Compliance Scanner detects 60+ types of personal data — emails, IBANs, passports, SSNs — across 14 countries, directly in your spreadsheet. Then anonymizes it in one click.
Free forever · No credit card required
Built for DPOs, legal teams, IT admins, and developers who handle sensitive data in spreadsheets.
Email, phone, IBAN, credit cards, NIR, SSN, NINO, passports, driver's licenses, ID cards, IPs, GPS, API keys, Bitcoin addresses and more.
France, Germany, UK, Spain, Italy, US, Belgium, Canada, Switzerland, Netherlands, Poland, Sweden, Denmark, Australia.
Mask data with **** or replace it with SHA-256 hashes. Automatic backup created before any change. Reversible.
Instant risk assessment — Low, Moderate, or High — based on the sensitivity of detected data types. Understand your exposure at a glance.
Scan your entire workbook at once with the Pro plan. Get a detailed breakdown by sheet with total PII counts.
Export a ready-to-share compliance report in PDF format. Ideal for audits, DPA requests, or internal reviews.
No setup, no export, no third-party service. Works inside Google Sheets.
One click, free forever. No account required.
Extensions → Compliance Scanner → Open. The sidebar appears on the right.
Results appear in seconds. Each PII type is categorized by risk level with a full count.
Mask or hash all detected data. A backup is created automatically before any change.
Start free. Upgrade when you need more.
Forever free, no credit card
Cancel anytime
No. All scanning happens directly inside Google Sheets using Google Apps Script. Your data never leaves Google's infrastructure and is never sent to any external server.
You immediately revert to the Free plan (50-row limit, basic PII types). Your data is never deleted. You can resubscribe at any time.
Masking (****) is reversible via the automatic backup created before each operation. SHA-256 hashing is one-way and irreversible by design — use it when you need permanent anonymization.
Compliance Scanner works with all Google Workspace plans (Business, Enterprise) as well as personal Google accounts with access to Google Sheets.
Google requires that we clearly explain how we use the permissions you grant. Here is a complete and transparent breakdown.
Legal entity
Cadaero SARL (trading as Umbra Labs)
French company (SARL) — France
All PII scanning and anonymization is performed exclusively by Google Apps Script, running on Google's servers under your own Google account. No cell content is ever transmitted to, stored by, or accessible to Umbra Labs or any third-party server.
spreadsheets
Read & Write
Google Sheets — Read and modify your spreadsheet
Why we need it: To read cell values for PII detection, and to overwrite cells when you choose to anonymize data (mask or hash). Without this permission, the add-on cannot function.
What we do NOT do: We never copy, store, transmit, or share your cell content with any external system.
script.container.ui
UI only
Display the sidebar interface
Why we need it: To display the Compliance Scanner sidebar panel within Google Sheets. This permission only controls UI rendering — it grants no access to your data.
script.external_request
License validation only
Contact our license server
Why we need it: To validate your Pro license key against our server (cadaero.ovh/api/validate). The only data sent is your anonymous license key and an anonymous account identifier — no personal or spreadsheet data is involved.
drive
Pro Plan only
Save PDF compliance reports to your Drive
Why we need it: To create and save the PDF compliance report file directly to your Google Drive (Pro Plan feature). The file is created in your own Drive — Umbra Labs has no access to it.
What we do NOT do: We never read, list, or access any existing files in your Drive.
🇪🇺
GDPR Compliant
French company · CNIL jurisdiction
🔐
Google Limited Use Policy
Data used only to provide in-app features
📋
No Data Selling
Your data is never sold or shared
Read our full Privacy Policy for complete details on how we handle your data.
Free to install. No credit card. Takes 30 seconds.