PII Redaction
When users share sensitive information with your AI agents, protecting their privacy becomes critical. ChatBotKit's PII Redaction automatically detects and masks personally identifiable information in conversations, ensuring that sensitive data like names, email addresses, phone numbers, and financial information never reaches your AI models in their raw form.
Traditional chatbots process user messages without any privacy protection, exposing sensitive data to AI models and storing it in conversation logs. With PII Redaction enabled, ChatBotKit scans incoming messages for over 15 types of personal information, replaces detected entities with unique tokens, and maintains the conversation context - all without human intervention. Your AI can still understand and respond appropriately while the underlying sensitive data remains protected.
Key Capabilities
Automatic Entity Detection
ChatBotKit uses AI-powered detection to identify sensitive information types including names, email addresses, phone numbers, social security numbers, credit card numbers, bank account details, dates of birth, addresses, and other personal identifiers. Detection happens in real-time as messages flow through the conversation, with no manual configuration required.
Intelligent Masking
When PII is detected, the system replaces sensitive text with unique tokenized placeholders that preserve context without exposing actual values. For example, "Contact John Smith at " becomes "Contact [name:a7x2b] at [email:k9m4p]" - allowing your AI to understand that a name and email were provided without ever seeing the actual values.
Reversible Redaction
The system maintains a secure mapping between original values and tokens, enabling authorized restoration when needed. This means your support team can still access original conversation content through the dashboard when necessary, while the AI itself only ever works with redacted data.
Conversation-Level Protection
PII Redaction operates at the conversation engine level, meaning all messages - whether from users, your AI, or integrated systems - are scanned for sensitive information. This comprehensive approach ensures consistent privacy protection across your entire conversation flow.
Confidence-Based Detection
The detection system assigns confidence scores to potential PII matches, only redacting when confidence exceeds a threshold (default 80%). This balances privacy protection with minimizing false positives that might disrupt natural conversation flow.
Use Cases
Healthcare and Insurance
Medical chatbots often receive symptom descriptions alongside patient names, dates of birth, and insurance details. PII Redaction ensures that your AI can provide helpful health information while automatically protecting the sensitive personal and medical data users share.
Financial Services
Banking and fintech chatbots frequently handle account numbers, credit card details, and transaction information. Enable privacy mode to ensure that your AI assistant never processes raw financial data, meeting regulatory requirements for data protection in financial applications.
Customer Support at Scale
Support teams using AI to handle customer inquiries receive a constant stream of personal information - names, emails, order numbers, addresses. PII Redaction allows you to train and improve your support AI without exposing customer data to your AI models or storing sensitive information in training datasets.
GDPR and CCPA Compliance
Organizations subject to data protection regulations can use PII Redaction as part of their compliance strategy. By automatically detecting and masking personal data before it reaches AI models, you reduce the scope of data processing and minimize privacy risks associated with AI-powered conversations.
How It Works
PII Redaction integrates directly into ChatBotKit's conversation engine and can be enabled at the bot level or for individual conversations:
Enable on Your Bot
Navigate to your bot configuration in the ChatBotKit dashboard and enable the Privacy toggle. All conversations with that bot will automatically have PII Redaction applied to incoming and outgoing messages.
Enable per Conversation
For more granular control, enable privacy mode when creating or configuring individual conversations through the API by setting the privacy parameter to true.
Widget Integration
When deploying the ChatBotKit widget, add the privacy attribute to automatically enable PII Redaction for all conversations through that widget:
The system handles detection and masking automatically - no additional configuration is needed once privacy mode is enabled.
Security and Data Handling
PII Redaction uses AWS Comprehend for entity detection, a SOC 2 and GDPR compliant service designed for sensitive data processing. Detection happens in real-time during message processing, with no persistent storage of the detection results outside of the conversation context.
Original values and their token mappings are maintained securely within the conversation session, enabling authorized access through the ChatBotKit dashboard while keeping raw PII out of AI model interactions. The tokens themselves are generated randomly and cannot be reverse-engineered without access to the conversation's entity mapping.
Getting Started
Ready to protect user privacy in your AI conversations? Navigate to your bot settings in the ChatBotKit dashboard and enable the Privacy toggle. For programmatic control, use the privacy parameter when creating conversations through the API.
PII Redaction works alongside other ChatBotKit features including memory systems, analytics, and integrations - you get comprehensive privacy protection without sacrificing functionality. Your AI remains intelligent and helpful while automatically respecting user privacy at every interaction.