, user behaviour and how your staff are really interacting with your systems. Understanding this can highlight where your staff may need help through bespoke training to ensure future compliance with company policy.

incRease compliance

The majority of business communication and activity is electronic. Its growth is exponential. In a world of increasing regulation, you need to get ahead of the problem. Savannah is a direct route to managing your risk and increasing overall compliance through expert and accurate and defensible GDPR redaction.


Reducing and controlling costs associated to data discoveries and regulatory requests is directly related to how efficiently you are able to discover, analyse and manage the relevant information. Savannah will support your compliance efforts at the same time as freeing staff to focus on other high-value tasks.


GDPR Redaction: What about discovering and redacting information manually?

You can absolutely choose to do this, but if you take this route, there are some substantial implications to consider.

  • Wasted time – days and weeks lost to labour intensive searching of all hardcopy and electronic records in efforts to respond to DSARs.

  • Increased riskIt’s easy to miss data relevant to your subject during a manual GDPR redaction. Equally as severe; in a rush to respond to a DSAR, you may erroneously disclose information relating to a third party constituting a breach under the DPA and the GDPR.

The ICO has published a useful guide on how to disclose information safely. You will see the immense amount of work involved when doing so manually, and this is assuming that to begin with, you can identify all of the relevant documentation to consider. The staffing hours required are likely to be vast, with no assurance that all bases are covered.

Choose Savannah to get Control of your Information Today

The Powerful Data GDPR Discovery & GDPR Redaction System