
A subject access request gives someone the right to their personal data in every record you hold — with one calendar month to respond. SARequest finds it, redacts it, and assembles a complete response pack ready for your sign-off, so a request that used to cost thousands and weeks takes an afternoon to review.
No card required · UK-hosted · Founding pilot now open
When a current or former employee — or a customer, or a member of the public — submits a SAR, someone has to drop everything and respond. Get it wrong and it's an ICO complaint or a tribunal exhibit.
There's no time limit on a SAR. Every email, file, chat message and HR record you've ever kept on the person is potentially in scope — scattered across every system you run.
Other people's data has to be removed before disclosure. A black box over text that's still copyable underneath is a data breach — and one of the most common ways SARs go wrong.
One calendar month to respond. Miss it and you're exposed — and the right of access is now the single biggest source of ICO complaints, because manual searching and redaction simply takes too long.
Every document — pulled from your systems or scanned in — is screened automatically: what's relevant, what needs blacking out, what can be withheld. Nothing is sent until you've signed it off.
Record the request, start the statutory clock, and confirm the requester's identity — the safeguard that stops data going to the wrong person.
Connect your systems once. SARequest searches everything you've connected for records relating to the individual, however far back they go — and scanned paper records can be uploaded and made searchable too.
Third-party details are redacted and exemptions flagged for your review — with the reasoning shown, so you decide what stands.
Send a clean response pack by secure link, with a full audit trail evidencing a reasonable and proportionate search.
SARequest works on your electronic records. Paper files remain your responsibility to locate — but once scanned and uploaded, they're searched and redacted like everything else.
Microsoft 365 first — Outlook, Teams, OneDrive and SharePoint in one connection. On the roadmap, shaped by pilot demand: Slack, UK HR systems (BreatheHR, PeopleHR, BambooHR), Xero, and more.
Scanned paper records, exports from systems we don't connect to yet, or one-off files — drop them in and they become searchable and redactable alongside your electronic records. A checklist step records what offline sources you've checked.
A guided workflow for footage requests: checks your retention window, prompts the requester for dates and locations, and handles third-party face and number-plate blurring through a specialist redaction engine before disclosure.
You'd be letting us near your most sensitive records, often during a dispute. Here's exactly how that works — and where it stops.
Connect Microsoft 365 once, or grant access per request if you prefer. We only ever read a copy to answer a live request — your own systems are never changed, and nothing is touched between requests.
The search and first-pass redaction run automatically. Every decision — what's disclosed, what's withheld — is yours to approve before anything is sent. Our team has no routine access to your case content.
When the request is closed, the source data is purged. You choose how long the finished response pack is kept. Every step is logged as your audit trail.
Free tool. Enter the date you received the request and get your statutory deadline — including how the new "stop the clock" rules can affect it.
A complex SAR can cost £4,000–7,500 to handle by hand. We're building the tool that turns it into an afternoon's review — and shaping it around the first organisations who join.
You'd be connecting us to your most sensitive data, often during a dispute. That's why security isn't a feature here — it's the foundation.
Join the founding pilot. Tell us how you handle SARs today, and help shape the tool that makes the next one painless.
Join the pilot →