[ LGPD ][ MASKING ][ AUDIT ][ LINEAGE ]

pattern · /solutions/lgpd-compliance

LGPD as aview definition

Mask PII, evidence consent, prove lineage — built into the query layer, not bolted on top of dashboards. The DPO's worklist becomes a SQL query that runs in seconds.

Start free trial Talk to sales

[ 01 / 05 ]Capabilities

// What you get //

Three primitives that LGPD asks for

Mask, audit, and prove — all in the query path, all by default.

Mask PII at the view layer

Email, CPF, phone, address — classified once, masked everywhere. Per-role visibility (auditor sees full, analyst sees hash, agent sees domain).

Audit by default

Every read logs identity, query, policy decisions and rows returned. Retention configurable from 30 days (Starter) to indefinite (Enterprise).

Lineage as evidence

Column-level lineage means every PII flow has a graph. Use it to answer 'where does this datum live, who touched it, and under what consent?' in minutes — not weeks.

[ 02 / 05 ]Architecture

// Reference flow //

From sources to DPIA-ready

Four steps. Same view definition. Compliance evidence as a side effect.

step · 01

Connect

sources scanned for pii classes

step · 02

Classify

cpf · email · phone · pis · address

step · 03

Govern

mask.per_role · consent.gate · audit.all

step · 04

Evidence

dpia · ropa · access reports · ttl

[ 03 / 05 ]Sample

// View definition //

A consent-gated customer view

One file: classify, mask, gate by consent, audit per read.

customer_consented.sql

-- LGPD Art. 7 + 18

CREATE VIEW analytics.customer_consented AS
SELECT
    c.customer_id,
    c.email,                           -- pii.email · mask.role
    c.cpf,                             -- pii.cpf   · mask.role
    c.phone,                           -- pii.phone · mask.role
    c.country,
    cn.purpose,
    cn.granted_at
FROM postgres.crm.customers       c
JOIN postgres.crm.consent         cn
       ON cn.customer_id = c.customer_id
      AND cn.purpose     = 'analytics'
      AND cn.revoked_at IS NULL
WITH POLICY
    pii_mask_per_role,
    consent_gate(purpose => 'analytics'),
    audit_all(retention => '12 months'),
    lineage_track
PUBLISH ON sql, rest, mcp;

[ 04 / 05 ]Outcomes

// Evidence //

What auditors actually receive

DPIA, RoPA and DSR exports as structured queries — not screenshots in PowerPoint.

100%

audit coverage

Every read across SQL, REST and MCP endpoints — logged, queryable, exportable.

by column

lineage depth

Track a CPF from source table → view → consumer dashboard, with timestamps.

raw pii to bi

Mask runs before the response leaves the engine. BI dashboards never receive raw PII unless explicitly authorized.

DPIA

ready

Built-in templates for DPIA, RoPA and access reports — exportable in CSV / PDF.

[ 05 / 05 ]FAQ

// LGPD FAQ //

What DPOs and auditors ask first

Plain answers focused on what evidence we produce and how.

No. Virtualization is zero-copy — PII lives in your source of truth. Cache is opt-in per view, configurable to exclude PII columns, and never crosses tenants.

// LGPD-ready by default

Ship a consent-gated view this week.

Trial includes the LGPD recipe template — classification, masking, consent gate and audit pre-wired.

Start free trial Talk to sales