01
Connect warehouse and SaaS systems
See the full compliance loop.
The live demo walks through how Chameleon discovers customer PII, flags undeclared fields, applies warehouse policy, executes deletion, and produces auditor-ready proof.
02
Scan configured tables, models, and columns
03
Register declared PII
04
Record ghost-data findings
05
Review policy status
06
Trigger deletion workflow
07
Confirm downstream removal
08
Generate deletion proof
A static preview of the product surface.
Overview dashboard
Registry health, policy drift, ghost data, and proof status.
Registry resources
54 BigQuery, 1 SaaSPolicy status
WARNmanual review requiredGhost findings
1canary email in stagingLast proof
ISSUEDcertificate storedRegistry view
Resources and deletion strategy from the PII registry.
| Resource | Layer | PII columns | Strategy | Status |
|---|---|---|---|---|
| chameleon_prod.raw_users | RAW | email_token, encrypted_pii, user_id | CRYPTO_SHRED | PASS |
| chameleon_prod.stg_users | STAGING | email, phone, user_id | CRYPTO_SHRED | WARN |
| chameleon_prod.int_customer_activity | INTERMEDIATE | user_surrogate_id | CRYPTO_SHRED | PASS |
| chameleon_prod.mart_customer_metrics | MART | user_surrogate_id | MANUAL_REVIEW | WARN |
Ghost findings
Scanner output with recommended action.
data.email
HIGHchameleon_prod.stg_users - EMAIL - 1 row
Register column or remove source data
user_surrogate_id
MEDIUMchameleon_prod.mart_customer_metrics - MART_IDENTIFIER - policy rule
Keep aggregate-only handling under review
Deletion proof
Lifecycle status for one deletion request.
User identifierusr_7f3a...91c2
Requestdelreq_2026_06_21_0042
StatusCERTIFICATE_ISSUED
BigQuerykey destroyed
HubSpotwipe succeeded
Salesforcesandbox receipt
GCS audit logsevidence retained
iss: Chameleon Key Vault
kid: cloud-kms-signing-key/versions/1
evidence: gs://chameleon-audit-logs/lineage_exports/
kid: cloud-kms-signing-key/versions/1
evidence: gs://chameleon-audit-logs/lineage_exports/
Integrations
Connection status for the demo control plane.
BigQuery
Connectedchameleon_prod and lineage_db
dbt
Policy sourcemanifest model metadata
HubSpot
Janitor readycontacts external wipe
Salesforce
Janitor readylead and contact wipe receipts
stg_users.data - policy check with ghost-data finding
| column | type | declared | finding |
|---|---|---|---|
| user_id | INT64 | yes | - |
| created_at | TIMESTAMP | yes | - |
| STRING | no | GHOST_DATA | |
| plan_tier | STRING | yes | - |
| phone_hash | STRING | no | SUSPECT_PII |
| region | STRING | yes | - |
| mrr_usd | FLOAT64 | yes | - |
| deleted_at | TIMESTAMP | yes | - |
PII discovery
Map customer data in BigQuery, maintain a live PII registry, and give compliance teams a clearer answer to where personal data lives.
Ghost data detection
Record ghost-data findings from configured warehouse scans, route suspicious fields for review, and reduce privacy drift in analytics workflows.
Deletion proof
Coordinate deletion workflows and produce proof records across warehouses and connected SaaS systems for audit-ready privacy operations.
Crypto-shredding
Crypto-shredding destroys the encryption key so every row that referenced it becomes unreadable instantly — no row scans, no missed copies, no race conditions with downstream caches.
GDPR right to erasure
Article 17 requires complete, verifiable deletion of personal data on request. This guide explains what auditors actually check, what counts as evidence, and how to produce a proof record that survives a regulator review.
BigQuery
Use Chameleon with BigQuery to map warehouse tables and columns, track PII policy, and support deletion proof workflows.
dbt
Connect dbt model metadata with Chameleon registry and policy workflows so privacy context follows warehouse transformations.
HubSpot + Salesforce
Track connected SaaS cleanup receipts for HubSpot and Salesforce as part of Chameleon deletion proof workflows.