Where does our data go?

SART deploys as a Docker container inside your perimeter. SAR bundles, classifications, and the audit ledger never leave your network. No multi-tenant SaaS, no cross-customer training.

What does the ICO see if challenged?

A hash-chained evidence pack: every passage decision with rule ID, reasoning, reviewer identity, and timestamps. Tamper-evident by construction and reproducible from inputs.

Which exemptions does it cover?

MVP ruleset covers third-party personal data (TP-PII), not-relevant material (NOT-REL), legal professional privilege (LPP), and management negotiations (MGMT-NEG). Additional rules are added under quarterly logic review.

How long does a pilot take?

Two to six weeks from kickoff to first defensible bundle, depending on document volume and IT review cycles. Pilots are scoped per housing association.

Founding pilots open — UK housing associations only

SAR Compliance for Housing Associations.
Automated.
Defensible.

SART (Subject Access Request Triage) triages Subject Access Requests, recommends defensible redactions against UK GDPR and the Data Protection Act 2018, and emits a hash-chained audit trail your DPO can sign in front of the ICO.

Request a Triage Demo See the pipeline

1 mo.: ICO statutory clock
4 rules: MVP exemption ruleset
Zero data egress: Stays inside your perimeter

The problem

SARs arrive faster than housing teams
can defend them.

A request lands. The clock starts. Officers wade through tenancy files, repairs logs, complaint threads and management emails — applying exemptions from memory under deadline. One wrong redaction is an ICO complaint waiting to happen.

No defensible record

Decisions live in officers' heads. When the ICO asks why a passage was redacted, the answer is recollection.

Inconsistent rule application

Third-party PII, LPP, management negotiations — each officer interprets differently. Outcomes drift case to case.

Statutory pressure

One-month deadline, complex bundles, complaints arriving alongside the request itself. Triage becomes triage of triage.

The solution

Three agents that read every page.
One officer who signs the bundle.

SART runs a forensic-discovery, classification, and adversarial-audit pipeline over your SAR bundle, then hands a fully-reasoned draft to your reviewer. They apply the statutory test. They sign. Done.

Forensic discovery

Subject resolution across name variants, addresses, reference numbers. Ambiguous matches flagged for review — never silently assumed.

Defensible classification

Per-passage recommendations against a versioned ruleset. Every call cites the rule ID and the reason it applies.

Adversarial audit

A red-team agent challenges every recommendation before it reaches your reviewer. Disagreement is logged, not silenced.

The pipeline

From intake to evidence pack.
Five visible stages.

Each stage has named inputs, outputs, and a responsible role. Nothing is hidden inside a black box.

1Stage 01
Intake
Bundle assembly, identity-of-requester checks, scope clarification.
2Stage 02
Discovery
Agent 1 resolves the subject across the bundle. Ambiguous → review.
3Stage 03
Classify
Agent 2 applies the ruleset, one passage at a time, with reasoning.
4Stage 04
Audit
Agent 3 red-teams Agent 2. Disagreements escalated, not suppressed.
5Stage 05
Sign-off
Reviewer applies the statutory test and signs. Hash-chained bundle exported.

101
Intake
Bundle assembly, identity-of-requester checks, scope clarification.
202
Discovery
Agent 1 resolves the subject across the bundle. Ambiguous → review.
303
Classify
Agent 2 applies the ruleset, one passage at a time, with reasoning.
404
Audit
Agent 3 red-teams Agent 2. Disagreements escalated, not suppressed.
505
Sign-off
Reviewer applies the statutory test and signs. Hash-chained bundle exported.

Read the full agent pipeline

A note on defensibility

Defensibility is not a feature.
It is the shape of the work.

A SAR response is only as defensible as the trail behind it. If an officer cannot reconstruct, in writing, why a passage was redacted, when, and against which rule — the bundle is exposed.

SART does not try to make redaction faster by hiding the reasoning. It makes redaction faster by writing the reasoning down in the same motion it is produced. Speed and defensibility are the same artefact, not a trade-off.

Why housing associations

Built for the bundle.
You actually receive.

Tenancy files, repairs and ASB logs, complaints threads, safeguarding flags, internal management negotiations. SART is trained on the shape of SARs that hit housing officers — not generic enterprise email.

Typical bundle

illustrative

Tenancy32%
Repairs / ASB24%
Complaints18%
Mgmt. negotiations14%
Safeguarding12%

Third-party tenant data (TP-PII) detection across mixed correspondence
Repairs/ASB logs with multiple data subjects in a single record
Complaints and management-negotiation threads (MGMT-NEG)
Legal professional privilege (LPP) markers across email chains
Safeguarding flags surfaced for human review — never auto-released

The guardrail

Decision support.
Not legal advice.

Hash-chained ledgerlive

sha256:a4f1c2e9b3d7…9c→sha256:b08c1d4a72ef…2e→sha256:f37d96b1ce04…11→sha256:27ae5310bc8d…7a→sha256:9d4e0177af2b…c3→sha256:5fa1b6048d3e…81→sha256:e2c704a91b6f…44→sha256:08bd97ce0312…5d→sha256:a4f1c2e9b3d7…9c→sha256:b08c1d4a72ef…2e→sha256:f37d96b1ce04…11→sha256:27ae5310bc8d…7a→sha256:9d4e0177af2b…c3→sha256:5fa1b6048d3e…81→sha256:e2c704a91b6f…44→sha256:08bd97ce0312…5d→

tamper-evident

reproducible

ICO-aligned

SART does not redact your bundle. It recommends. Every passage decision is a draft with a rule citation and reasoning, waiting for a named reviewer at your housing association to apply the statutory test and sign.

That separation is the product. The audit trail captures who saw what, who decided what, and when — so when challenged, the defensible answer is on paper before the question is asked.

See the evidence ledger Read the guardrails FAQ

Frequently asked

Questions DPOs ask.
Before pilot.

Run your next SAR.
Through SART.

Pilot slots are limited to UK housing associations. Two-to-six-week engagement, on-prem deployment, one signed bundle at the end.

Request a Triage Demo See pricing

SAR Compliance for Housing Associations.Automated.Defensible.

SARs arrive faster than housing teams can defend them.

No defensible record

Inconsistent rule application

Statutory pressure

Three agents that read every page.One officer who signs the bundle.

Forensic discovery

Defensible classification

Adversarial audit

From intake to evidence pack. Five visible stages.

Intake

Discovery

Classify

Audit

Sign-off

Intake

Discovery

Classify

Audit

Sign-off

Defensibility is not a feature.It is the shape of the work.

Built for the bundle.You actually receive.

Decision support.Not legal advice.

Questions DPOs ask. Before pilot.

Does SART give legal advice?No — decision support only. Your DPO signs every bundle.

Where does our data go?Nowhere. Docker container, inside your perimeter.

What does the ICO see if challenged?A hash-chained evidence pack — tamper-evident by construction.

Which exemptions does it cover?MVP ruleset: TP-PII, NOT-REL, LPP, MGMT-NEG.

How long does a pilot take?Two to six weeks, kickoff to first defensible bundle.

Run your next SAR.Through SART.