You delete the data.
We prove it happened.

Cryptographic deletion certificates for GDPR, CCPA, and SB 362 compliance. Independently verifiable. No trust required.

Start Free Pilot See How It Works

The problem is proof

Regulators Want Proof

GDPR Article 17 and California's Delete Act (SB 362) require data deletion on request. Penalties run $200 per request per day. But how do you prove it happened?

Your Logs Aren't Enough

Internal deletion logs are self-attestation. A regulator can't verify them independently. Screenshots and Jira tickets won't hold up under audit.

Existing Tools Don't Verify

Privacy platforms like Transcend and OneTrust orchestrate deletion workflows. They don't cryptographically verify the data is actually gone.

How it works

1

Register Your Databases

Connect your PostgreSQL, MongoDB, S3, Redis, or Elasticsearch with read-only credentials. We verify they're read-only and reject write access.

2

We Snapshot Before Deletion

One API call creates a cryptographic attestation. We query your systems, hash the records in memory, and immediately discard the raw data. Only hashes are stored.

3

You Delete the Data

Use your own tools, your own process. We're not involved. You maintain full control over the deletion.

4

We Verify and Certify

One API call triggers re-verification. We re-query your systems. Records gone? We issue an Ed25519-signed certificate, logged in our public transparency log.

The certificate

DELETION CERTIFICATE
VERIFIED
Certificate ID cert_abc123f7e9d041a2b8c5
Subject sha256:e3b0c44298fc1c14...b855ec
Systems Verified 2 (sys_pg_users, sys_s3_uploads)
Attestation Time 2026-03-10T14:22:01Z
Verification Time 2026-03-10T14:34:17Z
Status All Records Absent
Ed25519 Signature 7f3a9b2c8d1e4f6a...0b5c3d
Transparency Log Index #48,201 — Inclusion Proof Verified
QR

Independently verifiable. No API call needed. It's math, not trust.

Two API calls. That's it.

import { BurnLedger } from "burnledger";
const dp = new BurnLedger({ apiKey: process.env.BURNLEDGER_API_KEY });

// Before deletion
const att = await dp.attestations.create({
  subjectIdentifier: "user@example.com",
  systemIds: ["sys_pg_users", "sys_s3_uploads"],
});

// After deletion
const result = await dp.attestations.verify(att.id, {
  subjectIdentifier: "user@example.com",
});

// Download certificate
const pdf = await dp.certificates.download(result.certificate.id);
from burnledger import BurnLedger
dp = BurnLedger(api_key="dp_live_...")

# Before deletion
att = dp.attestations.create(
    subject_identifier="user@example.com",
    system_ids=["sys_pg_users", "sys_s3_uploads"],
)

# After deletion
result = dp.attestations.verify(
    att.id, subject_identifier="user@example.com"
)

# Download certificate
cert = dp.certificates.download(result.certificate.id)
npm install burnledger pip install burnledger

Supported systems

PostgreSQL
MongoDB
Amazon S3
Redis
Elasticsearch

Need something else? We'll build the connector.

Trust and security

We Never See Your Data

Records are hashed in connector memory and immediately discarded. Raw data never touches our servers, our disks, or our logs.

We Never Store Identifiers

Subject identifiers are salted with SHA-256 using your unique customer salt. The plaintext is held in memory only during query execution.

Certificates Outlive Us

Ed25519 signatures are standard cryptography. Any library can verify them. If BurnLedger disappears tomorrow, your certificates are still valid.

Public Transparency Log

Every certificate is recorded in an append-only Merkle tree (RFC 6962). We can never deny issuing a certificate. Tamper-evident by design.

What we actually see

Type anything below. On the left is your data. On the right is what reaches our servers. We never see the original.

Your Database Record
SHA-256
What BurnLedger Stores
Full Name
Email
Phone
SSN
Address
Hashes are one-way — the original data cannot be reconstructed
Change a single character and the entire hash changes
Raw data exists in connector memory for microseconds, then is permanently discarded

Pricing

Limited

Founding

$149/mo
  • 1,000 certificates/month
  • 5 systems
  • Email support
  • Founding customer rate locked for 12 months
Start Free Pilot

Pro

$499/mo
  • 10,000 certificates/month
  • Unlimited systems
  • Compliance reports and PDF export
  • Priority support
Get Started

Enterprise

Custom
  • Unlimited certificates
  • RBAC and role-based API keys
  • Dedicated deployment support
  • SLA and dedicated support
  • Custom connectors
Contact Sales

Regulatory alignment

GDPR Article 17
California Delete Act (SB 362)
CCPA / CPRA
SOC 2 Type II

One certificate. Every jurisdiction. The protocol proves a fact — data was present, now absent — regardless of which regulation triggered the deletion.

Start your free pilot today.

Connect your first database in under an hour. See deletion proof in action.

Questions? Email hello@burnledger.io