← Back to Knowledge Hub
Microsoft 365 + Sanitica

Purview finds the problem.
Sanitica solves it.

Microsoft Purview controls access. Sanitica controls content. Together they ensure the right data goes to the right place. The original stays untouched with HR, and a clean copy goes to AI.

📄 SharePoint
🛡 Sanitica
🤖 Copilot
✓ Clean & Safe

Copilot reads everything the user can see

Purview labels documents as sensitive, but removes nothing. When Copilot reads a SharePoint folder, it reads every piece of PII in every document. Toggle to see the difference.

📄

Document uploaded to SharePoint

A hiring contract containing full name, national ID, salary, and health information.

🏷️

Purview scans and labels

Sets a “Confidential” sensitivity label on the document. The data inside remains completely untouched.

🤖

Copilot reads the document

An employee asks Copilot for a summary. Copilot reads EVERYTHING: national ID, salary, health data. It can surface all of it in responses.

👻

Shadow AI: employee copy-pastes

Unsatisfied with Copilot’s answer, the employee copies the text into ChatGPT or Claude on their phone. PII leaves the organization entirely.

⚠️ PII has leaked, both through Copilot and Shadow AI. Purview stopped nothing.
📄

Document heading to SharePoint

A hiring contract containing full name, national ID, salary, and health information.

🛡

Sanitica intercepts

Triggered automatically via Power Automate. PII removed at binary level. Audit log created. The clean copy continues to SharePoint.

📋

Clean document on SharePoint

Purview scans and finds nothing sensitive. The document is ready for use with no PII exposure risk.

🤖

Copilot reads a clean document

No personal data in responses. Even if the employee copy-pastes to external AI, nothing leaks. The data was already clean.

✓ Zero PII leaked. Neither through Copilot nor Shadow AI. Audit log proves everything.

“But I configured Purview to restrict Copilot”

This is the most common objection, and it misses how GDPR actually works. Here’s why access boundaries alone are not enough.

1

Authorized access ≠ authorized AI processing

GDPR Article 5(1)(b) requires purpose limitation. Data collected for employment purposes (a hiring contract) cannot be automatically reprocessed for a different purpose (AI indexing, summarization, search). Even if HR has legitimate access to the document, having Copilot process it is a new processing activity that requires its own legal basis under Article 6.

2

Data minimization applies even within authorized access

GDPR Article 5(1)(c) demands that data processing be “limited to what is necessary.” When an HR employee asks Copilot “summarize this contract,” Copilot reads the candidate’s national ID, salary, emergency contacts, and bank account number. None of that is necessary for a summary. Purview cannot enforce field-level minimization. It works at the document and folder level only.

3

Over-restricting access defeats the purpose of Copilot

The value of Copilot is organization-wide knowledge: cross-team search, synthesis, and collaboration. If you lock down access so tightly that Copilot can’t reach sensitive folders, you’ve made it nearly useless. Teams need access to do their jobs. The answer isn’t restricting access further. It’s cleaning the content that AI processes.

4

Purview doesn’t touch what’s inside the document

Sensitivity labels don’t remove tracked changes, comments, author metadata, revision history, or hidden text. A document labeled “Confidential” still contains every edit, every internal comment, and every piece of metadata it ever had. Copilot reads all of it, including data the user doesn’t even see on screen.

5

GDPR Article 25 explicitly requires pseudonymization

Data protection “by design and by default” isn’t optional. It’s a legal requirement. Article 25 specifically names pseudonymization as an “appropriate technical measure.” Purview provides access control, but it does not pseudonymize. That’s the gap Sanitica fills.

The bottom line: Purview answers the question “who can open this document?” But GDPR also asks: “Is every piece of data in this document necessary for this specific processing activity?” For AI workflows, the answer is almost always no. That’s why you need content-level protection alongside access control.

What Sanitica adds

Sanitica is not a replacement. It’s the addition that makes your Microsoft 365 environment truly safe.

Capability Purview alone Purview + Sanitica
Finds PII in documents ✓ Yes ✓ Yes
Labels sensitive documents ✓ Yes ✓ Yes
Removes PII from documents ✗ Labels but doesn’t clean ✓ Three modes: remove, pseudonymize, or metadata
Pseudonymization ✗ Not supported ✓ AI gets context without real identities
Prevents Copilot PII leaks ✗ Copilot reads everything the user can access ✓ Copilot reads a clean document
Prevents Shadow AI leaks ✗ No reach beyond Microsoft ✓ Documents already clean
Reaches Google / Dropbox / others ✗ Microsoft only ✓ Platform-agnostic
On-premises deployment ⚠ Limited ✓ Full on-prem
Metadata & tracked changes ⚠ Detects some ✓ Everything removed
GDPR audit trail ⚠ Activity log ✓ Detailed action record
Custom PII rules per organization ⚠ Limited ✓ Fully customizable

Three modes: not always remove, always control

The problem isn’t that personal data exists. The problem is when it goes to the wrong place. Sanitica offers three approaches based on your needs.

🧹
Full Clean
External AI / Shadow AI
Permanently remove all personal data. Nothing identifiable leaves your perimeter.
Jón Jónsson, kt. 150682-3249
[REMOVED], kt. [REMOVED]
🔀
Pseudonymize
Internal AI / Copilot / RAG
Replace real identities with consistent aliases. Your AI keeps context without processing real names.
Jón Jónsson, kt. 150682-3249
Individual-A7, kt. XXXXXX-XXXX
📋
Metadata Only
Client & Partner Sharing
Strip tracked changes, comments, author history, and hidden fields. The visible text stays intact.
Price: 80M → 60M → 50M
Price: 50M

The original never changes. HR, legal, and finance keep working with real data.

Set up in one day. No workflow changes.

Sanitica integrates with your existing Microsoft 365 environment without changing how your teams work.

STEP 01

Connect

Sanitica connects via Power Automate or as a network proxy. No changes to your SharePoint configuration.

STEP 02

Clean

Documents are sanitized automatically before they land on SharePoint. Binary-level removal of PII, metadata, and hidden layers.

STEP 03

Prove

An automatic audit log records exactly what was removed. Ready for GDPR, NIS2, and ISO 42001 audits.

Your employees use more than Microsoft

Even if you trust Microsoft 365, Sanitica protects your documents everywhere.

📁
Google Workspace
→ Sanitica ✓
📦
Dropbox
→ Sanitica ✓
📝
Confluence
→ Sanitica ✓
💬
Slack
→ Sanitica ✓
🏭
SAP / ERP
→ Sanitica ✓
📱
Shadow AI
→ Documents already clean ✓
🔒

Purview is the lock on the door

It decides who is allowed in. Labels, sensitivity policies, and permissions keep unauthorized users out.

+
🛡

Sanitica makes sure nothing dangerous is inside the room

Even authorized users, and their AI tools, only see what they need. PII, metadata, and hidden data are gone.

“The problem isn’t that personal data exists. The problem is when it goes to the wrong place.”

Right data in the right place

Right data in the right place

Add Sanitica to Microsoft 365 and ensure the original stays untouched, while AI systems never receive personal data.