Northwind.AI
Pricing
Log inGet Started
Privacy & PII

Controls for sensitive data and PII.

Designed for teams that handle records containing personal data: controlled reveal, masking patterns, and source preservation.

Careful with sensitive material.
Early Access

Some PII handling controls are available; advanced PII signal detection is in development.

Masking and controlled-reveal patterns are running for selected customers. Pattern-based PII detection is in active development with design partners; we do not claim it is comprehensive across every file type or language. Where the signals are partial, the page makes that explicit.

How privacy controls work

Controlled reveal, not all-or-nothing exposure.

PII handling is treated as a property of the workflow, not a one-shot scrub. The patterns below describe the controls available today; advanced detection work continues with design partners.

Sensitive data handling

Records containing personal data can be flagged at ingestion.

When a source is brought in, fields that look like personal data can be flagged for review. The flagging is conservative: where the system is uncertain, it errs toward marking the field for review rather than missing it.
PII-aware previews

Previews can omit sensitive content.

Reviewers do not need to see raw values to understand structure. Previews can render the shape of a record (which columns, what types, how populated) while masking the contents of fields marked sensitive.
Masking & redaction

Selected content can be redacted; the source remains linked.

Masking is applied as a presentation layer, not a destructive scrub. The original source stays linked, so authorized reviewers can confirm context when the workflow requires it.
Source preservation

Redaction does not remove the source; it scopes who can see it.

Lineage and citations continue to function on redacted content, because the source link is preserved. What changes is who can resolve the link to the underlying record.
Controlled reveal

Reveal of masked content is captured as an event.

When an authorized reviewer reveals masked content, the reveal is recorded in the audit trail alongside the rest of the work. The trail captures who saw what, with the timestamp and the scope.
Future retention controls

Time-bounded retention policies are planned.

Retention windows and deletion paths are in active design. Where teams need a defined retention policy today, we are happy to walk through what is available and what is in development.
Bring a real workflow

Walk us through your PII workflow.

Tell us about a workflow that touches sensitive data and we will show you which controls help today and where the active work is heading.