🔍 GDPRScanner
Connect to Microsoft 365
Enter your Azure app credentials to sign in.
Client Secret: app accesses all users' data directly (Application permissions, no sign-in required).
you sign in as yourself and can only scan your own data unless you're a Global Admin.

Connect to Microsoft 365

Go to microsoft.com/devicelogin
and enter this code
⏳ Waiting for sign-in…

Bulk Delete

Permanently removes items from Microsoft 365. Emails go to Deleted Items; files go to the recycle bin.
Filter what to delete

⚙ Settings

Appearance
About
🔍 GDPRScannerv{{ app_version }}
Python
MSAL
Requests
openpyxl
Admin PIN
Required for destructive actions (e.g. Reset DB). Leave blank to disable.
Viewer PIN
A numeric PIN (4–8 digits) that lets anyone open /view in a browser for read-only access to results without a token URL.
Interface PIN
A numeric PIN (4–8 digits) that must be entered before accessing the main scanner interface. Viewers accessing /view are not affected.
🕐 Scheduled scans
Run scans automatically at a set time. Requires an active M365 connection (application mode recommended).
Recent runs
Email report (SMTP)
Database
Actions
Compliance Audit Log
Time Action Detail IP
Loading…

Enter admin PIN

🔍 Data subject lookup

Find all flagged items containing a given CPR number. The CPR is hashed before querying and is never stored in plaintext.

✉ Email report

Configure SMTP settings to send the scan report by email.
STARTTLS (port 587)
SSL (port 465)
Comma or semicolon separated

Share results

Read-only links let a DPO or reviewer browse results and tag dispositions without access to scan controls or credentials.
New link
Label (optional)
Scope
Items from
Items until
Expires in
Active links
Viewer PIN:

🔍 GDPRScanner

v{{ app_version }}
Python
MSAL
Requests
openpyxl

⚙️ Source management

Connection
☁️
Not connected
Azure credentials
Sources to scan
📧
Exchange / Outlook
💾
OneDrive
🌐
SharePoint
💬
Teams
Connection
🔵
Not connected
Auth mode
Service account credentials
Download from Google Cloud Console → IAM & Admin → Service Accounts → Keys → Add Key → JSON
Used for domain-wide delegation — must be a Workspace super-admin.
Setup required in Google Workspace:
1. Create a Google Cloud project and enable Gmail API + Drive API + Admin SDK.
2. Create a service account, download the JSON key, and enable domain-wide delegation.
3. In Workspace Admin → Security → API Controls → Domain-wide delegation, add the service account client ID with scopes:
https://www.googleapis.com/auth/gmail.readonly, https://www.googleapis.com/auth/drive.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly
File sources
No file sources yet.
Add source

📁 File Sources

No file sources yet. Add a local folder or network share below.
Add source
Profiler
No saved profiles yet.
Rediger profil
Klik på en profil for at redigere

📥 Import Database

Select a previously exported .zip file. Merge adds dispositions and deletion log. Replace wipes and fully restores.