Trust, privacy, and compliance
How the Privacy Vault protects sensitive data
The Privacy Vault is a core component of Unless’s platform designed to protect sensitive personal data by isolating and securing it before it reaches AI models or external systems. It acts as a data-protection layer at the edge of the platform, ensuring that personally identifiable information (PII) such as names, emails, phone numbers, and account numbers are never exposed in their raw form outside a controlled environment. This approach helps organizations deploy AI agents confidently while maintaining compliance with strict privacy regulations like GDPR and the EU AI Act.
how the Privacy Vault works
The Privacy Vault operates by detecting and filtering sensitive identifiers as data enters the platform. This happens at two key points: ingestion (when data first arrives) and runtime (just before the AI model processes the data). At both stages, PII is either removed, masked, or replaced with tokens. Tokenization means that sensitive values are swapped for safe placeholders, which the AI agent can use without ever seeing the actual data. The mapping between tokens and real identifiers is stored securely inside the Privacy Vault and is only accessible to authorized components within the platform.
This design ensures that raw personal data never leaves the EU infrastructure or reaches the foundation model providers. When the AI agent generates a response that requires re-attaching personal identifiers—such as addressing a customer by name—the Privacy Vault performs de-tokenization inside the secure environment, maintaining strict data sovereignty.
key privacy features and compliance
The Privacy Vault includes multiple privacy measures beyond tokenization and filtering:
- Data minimization: Only the necessary data is processed and stored, reducing exposure.
- Prompt anonymization: Inputs to the AI models are scrubbed of sensitive details.
- EU data residency: All personal data and the Privacy Vault itself reside within EU/EEA cloud regions, avoiding cross-border data transfers.
- Consent management: The platform supports configurable consent modes, allowing organizations to require explicit user consent for tracking and personalization.
- Data subject request workflows: Built-in tools enable easy handling of access, correction, and erasure requests from end users, with automatic token orphaning to prevent reuse of deleted data.
- Sub-processor transparency: All cloud providers and sub-processors operate within the EU, and their details are available in your Data Processing Agreement (DPA).
benefits for organizations and users
By using the Privacy Vault, organizations can confidently deploy AI agents that handle sensitive data without risking exposure or regulatory non-compliance. The tokenization and filtering mechanisms ensure that AI models never see raw personal data, reducing liability and enhancing trust. Additionally, the platform’s architecture supports audit trails and transparency required by the EU AI Act, enabling per-decision risk classification and exportable logs for compliance teams.
Users benefit from enhanced privacy protections, knowing their personal information is securely managed and never shared outside the necessary scope. The Privacy Vault’s design also supports cookieless experiences and respects user consent preferences, aligning with modern privacy expectations.
conclusion
The Privacy Vault is a foundational technology that safeguards sensitive personal data within Unless’s AI platform. Through advanced tokenization, filtering, and strict EU data residency, it ensures that personal identifiers remain protected at all times. This enables organizations to leverage AI-powered customer agents while meeting stringent privacy and regulatory requirements, maintaining both operational efficiency and user trust.