ashbase
Now in Early Access

Compliance built into
your database. Not bolted on.

ashbase is PostgreSQL where DELETE triggers policy evaluation, not destruction. GDPR, SOX, legal holds, and PII masking handled at the engine level with zero overhead on the read path.

psql — ashbase
-- Standard SQL, extraordinary compliance
DELETE FROM users
WHERE id = 42;
→ Signal policy evaluated
├ GDPR retention: 30 days remaining
├ Legal hold: none active
├ PII fields: masked irreversibly
└ State: active → soft_deleted
-- Read path: zero overhead, stock PG speed

Built for teams that take compliance seriously

Acme CorpGlobexInitechHooliPied PiperMassive Dynamic

How it works

Three steps. No infrastructure changes. No application rewrites.

01

Write standard SQL

No new query language. No SDK. Your existing PostgreSQL code, ORMs, and drivers work unchanged.

02

DELETE triggers policy evaluation

The engine intercepts DELETE, evaluates signal policies, and routes data through the correct compliance state.

03

Data routes by compliance state

Partitioned by signal state. Active data stays in hot partitions. Zero overhead on the read path.

Everything you need, nothing you don't

Compliance at the engine level means less code, fewer bugs, and zero surprises during audits.

Zero Read Overhead
Active partition is stock PostgreSQL. Queries hit clean, unmodified data at full speed.
Automatic PII Masking
Irreversible PII masking triggered by policy. GDPR-compliant by default, not by hope.
Legal Hold Management
Legal hold beats everything. Data under hold cannot be deleted, masked, or modified.
Tamper-Proof Audit Trail
WAL hash-chained per table. Every state transition is cryptographically verifiable.
Policy-Driven Lifecycle
GDPR and SOX on the same row. Signal policies compose without conflict.
Full PostgreSQL Compatibility
Every driver, ORM, and extension works. It's PostgreSQL — with compliance built in.

SQL you already know

No new APIs. No SDKs. Just PostgreSQL with compliance superpowers.

psql — ashbase
CREATE SIGNAL POLICY gdpr_retention
  ON users
  AFTER DELETE
  SET signal = 'soft_deleted'
  MASK COLUMNS (email, phone, address)
  RETAIN FOR INTERVAL '30 days'
  THEN SET signal = 'purged';

The difference is in the engine

Stop building compliance infrastructure. Start using a database that handles it.

Without ashbase
  • Compliance logic scattered across services
  • Manual PII scrubbing scripts
  • Legal holds tracked in spreadsheets
  • Audit trails bolted on with triggers
  • DELETE means data loss
  • Months to pass a SOX audit
With ashbase
  • Compliance enforced at the engine level
  • Automatic, irreversible PII masking
  • Legal holds enforced by the database
  • Tamper-proof, hash-chained audit log
  • DELETE means policy-driven state transition
  • Continuous compliance, audit-ready always

Your database should handle compliance.
Not your engineers.

Get started with ashbase in minutes. Full PostgreSQL compatibility. Deploy on our cloud or self-host.

No credit card required. PostgreSQL compatible.