Apache 2.0 · Free forever · v0.4.0 · 67 functions

Compliance built into
your database, not bolted on.

GDPR, DORA & SOC 2 compliance for PostgreSQL — as a single SQL file. No sidecar. No agent. No SaaS. Open source and self-hosted forever.

Download free →pgcomply Plus
psql
i pgcomply.sql                          -- install (2 seconds)

SELECT pgcomply.quick_setup();           -- scan all tables for PII
                                           -- auto-classify data levels
                                           -- enable DML auditing
                                           -- run health check

SELECT pgcomply.forget('user-4821');     -- GDPR Art. 17, done

SELECT pgcomply.health_check();          -- CIS Benchmark, 16 checks

SELECT pgcomply.verify_forget('user-4821');-- cross-validate: nothing left

Sound familiar?

😰

The 3 AM Compliance Panic

"Which tables store PII for user-4821?" You grep through Confluence docs last updated 14 months ago. Two engineers disagree on the schema. The DPO is waiting.

🔍

The Audit Spreadsheet

A shared Google Sheet tracks who has access to what. It was accurate once. Now it’s 47 rows of half-truths maintained by someone who left 6 months ago.

💸

The Enterprise Sales Pitch

"Our platform integrates compliance seamlessly." Translation: 6-figure contract, 3-month onboarding, and a sidecar that phones home more than your actual app.

84 functions. Zero dependencies.

Every feature runs inside your database as pure PL/pgSQL. No external services, no agents, no compilation.

GDPR Right to Erasure

Art. 17
pgcomply.forget('user-4821')

One function deletes PII from every registered table. Verify completeness with verify_forget(). Immutable audit trail proves it happened.

Security Health Check

CIS
pgcomply.health_check()

16 CIS Benchmark checks: SSL, password encryption, superuser count, row-level security, audit integrity. Know your risk in seconds.

Dynamic Data Masking

Art. 25
pgcomply.mask('users', 'email', 'partial')

Auto-generated views mask PII for non-exempt roles. Partial, full, or hash masking. Your analysts see al***@e***.com automatically.

Consent Management

Art. 6/7
pgcomply.grant_consent('user-123', 'newsletter')

Define processing purposes with legal basis. Track consent grants and withdrawals. Full audit trail for every decision.

Schema Drift Detection

Continuous
pgcomply.schema_drift()

New developer adds a phone column? Drift detection catches it before the auditor does. Pattern matching for 12+ PII types.

Breach Management

Art. 33
pgcomply.report_breach('title', 'desc', 'high')

72-hour DPA notification countdown. Track investigation status, affected subjects, remediation. GDPR Article 33 compliance, automated.

Web Dashboard✦ Plus

Dashboard
pgcomply.compliance_score()

Visual compliance overview across all your databases. Health scores, PII maps, audit timelines — in a browser, no SQL required.

PDF Compliance Reports✦ Plus

Reports
pgcomply.generate_report('gdpr')

Audit-ready PDF reports for GDPR, DORA, and SOC 2. Generated directly from your live data. Ready to hand to auditors.

From zero to compliant in 4 steps

01

Install

\i pgcomply.sql — 2 seconds, any PostgreSQL 14+

psql -f pgcomply.sql
02

Setup

One command scans tables, classifies PII, sets policies

SELECT pgcomply.quick_setup();
03

Comply

forget(), inspect(), health_check() — all from SQL

SELECT pgcomply.forget('user-id');
04

Prove it✦ Plus

Immutable audit trail and SHA-256 chain. PDF reports and dashboard available with Plus.

SELECT pgcomply.compliance_report();

Works everywhere PostgreSQL runs

SupabaseNeonAWS RDSAzureGoogle Cloud SQLHetznerOVHDigitalOceanDockerSelf-hosted
Apache 2.0 · Free forever · No account required

Free forever.
Open source.

Self-hosted, no telemetry, no license server. Use it in production today.

No credit card. No trial period. Just SQL.

psql -f pgcomply.sql && psql -c "SELECT pgcomply.quick_setup()"
Download on GitHub →Need reports & dashboard? →