Skip to content

Introduction

This section covers installation, configuration, and integration. Before we get there, let's take a minute to understand what Tranquil Data is and why you want to deploy it.

What is Tranquil Data?#

Tranquil Data is the first System of Record for Data Context: it helps you understand where data came from, why you have it, and what you can do with it. Context is represented as a graph that captures knowledge about users and data, and policies that enforce in real-time how data is used and shared. Rather than focus on access control or roles and groups, Tranquil Data frames use and sharing through Purpose, and for any given record access uses Context about associated users to understand if the Purpose is valid. Two requests to the same record for different purposes (e.g., "providing a service" versus "training an algorithm"), or to different records for the same purpose (e.g., "marketing" to US versus EU users) may result in different responses. In each case, the reason why each decision was made is audited along with the purpose and who made the request.

This framing scales, both for complexity of policy and size of data, in a way that traditional security aproaches do not. It makes it possible to track individual reasons why data flowed from one organization to another, and demonstrate that regulations, contracts, and personal preferences are met at all times. It also has the advantage of mapping cleanly to the kind of language you see in privacy policies, terms and conditions, B2B contracts, etc. As a result, the implementation of policy shifts from engineers and data teams, who today need to be educated on how to implement complex rules across code-bases and deployments, to the legal and privacy teams that own these rules in the first place.

Why use Tranquil Data?#

By giving legal and privacy roles a User Interface to define and maintain all aspects of policy in once place, Tranquil Data does two things across an organization:

  1. It creates a common reference for all aspects of data use, so that most of the coordination meetings between legal, privacy, enginering, OPs, data science, advertising, etc. go away, replaced with a single source of truth that anyone can reference at any time
  2. It makes it simple to ensure compliance without knowing the details of any given policy, such that (e.g.) a developer or DataOps role no longer needs to write endless routines that implement business policy, and can instead have a single query or API call that will always do the right thing for them even as policies evolve

In other words, the hassle of constantly trying to understand what's allowed, and demonstrate that requirements were met, gets replaced by a system that enforces and reports on all aspects of policy so everyone can focus on what they actually want to do. Legal can green-light new projects, and data and software teams can focus on building value. Everyone gets to be more productive, and an organization as a whole can move forward faster, aligned on new initiatives and technology.

Where Do I Start?#

These docs cover several common patterns from the many ways that the product can be applied. That said, Tranquil Data is designed to let teams pick a single challenge, start small, and scale as requirements grow. For most teams, this means starting in one of four places.

User Onboarding#

Every environment needs to connect users to data, whether they are "first-party" users who create accounts and interact with an app, or "third-party" users where data is exchanged via B2B contracts. One common starting point is with the APIs that show users personalized terms before they create accounts, manage user preferences, and ensure that users are always up-to-date with the most recent platform terms.

Usage Audit#

Once a platform has user data, whether that data is identifying, anonymized, or tokenized, that platform needs to demonstrate that data is used correctly. Another common starting-point is to define policy and start intstrumenting key touch-points within the platform to surface an audit trail demonstrating exactly how and why data is accessed.

Data Exchange#

In any modern data platform there are points of exchange, which may be internal (like a transform pipeline to AI services) or external (like a front-door API for sharing with customers and partners). Once the product is configured and users are defined, these points of exchange are a great place to build incremental enforcement, demonstrating that purpose is met and acting as clear guidance for what consumers of pipelines, APIs, or databases must do to meet requirements of the exchange.

Document Redaction#

In many platforms, live data eventually ends up in the form of static documents, like database table exports to CSV files. A simple starting-point is to give the users of those files a place to drag and drop static content, both to make redaction for any stated purpose self-service and to ensure the decision is audited and visible to all stakeholders.

Ready to Get Started?#

Continue on to learn how to install and run the product.