• Is your sensitive data really safe?

    Protect the personal data stored in your documents with the latest in anonymisation software.



  • The problem

    Changes to Regulatory powers that govern data security will mean that it is very likely most organisations will be at risk of failing the most fundamental GDPR compliance test. If the worst thing happens and a data breach occurs, the consequences could mean personal fines for board members and in extreme circumstances custodial sentences.


    Transaction data held within content collaboration sites e.g. virtual data rooms are particularly vulnerable. In December 2014, a major incident involving theft of M&A data by a group of hackers dubbed "Fin 4" saw an increased concern for data security in M&A transactions. Given the ever-sophisticated evolving threat landscape coupled with new EU data protection laws now in force since May 25th, 2018, Dataroom providers and especially end users should increase their awareness about data security exponentially so that breach attempts can be minimised.


    The European Union's new General Data Protection Regulation demands that stored data on people in the EU undergo either an anonymization or a pseudonymization process.


    The truth is that data breaches today are inevitable. Sooner or later, you’re going to get attacked, and when that happens the regulators will investigate closely whether you did enough to keep your customer and employee data safe and secure. The GDPR also grants new rights to data subjects to complain about aspects of your data handling and protection. It will enable breach victims to launch joint legal cases against organisations more easily.


    How prepared are you and your organisation in preventing data breaches and managing Information Security in a way that minimises the effect of malicious cyber-attack or an accidental breach event?



  • What we do

    Anonymization is the process of either encrypting or removing personally identifiable information from data sets so that the people whom the data describe, remain anonymous. Isolating and protecting your sensitive data is the foundation for proper governance, data security and control.


    Guardum is the world’s simplest business app for cyber resilience and data governance, with a focus on protecting unstructured data held on third-party content collaboration platforms e.g. data rooms. A simple three step process helps you to define the relevant personal identifiable information, apply anonymisation and or intelligent redaction techniques, whilst continuing to scan and protect the data environment.

    In control of your data

    GuardumProtect™, is our fully documented object orientated API set which allows your development team to control exactly how these extensions to your solution are implemented and deployed.


    By allowing the implementation to work alongside and within your existing solution, there is a significant data governance advantage over external third party cloud based solution providers in terms of time lag and cost. Whilst compliance and due diligence platforms are necessary in order to maintain good security and governance, they are undoubtedly a tiresome cost centre for organisations. Not anymore. Data room and eDisclosure platform providers for example, can now turn what traditionally was a commoditised product offering into a revenue generating model.


    Security of data

    With a proven solution already deployed, access to the document, via our API you retain complete control of the environment and documents being scanned.


    GuardumProtect™ is equipped to cope with the task of data anonymisation using a variety of data masking techniques including: Redaction, Scrambling, Anonymisation, and Redaction.


    Anonymisation techniques are encouraged within the GDPR as part of a good data governance regime. Ultimately, implementing a "privacy by design culture" through clever automation of these various tools will reduce the cost of compliance.






    Integrating with your solution directly, GuardumProtect™ allows the information to be processed locally so there is no delay.


    Processing alongside your solution means there is no additional bandwidth required.















    Platform agnostic

    Our solution supports and can be integrated into the following environments:

    • Microsoft Window
    • Lamp Stack
    Our software can be integrated seamlessly within your own solution and is compatible with .NET, Python, Mono or Java environments.
    GuardumProtect™ has been developed by network security professionals in response to the new data protection requirements exercisable under the GDPR, and is a member and contributor to the UKAN network (the UK Anonymisation Network). UKAN has been set up as a means of establishing best practice in anonymisation and aims to maximise the value of data, minimise the risks to privacy and preserve public confidence by collating best practice in anonymisation from a wide range of experienced practitioners.
  • 25% of employees

    Would sell company data for less than $8,000

    90% of tech crimes

    Committed by employees

    40% of breaches

    are carried out by insiders

    $3.6 million

    The cost of a single breach

  • Solutions


    Personal information protection on an enterprise scale

    Software that can find personal information in unstructured files (documents, email archive etc.) provide a DPIA which ranks the data on how sensitive it is using a unique algorithm and then automates the data protection process by applying either a redaction mask or anonymisation if the native file is available.


    Digital mail room app

    GuardumDigitalMail is a standalone Digital Mailroom app which integrates with existing scanning software and applies personal information classification, risk rating and protection. The software Streamlines the capture of incoming mail—including paper, email, fax, or at the Point of Origination —and deliver structured electronic information to your bank’s business systems so that you can read it anywhere in the world in real time.


    The ultimate in Data Subject Access Request Tools

    Receiving a DSAR (Data Subject Access Request) can be a headache for organisations to comply with given the disparate nature of where the data resides, coupled with the aggressive timing imposed by the regulator to respond (30 days). GuardumDSAR™ is a bespoke product which uses the Ufoundme™ technology to locate personal information on individuals, organisations, clients, IP, trade secrets etc whose details might not be known.

  • use cases

    Subject Access Requests

    This right, commonly referred to as subject access, is created by section 7 of the Data Protection Act.


    A response to any request is expected within 30 days of the submission, under the newly implemented GDPR. GuardumProtect™ provides lightning-quick identification and isolation of sensitive data not only for the requesting data subject, our algorithm also identifies personal information relating to other data subjects (even if their name is not known) and offers a choice of intelligent content masking, anonymisation or redaction techniques to comply with the GDPR.

    Virtual Data Rooms

    Anonymisation or Pseudonymisation are processes which reduce the risk profile within transactional data rooms. These techniques assist “data processors” in fulfilling their data compliance regulations and are "highly recommended" as a process within GDPR.


    Operational compliance is a major issue. Adding Metadata fields to make searching for hidden data much easier and automating the data classification process using GuardumProtect™for use in eDiscovery investigations to adhere to the new GDPR measures, will save time and cost.

    Virtual Board Sites

    Virtual Board sites contain not only commercially sensitive information, they also host highly sensitive personally identifiable information, which requires protection under the GDPR. Board names, addresses, telephone numbers, employee status and details of ethnicity the list goes on. Protect your data with this philosophy:


    Security of data during transfer - Data Masking? No. Encryption? Yes.

    Security of static data - Data Masking? Yes. Encryption? Yes.

    Continuous availability of data for applications - Data Masking? Yes. Encryption? No.

    Digital Mailroom

    Track, review and modify information at any point in the process via analytics dashboards; digital mailroom automation software can enhance decision-making based on real-time information to increase throughput and revenue generation.

  • Contact Us

    15 Bishopsgate, London, EC2N 3AR
    +44 7380 193014
  • Connect With Us

DISCLAIMER: Please take notice of the following,

LEGAL DISCLAIMER: Data privacy The security of your personal data is extremely important to the Guardum Holdings. We handle the data entrusted to us with the utmost care, with strict confidentiality and in compliance with legal requirements. Our data privacy statement is intended to provide you with transparent information on what kind of data we collect, process and store and for what purpose.

Copyrights © Copyright Guardum Holdings. All rights reserved. Any text, images, graphics, animations, videos, sound files and other objects, as well as their arrangement on the website, are subject to copyright and other protective laws. The content of this website may not be copied for commercial use, distributed, modified or made accessible to third parties without the prior written consent of Guardum Holdings. Please note that some images contained on the website are subject to the copyrights of third parties.

Trademarks Unless otherwise indicated, all trademarks on this website are subject to trademark rights for Guardum. This particularly applies to brands, logos and emblems. Licences Guardum Holdings wishes to present you with an innovative and informative website. The intellectual property contained therein is protected, including patents, brands and copyrights. No licences are granted via this website for the use of the intellectual property of the Guardum Holdings or third parties, unless expressly stipulated otherwise.

Liability Guardum Holdings generates and updates the content presented on our website with the greatest possible care. However, we can offer no guarantee that the content provided is accurate, up to date and complete.

Any liability for damages arising directly or indirectly from the use of this website shall, to the extent permitted by law, be excluded. This limitation of liability shall not apply in the event of injury to life, limb and health or for damage caused due to an intentional or grossly negligent breach of duty on the part of Guardum Holdings.

Guardum Holdings assumes no responsibility for the technical functionality (particularly the absence of viruses) and content of any third-party websites to which there are references or links on this website.




1.1	When the following words with capital letters are used in these Terms, this is what they will mean:
Additional Fees: our charges for Extended Services as set out on our Website from time to time;
Content: the data and information comprised in the Services;
Customer Data: your data provided to Us by you by your Users in relation to the Services;
Event Outside Our Control: is defined in clause 13.2;
Extended Services: additional services beyond the Services that may be requested by you;
Fees: our charges for the Services as set out in these Terms and/or contained on our website as updated from time to time;
Information: means any commercial, technical and other information and data (of whatever nature and form) proprietary to you which is disclosed by you or on your behalf in relation to the Services and/or the Extended Services;
Services: the services set out in the Benefits Schedule and/or contained on our website as updated from time to time and/or as contained on your receipt/confirmation of purchase ; 
Terms: the terms and conditions set out in this document; 
Subscription: the subscription purchased by you pursuant to clauses 3 and 6 which entitles you to access and use the Services in accordance with these Terms;
Users: your employees, agents and independent contractors authorised by you to access the Services;
We/Our/Us: GUARDUM HOLDINGS LIMITED (England & Wales company number 10309917) with registered office address 51 Clarkegrove Road, Sheffield, United Kingdom, S10 2NH; and
Website: our website.
1.2	When We use the words "writing" or "written" in these Terms, this will include e-mail unless We say otherwise.


2.1	These are the terms on which We provide your Subscription to the Services.  Please ensure that you read these Terms carefully.  A contract will be formed once We have received payment from you for the correct sum for your Subscription.

3.1	When you pay for your Subscription you have the right to access the Services.  The Fees are charged whether you use all, part or none of the Services and if you don’t use the Services then you are not entitled to a refund or partial refund. 


4.1	During the Subscription Period, you may wish to buy Extended Services.  The Extended Services will be subject to Additional Fees depending upon which of the Extended Services you buy.  In general, you will pay any Additional Fees directly to us.  For some parts of the Extended Services, you will enter into a direct contract with the third party provider and will pay them directly.


5.1	Subject to you paying for the Fees and compliance with these Terms, We give you a non-exclusive, non-transferable right to access and use the Services during the Subscription Term solely for your internal business operations.  
5.2	You agree:
(a)	you will keep secure and ensure that all Users will keep their password confidential;
(b)	you will not access or use all or any part of the Services in order to build or provide a product or Services which competes with the Services.
5.3	You will use best endeavours to prevent any unauthorised access to, or use of, the Services and, tell us promptly of any unauthorised access or use.
5.4	You own Customer Data and you will have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data.  You will indemnify us against any and all losses arising from the Customer Data.
5.5	Whilst periodic back-ups of some of the data stored by the Services are carried out, We do not guarantee that these will be done.  You agree not to rely on this and you will retain your own back-ups of this information as necessary and appropriate for your own business purposes. 


6.1	We charge you Fees.  The Fees will be as set out in the Fee Tariff at the end of these Terms.  You will pay the Fees to Us in accordance with this clause 6.
6.2	When you pay Fees, you will provide us with credit card details.  You will keep these details up to date and complete and will ensure that we have details of a valid credit card at all times.
6.3	You authorise Us to bill this credit card for your Fees on renewal of your current subscription period (monthly or annually).  If you do not want your current subscription period to be renewed (and the Fees paid), you must terminate this agreement with us via the Service.
6.4	If We do not receive payment within 7 days after the renewal date, and without prejudice to our other rights and remedies We may, without liability to you, disable your password, account and access to the Services and We will be under no obligation to provide any or all of the Services while the Fees for renewal remain unpaid.  If Services are used within the 7 days after the renewal date, We reserve the right to recover the annual subscription from you as a debt and/or treat the agreement as terminated as at the renewal date.  In that event You shall not be entitled to the benefit of any of the Services used.
6.5	All amounts and fees stated or referred to in these Terms:
(a)	will be payable in pounds sterling;
(b)	are, non-cancellable and non-refundable;
(c)	are exclusive of value added tax, which will be added at the appropriate rate.
6.6	We can increase the Fees at the start of each Subscription Period on 30 days' prior notice to you as notified to you or on our Website and the Fee Tariff will be deemed amended accordingly.


7.1	We may revise these Terms to take into account changes in the law or regulatory requirements.  You can choose to cancel the contract in accordance with clause 14. 

8.1	We provide elements of the Services and/or the Extended Services through selected third parties.  Some parts of the Services and/or the Extended Services will require you to agree certain terms applicable between you and the third party (an example is insurance cover which is not provided directly by us).  
8.2	We do not guarantee that the Content, will always be available or be uninterrupted.  We may suspend, withdraw, discontinue or change all or any part of our Services without notice.  We will not be liable to you if for any reason our Services is temporarily unavailable.
8.3	We will make every effort to make the Content available at all material times.  However, there may be delays, interruptions or other issues due to an Event Outside Our Control.  See clause 13 for Our responsibilities when an Event Outside Our Control happens.  
8.4	We cannot guarantee that the data in the Content will be accurate, up to date and complete at all times.  A number of factors can impact on this such network connectivity, data connectivity, network issues, bandwidth, spurious data created by users, malicious activity by third parties and various other factors.  
8.5	We may have to suspend the Services if We have to deal with technical problems and routine maintenance.  Where possible, we will try to let you know in advance through the Services where this occurs, unless the problem is urgent or an emergency.  
8.6	We do not promise that the Services will be uninterrupted, error-free, or completely secure. You acknowledge that there are risks inherent in Internet connectivity that could result in the loss of your privacy or Information.


9.1	You licence Us to use the Customer Data (even after this contract ends) (i) to provide the Services (which may include passing Customer Data to third parties for their use) and other services we may provide to you; and (ii) for our internal business purposes.  
9.2	We (or our licensors) own the Content (other than ‘Customer Data’) accessible through the Services (‘Protected Material’).
9.3	You will not reproduce in whole or in part, or use in any other way the Protected Material or any other intellectual property rights accessible through the Services (save that you are permitted to produce reports generated by the Services for your own internal business purposes).
9.4	We only supply the Services and/or the Extended Services for use by your business.  You agree not to use the Services and/or the Extended Services or the Protected Material for any other commercial, business or re-sale purpose.
9.5	We own (or are licensed to use) all intellectual property and other rights in the Website. 
9.6	You will indemnify us against any and all claims, losses or otherwise arising from the use of Protected Material or any other intellectual property rights accessible through the Services.


10.1	In respect of Information, We will:
(a)	treat it as strictly confidential;
(b)	not divulge it (in writing or orally) to any third party (save for the provision of the Services and/or the Extended Services and/or any other services we may provide to you pursuant to clause 9.1 above); and
(c)	not make use of it except for the provision of the Services and/or the Extended Services and/or any other services we may provide to you.
10.2	The obligations in this clause 10.1 will not apply to Information which:
(a)	is public knowledge or subsequently becomes public knowledge through no act or failure to act on Our part;
(b)	We can show by written records was known to it at the time of receipt and is not the subject of any restriction on disclosure imposed by a third party;
(c)	is disclosed to Us by a third party without restriction and without breach of these Terms;
(d)	is released without restriction by you to anyone; or
(e)	is disclosed by Us with your prior written consent.


11.1	We will use personal information provided to Us to:
(a)	provide the Services and/or the Extended Services and/or any other services we may provide to you pursuant to clause 9.1 above; and
(b)	as set out in more detail in Our privacy policy available on our Website.
11.2	If We process any personal data on your behalf under these Terms, the parties record their intention that you will be the data controller and we will be a data processor and in any such case:
(a)	although, in practice, we expect to be storing personal data primarily within the EEA, you agree that the personal data may be transferred or stored outside the EEA or the country where you and the Users are located in order to carry out the Services and Our other obligations under this agreement;
(b)	you will ensure that you are entitled to transfer the relevant personal data to Us so that We may lawfully use, process and transfer the personal data in accordance with this agreement on your behalf;
(c)	you will ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable data protection legislation;
(d)	We will process the personal data only in accordance with the terms of this agreement and any lawful instructions reasonably given by you from time to time; and
(e)	each party will take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage.


12.1	We do not exclude or limit in any way Our liability for:
(a)	death or personal injury caused by Our negligence or the negligence of Our employees, agents or subcontractors;
(b)	fraud or fraudulent misrepresentation;
(c)	breach of the terms implied by section 2 of the Supply of Goods and Services Act 1982 (title and quiet possession); and
(d)	breach of the terms implied by sections 3, 4 and 5 of the Supply of Goods and Services Act 1982 (description, satisfactory quality, fitness for purpose and samples). 
12.2	We have no liability to you for any loss of profit, loss of business, business interruption, or loss of business opportunity or other consequential losses.
12.3	Due to the nature of the Services, the Extended Services and the Content you accept (to the extent permitted by law) that our liability to you under or in connection with these Terms (including your use of any Service and/or the Extended Services) whether in contract, tort (including negligence) or otherwise will be limited to the total Fees and Extended Fees during the 12 months immediately preceding the date on which the claim arose.  This does not apply to the types of loss set out in clause 12.1. 

13.1	We will not be liable or responsible for any failure to perform, or delay in performance of, any of Our obligations under these Terms that is caused by an Event Outside Our Control.  
13.2	An Event Outside Our Control means any act or event beyond Our reasonable control, including without limitation strikes, lock-outs or other industrial action by third parties, civil commotion, riot, invasion, terrorist attack or threat of terrorist attack, war (whether declared or not) or threat or preparation for war, fire, explosion, storm, flood, earthquake, subsidence, epidemic or other natural disaster, or failure of public or private telecommunications networks.
13.3	If an Event Outside Our Control takes place that affects the performance of Our obligations under these Terms: 
(a)	We will contact you as soon as reasonably possible to notify you; and
(b)	Our obligations under these Terms will be suspended and the time for performance of Our obligations will be extended for the duration of the Event Outside Our Control.  
13.4	You may cancel the contract if an Event Outside Our Control takes place and you no longer wish Us to provide the Services.  We may cancel the contract if the Event Outside Our Control continues for longer than 2 weeks in accordance with Our cancellation rights in clause 14.

14.1	You can terminate your current Subscription at any time through the Services effective at the end of the current Subscription Period.  Any Fees paid for this Subscription Period will not be refundable.

15.1	Once We have begun to provide the Services to you, We may cancel the contract for the Services at any time (i) to be effective as of the end of the current Subscription Period without further liability to you; or (ii) at our option to be effective 1 month from the date of such notice provided we refund you on a pro rata basis for each complete month left of your Subscription as of the effective date of termination.  
15.2	We may suspend the Services or terminate this contract at any time with immediate effect if you are in breach of this contract.


16.1	If you wish to contact Us please do so at www.guardum.com

17.1	You may terminate the Agreement for breach if we materially fail to provide the Services as agreed and do not remedy that failure within one month of your written notice describing the failure. Any Fees paid for this period will not be refundable.


18.1	We may transfer Our rights and obligations under these Terms to another organisation, and We will notify you by email or through the Services if this happens, but this will not affect your rights and obligations under these Terms.  
18.2	This contract is between you and Us.  No other person will have any rights to enforce any of its terms under the Contracts (Rights of Third Parties) Act 1999.  
18.3	Each of the clauses of these Terms operates separately.  If any court or relevant authority decides that any of them are unlawful, the remaining clauses will remain in full force and effect.
18.4	If We fail to insist that you perform any of your obligations under these Terms, or if We do not enforce Our rights against you, or if We delay in doing so, that will not mean that We have waived Our rights against you and will not mean that you do not have to comply with those obligations.  If We do waive a default by you, We will only do so in writing, and that will not mean that We will automatically waive any later default by you.  
18.5	These Terms are governed by English law.  You and We both agree to submit to the non-exclusive jurisdiction of the English courts.  
18.6	This agreement constitutes the entire agreement between the parties and supersedes and extinguishes any previous correspondences, understandings, negotiations, drafts or assurances, whether written or oral as between the parties.
18.7	Neither party shall commence any legal action against the other after the expiry of 6 years from the date the Services were last provided.


Our Fee for the Subscription Period of one year is (the full sum being due in either case):
£2,700 if paid by Monthly Direct Debit;
£2,500 if paid by one annual payment.
The Services will include the following:
•	Breach Notification Cover 
•	90-minute "taster" cyber security training course 
•	Information Security Seminar for Companies – Focused on industry types, an initial CDCAT cyber competency assessment (Cyber MOT), and a cyber essential examination. Included is any remedial action needed to successfully achieve certification at the basic cyber essential standard 
•	Initial GDPR assessment and status report