DSAR Automation

Privacy compliance is one of the most under-resourced challenges for individuals and businesses navigating today's data landscape. People have the legal right to know what data companies hold on them, but exercising those rights manually is confusing, slow, and often ignored. DSARly was built to fix that. It lets users generate, send, and track Data Subject Access Requests in minutes, and summarizes privacy policies into plain language so anyone can understand what they're agreeing to.

DSARly is a full-stack SaaS product built with a modular architecture: a public-facing intake portal for submitting DSARs, an AI-powered policy summarizer, a business dashboard for compliance teams to manage and respond to requests, and a full audit trail for regulatory accountability. The backend is built on Next.js API routes with Supabase (PostgreSQL) for data persistence and row-level security. Authentication is handled via Supabase Auth with Google OAuth support.

DSARly reduces the friction of exercising data rights for consumers and the operational burden of handling them for businesses. Compliance teams get a structured inbox, automated status tracking, SLA monitoring, and AI-generated response drafts, replacing ad-hoc email workflows with a purpose-built tool.

• Designing a system that works for both sides of the DSAR relationship, the person submitting and the business responding
• Building multi-tenant team access with per-portal permission controls and role-based visibility
• Ensuring AI summaries are accurate enough for legal/compliance use through structured prompting and source attribution
• Handling account lifecycle edge cases such as team ownership transfers and cascading data cleanup on account deletion