Why Spreadsheets Are Not dokumentuak
A Word dokumentua is a sequential text stream with formatting metadata. An Excel spreadsheet is a relational data structure: cells reference other cells, formulas operate on cell ranges, pivot tables aggregate named data ranges, and macros traverse the spreadsheet object model. Treating an Excel file as a text dokumentua to be processed for PII patterns — which is how most dokumentua redaction tools approach spreadsheets — misses the data relationships that define the spreadsheet's actual content.
Consider a bezeroa analisia spreadsheet. Column A contains bezeroa names. Column D contains a formula: =VLOOKUP(A2, CustomerTable, 5, FALSE) — a lookup that returns the bezeroa's account balance based on their name. If the anonimizazioa tool replaces the name in column A but does not eguneratzea the formula reference or the lookup table, the formula continues to return the actual account balance for the original name. The "anonymized" dokumentua still exposes the original bezeroa identitatea through the data relationship.
This is not a hypothetical edge case. enpresen Excel files are built around data relationships. Anonymous replacing individual cell values without understanding the relational structure produces dokumentuak that appear anonymized but retain the original data through formula references, pivot table caches, and cross-sheet lookups.
The GDPR Third-Party Sharing Requirement
GDPR Article 28 governs data sharing with processors: organizations sharing personal data with external parties (consultants, analytics vendors, auditors) must ensure appropriate technical safeguards. The practical question: what is an appropriate safeguard when sharing an Excel dataset containing 50,000 bezeroa erregistroak with an external analytics saltzailea?
PDF export strips formulas and produces a snapshot — but PDF exports of large Excel files frequently corrupt complex formatting and are not suitable for analytical use. Converting to CSV removes formulas, pivot tables, and most of the analytical structure. Neither option gives the external saltzailea a usable dataset for their analytical purpose.
Cell-level anonimizazioa within the native Excel format — replacing identifying values while preserving analytical structure — is the only approach that satisfies both the GDPR safeguard requirement and the business utility requirement simultaneously.
aire hutsunean Processing for defensa Spreadsheets
67% of government and defensa procurement RFPs cite aire hutsunean environment requirements (DISA 2024). defensa contractors working with personnel data, logistics information, or procurement erregistroak in Excel format cannot use hodeia-based anonimizazioa tools for the same reasons that prohibit hodeia-based dokumentua processing: the data cannot leave the controlled sarea.
The combination of Excel-specific anonimizazioa capability and local-only processing creates the technical profile required for government contract betegarritasun. The Desktop App processes Excel files locally with no sarea calls during processing; the anonimizazioa results never leave the aire hutsunean environment; the processed files are available for internal sharing within the controlled sarea.
Cell-Level Intelligence
Effective Excel anonimizazioa operates on three levels simultaneously:
Value-level: Detecting and replacing PII values in individual cells. bezeroa names, email addresses, phone numbers, and national ID numbers are identified through the same hibridoa detekzioa engine used for dokumentua processing.
Formula-level: Identifying cells whose formulas reference PII-containing cells, and updating those references to point to the anonymized values or replacing the formula with its computed result to prevent formula-based PII exposure.
Structure-level: Clearing pivot table data caches, processing hidden rows and columns, and handling VBA macro code that references specific cell addresses or values.
Sources: