Find out where personal data is hiding across the files on your Mac — entirely on your device.
GDPR File Audit scans folders on your Mac (and mounted network drives) and reports the files that likely contain personal or sensitive information — names, e-mail addresses, phone numbers, national ID numbers, payment details and more. Each finding gets a confidence score and the surrounding evidence, so you can review, filter and export a report to support your data-mapping, Article 30 records, or a data-subject access request.
It is a detection and reporting aid. It uses heuristic detection, so it may miss things or flag text that isn't personal data. It does not make you GDPR compliant, does not give legal advice, and never modifies or deletes your files.
Tip: press the space bar on a selected row for a Quick Look preview. Use Scan Selected Only to re-scan a single file.
The summary cards show Files Scanned, Findings, High Risk and PII Types. The results table has these columns:
| Column | Meaning |
|---|---|
| Severity | The risk level of the file (see next section). |
| Status | How extraction went: Done, Parsed with warnings, Extracting, Queued, Classifying. |
| PII | The types of personal data found (e.g. Email, National ID, Phone, IBAN). |
| File name | The file. Select it to open the Inspector. |
| Type / Size | File format and size. |
| Findings | How many individual matches were found. |
| Last scanned | When the file was last analyzed. |
Use the Filter menu and the search field to narrow the list by severity, type, or file name/path. A coverage line shows how many files were scanned, skipped, failed, or seen in total.
| Severity | What it means |
|---|---|
| Critical | Strong signals of sensitive personal data (e.g. national IDs, payment details, special-category indicators). |
| High | Clear personal data present and worth reviewing. |
| Warning | Some personal data and/or the file parsed with warnings (partial extraction). |
| None | No personal data detected in this file. |
Risk is conveyed by both colour and a label, and each file also carries a numeric risk score in reports.
Selecting a file opens the Inspector (Pro), which shows:
e***@e***.com, 19******-**08) so you can verify without exposing the full value.Detection combines pattern matching, checksum validation (Luhn / IBAN / VAT) and on-device OCR for images and scanned PDFs. Set your country in Settings to tune local ID formats.
| Category | Formats |
|---|---|
| Documents | PDF · Word (.doc, .docx, .docm) · Excel (.xls, .xlsx, .xlsm) · PowerPoint (.ppt, .pptx, .pptm) · OpenDocument (.odt, .ods, .odp + templates) · Apple Pages, Numbers, Keynote · RTF / RTFD · plain text & markup (.txt, .md, .csv, .tsv, .log, .json, .xml, .yaml, .html, .svg, .tex) |
| .eml · .emlx · .mbox · Outlook .msg, .pst, .ost, .oft | |
| Images (OCR) | .jpg · .png · .heic · .tiff · .bmp · .gif · image-only PDFs |
| Databases | SQLite (.db, .sqlite, .sqlite3) · Parquet · Access (.mdb, .accdb) |
| Archives (opened automatically) | .zip · .7z · .rar · .tar · .gz · .tgz · .cpgz |
There is no fixed limit on the number of files you can scan — point it at an entire folder or drive. It has been validated scanning tens of thousands of files in a single pass.
Per-item safety limits keep scans stable on untrusted input:
| Limit | Default |
|---|---|
| Largest file read in full | 100 MB |
| ZIP archive contents | up to 5,000 entries / 1 GB uncompressed |
| Mailbox messages | up to 10,000 per mailbox |
| Image-only PDF OCR | up to 30 pages |
| Free preview | first 10 flagged files visible |
Files larger than the cap, offline/cloud-only placeholder files, and unsupported types are reported as skipped rather than failing the scan. Very large or network scans show a pre-scan warning with an optional Safe Mode.
| Free | Pro (one-time) | |
|---|---|---|
| Scan any folder | ✓ | ✓ |
| Totals, severity overview | ✓ | ✓ |
| Flagged files shown | first 10 | all |
| File Inspector | — | ✓ |
| HTML / CSV / PDF export | — | ✓ |
Pro is a one-time purchase, no subscription. Unlock it in Settings ▸ Unlock Pro. Reinstalled or on another Mac? Use Settings ▸ Restore Purchases — the unlock is tied to your Apple Account.
Open the Reports tab to see your scan jobs, a timeline, the top risky files, and coverage totals. With Pro you can export:
Turn on Open after export to open the file immediately, or use Show in Finder. You choose where files are saved — nothing is written without your action.
| Section | What you can do |
|---|---|
| General | See your plan, Unlock Pro / Restore Purchases, pick your Country, turn image OCR on/off and choose Fast or Accurate mode, clear recent folders. |
| Storage | See cache and temporary-workspace usage; clear the cache; open the cache folder. |
| History | See scan-history size; clear history; open the history folder. |
| Policy | Review and reset detection policy defaults (thresholds, ignore rules). |
Fast OCR is quicker and lighter on the CPU; Accurate recognises more text in low-quality images but is slower. OCR only runs when “Enable image OCR” is on.
macOS occasionally needs you to renew access. Click the re-authorize action and pick the same folder again.
That's expected for files over the size cap, offline/cloud-only placeholder files, password-protected files, or unsupported types. The coverage panel and report list what was skipped and why; the rest of the scan still completes.
Make sure Enable image OCR is on (Settings ▸ General) and try Accurate mode for low-quality scans.
Use Settings ▸ Restore Purchases while signed in to the Apple Account you bought with.
Email support@naslund.tv and we'll help.
GDPR File Audit is a detection and reporting aid that helps you locate likely personal data in your files. It uses heuristic detection and may produce false positives and false negatives. It does not guarantee compliance with the GDPR or any other regulation and does not constitute legal advice. You remain responsible for assessing and acting on its findings.