With privacy fines at an all time high, Privya ensures that private and personal information is kept safe before code is deployed to production
Privya today emerged from stealth with $6M in funding for its data privacy code scanning platform. The seed round was led by Hyperwise Ventures, together with several angel investors.
As companies, applications and AI models handle more and more personal information, governments have responded with new data protection laws such as the EU General Data Protection Regulation and California’s Consumer Privacy Act. The US Congress is planning to enact additional federal privacy measures. Breaking these laws can be expensive; Facebook alone faced a $5bn FTC penalty in the USA, and $1.2bn of GDPR fines were issued in 2021. Organizations, though, struggle to implement complex legal privacy requirements and reporting systems at the engineering level, spending millions and doing much of the work by hand. This has led to the rise of privacy technology.
“Existing privacy solutions focus on private information once it’s already deployed in production, but this can leave organizations exposed and lead to expensive attempts to correct the issue,” said Uzy Hadad, co-founder and CEO of Privya. “Cybersecurity has shown us there are better ways; shifting left and stopping bad practices during development, so they never make it to production at all.”
Privya identifies data protection issues and violations early in the development process. Shifting privacy left, Privya’s scanner analyzes how sensitive data is handled in code, understanding which types of data are being collected and how they are being used, stored and sent to third-party services. Privya integrates into a company’s CI/CD pipeline, ensuring that bad data handling practices never make it into a build, and offering developers actionable measures to fix issues The platform constructs a full mapping of each service to give complete visibility into how an application handles personal or sensitive data.
Privya also provides a powerful and convenient privacy management wizard, making it simple to add to an ongoing project, as well as visual features like privacy management dashboards. It flags sensitive data protection vulnerabilities (for example, when personal information is written to logs) and can confirm that data is only being used and processed for the purposes agreed in company’s privacy policies.
Privya was founded in 2021 by Uzy Hadad, Arthur Garmider and David Segev. Hadad was originally inspired to found a data privacy startup after the data platform that he has invented and developed has been acquired by a data broker and he saw the amount of personal information that was being collected, stored and monetized. Privya has offices in Israel and the USA, and has early customers in diverse sectors such as finance, business services, telecoms, ecommerce and healthcare.
“Privacy technology is becoming as important as cybersecurity, and for the same reasons: if you can’t handle people’s personal information responsibly, you’re risking both your reputation and your profits,” said Nathan Shuchami, managing partner of Hyperwise Ventures. “We were impressed by Privya’s developer-first approach to privacy that matches the realities of modern software development, and by the experienced founders who are making their vision a reality. We’re proud to invest in Privya.”
“Privacy and data protection are among the biggest challenges of our time, and with big data and machine learning using larger and larger quantities of personal data, keeping sensitive and personal information protected is getting both harder and more urgent”, said Uzy Hadad, co-founder and CEO of Privya. “Effective regulations are a great start, but they aren’t enough. Privya’s solution bridges the gaps between a company’s Data Protection Officer, Risk and Compliance Officer and CISO on the one side and their engineering teams on the other, protecting users’ privacy in cloud applications before code is deployed in production, thus preventing punitive fines for breaches.”