At PersonaFin AI, data security and compliance are foundational to our operations and product design. Recognizing the critical importance of privacy, our development strategy from the outset has been to architect a system that excels without relying on personally identifiable information (PII).
Customer-Provided Identifiers
To ensure personalization capabilities without compromising user privacy, we recommend our clients supply a consistent, non-PII identifier for each user. This approach allows us to tailor the user experience while adhering to stringent data protection standards. Specifically, we ask our customers to utilize unique identifiers—such as customer IDs or other non-descript tokens—instead of directly identifiable information like names, phone numbers, or email addresses. This method ensures that personalization is both effective and privacy-centric.
Identify Resolution and Data Handling
Upon receiving a unique identifier from a client, our system conducts an initial check to determine its familiarity. If it is a new identifier, our proprietary identity resolution architecture maps the value to an internal GUID. This GUID system facilitates efficient data processing and personalization by providing a reference that replaces direct identifiers throughout our system.
Every piece of data tied to these identifiers, including the identifier itself, is encrypted during transit and while at rest within our infrastructure. We store the original identifier in a singular, secure location, utilizing the internal GUID mapping for all other operations. This approach minimizes data exposure and reinforces our commitment to security and privacy.
Customer Identity Anonymisation Tool
For clients seeking an additional layer of abstraction, we offer an on-premises solution: the Customer Identity Anonymisation Tool. This tool enables clients to further disassociate identifiers from individuals before they are sent to our platform. It follows a similar mapping process, converting internal identifiers into a GUID format. This GUID then becomes the reference point for all interactions with the PersonaFin AI platform, ensuring that even our clients’ internal identifiers remain opaque to us.
While the Identifier Mapping Engine is an optional enhancement rather than a core service, it exemplifies our dedication to providing flexible, privacy-first solutions. The responsibility for securing the environment in which this engine operates rests with the client, aligning with our principle that data protection is a shared commitment.
Through these mechanisms, PersonaFin AI ensures that personalization and data processing are conducted with the utmost respect for user privacy and compliance with legal standards. Our system’s design reflects a deep understanding of the necessity for security in financial services, offering our clients a platform that is both powerful and principled.
Below is an example flow of captured behaviour data and mapping
