Cryptographic verification for GDPR Article 17, the California DELETE Act, and SOC 2 audits. Open source. Public log.
Regulators and auditors ask the same question: how do you prove data was actually deleted? Most organizations answer with screenshots and spreadsheets. The EDPB found that 47% of organizations can't address deletion in backups.
VD encrypts data in your environment, splits the encryption key between independent guardians using Shamir's secret sharing, and on deletion, the guardians destroy their key shares with signed attestations. A Scanner Agent independently confirms data is gone from your databases. The whole thing is recorded on a public log and packaged into a signed W3C Verifiable Credential receipt.
Because data was encrypted before storage, destroying the key renders all encrypted copies permanently inaccessible: live databases, backups, replicas, warehouse copies. No backup scanning required.
Your data never leaves your servers. VD never sees plaintext. MIT licensed. Built by Ephemeral Social PBC.
| # | Commitment | Method | Status |
|---|