DataMap

Scan your gmail to find accounts with your data. We use AI to analyze their privacy policies and check for breaches

Comment

DataMap

DataMap is a privacy-first web dashboard that acts as a "Discovery Engine" for your digital footprint. It solves the problem of "dark accounts"—the dozens of services, newsletters, and forgotten subscriptions you’ve signed up for over the years but no longer use.

Most people have over 100 online accounts, many of which sit idle, holding personal data hostage and waiting to be compromised in the next big data breach. DataMap helps you find them, understand the risks, and understand your digital life.

How It Works

Unlike browser-based extensions built on unreliable cookies or local history, DataMap connects directly to your gmail inbox to scan historical welcome and verification emails

1. The "Discovery" Engine

DataMap securely connects to your Gmail using the Gmail API to rapidly build an inventory of your linked services.

2. Risk Scorer (AI Policy Analysis)

Once an account is identified (e.g., Zoom, Canva, Spotify), DataMap evaluates its risk. It passes the service name to a Large Language Model (LLM) instructed to analyze the company's data practices and score them on:

  • Data selling prevalence
  • AI training usage
  • Account deletion difficulty

3. Breach Cross-Check

The app integrates directly with the Have I Been Pwned (HIBP) API. For every service mapped, it queries the database to see if that specific domain has suffered a known data breach, instantly flagging compromised accounts as Critical risks.

4. The DataMap Dashboard

The user interface features:

  • The Data Web: An interactive, graph mapping your central email to dozens of connected nodes (services).
  • Risk Quadrants: Accounts are categorized by risk (RED = Critical/Breached, YELLOW = Warning/AI Training, GREEN = Safe).
  • Risk Data: Clicking on each service will show information about the privacy policy. Plus metrics on data selling, AI training usage, know breaches, and rencent activty

🛠️ Tech Stack

Frontend (The Dashboard)

  • Core: Next.js 15 (React 19) w/ TypeScript
  • Styling: Custom CSS Modules featuring a dark-mode "glassmorphism" design system (Obsidian backgrounds, Cyber Blue interactives).
  • Visualization: react-force-graph-2d for the interactive data web, and canvas-based ogl for ambient background animations.
  • Icons: lucide-react

Backend (The APIs)

  • Core: Next.js Route Handlers (App Router)
  • Authentication: NextAuth.js (Auth.js) using the Google Provider (OAuth 2.0).
  • Email Access: Google APIs (googleapis) utilizing the Gmail read-only metadata scope.

AI & Threat Intelligence (The Engine)

  • AI Analysis: Google Gemini API (with Claude API as a fallback) to generate instantaneous, structured privacy policy analyses.
  • Threat Detection: Have I Been Pwned (HIBP) API integration.
  • Database: Firebase/Firestore utilizing firebase-admin to cache policy results and store discovered user accounts to prevent over-polling APIs.

Built With

Share this project:

Updates