If there's one thing that’s come up again and again in our conversations with customers, it's the need to balance personalized experiences and data privacy—especially with the rapid advances in AI. Businesses are acutely aware of their responsibility to vigilantly safeguard Personally Identifiable Information (PII), but at the same time, they don't want to (and shouldn't) compromise on delivering personalized experiences.
What follows is a framework we’ve built to help brands achieve that delicate balance. By using strategies like PII identification, encryption, and data masking, we ensure that customer data stays private, while still allowing brands to deliver the high-quality, personalized service customers expect. We’ve also made sure everything aligns with the latest regulatory requirements, so you can move forward with confidence.
Commotion's PII Anonymization Process
Data Ingestion
We receive following types of data from the customers for enabling personalized experiences through APIs or event collection SDKs:
a) Customer Data (PII and non-PII data) : This includes PII data like Customer Id, Email-id, Mobile Number, Social Media Handles, Purchase History, etc. from the following sources.some text
i. Messages from Contextual Experience
ii. User profile information from Brands through APIs/CDP integrations.
b) Customer Events Data (non-PII)→ Browsing history, clicks data, search terms, preferences for products etc.
Once the data has been received from our Customer, we immediately classify the data into PII and non-PII by using sensitive info type identification. This is achieved by classification engines which use Regex patterns and ML models.
Data Masking/Tokenization
Once the PII data has been identified, we use a PII masking engine which tokenizes or hashes any identified PII. Tokenization ensures that sensitive data is replaced by anonymized tokens before being processed further. A mapping between original PII and its tokenized form is maintained securely, allowing us to recombine the information when needed.
Data Storage and Processing Layer
Once the data has been received from a Brand, every customer is assigned a unique customer Id internally and stored in secure and encrypted databases in compliance with GDPR and CCPA guidelines. The sensitive token mappings are housed separately from non-PII data to further enhance security.
PII Encryption
Any PII that needs to be temporarily stored or backed up is encrypted using industry-standard encryption algorithms, such as **AES-256**. This ensures that even if unauthorized access occurs, the data remains unreadable.
Access Control
We have implemented Role-based access control and MFA to limit access for the users who can access the PII data both for the platform users as well as for our teams. Only authorized personnel or systems can access sensitive information, ensuring accountability and minimizing insider threats.
Anonymizing the Interactions for Model Training
The events and interactions are recorded against the unique customer Ids and stored separately so as to ensure that when the data is being used by AI services for model training as well as for personalization only the anonymized user Id is shared thus preventing the need for PII in real-time service requests while maintaining user identity consistency.
Algorithms
Incoming and outgoing API requests are filtered by anonymization algorithms, ensuring that all PII is removed or tokenized.
Logging and Monitoring Layer
All system logs are stripped of PII, ensuring that only anonymized or tokenized data is recorded. Regular security audits are carried out to detect potential data leakages or vulnerabilities, ensuring proactive mitigation of privacy risks.
Data Deletion and Retention Policies
Right to Erasure (GDPR)
Our systems implement mechanisms to handle customer requests for data deletion. This includes the ability to purge tokenized or anonymized data from the system upon request, ensuring that users’ rights are respected. Brands can upload the list of users or use the Privacy API to delete the data of any customer.
Encryption in Transit and at Rest
TLS Encryption & Database Encryption
All data, whether anonymized or not, is encrypted using TLS during transmission to prevent interception by unauthorized parties. Databases storing PII or token mappings are encrypted at rest using advanced encryption techniques.
Conclusion
Commotion's PII anonymization framework is designed to ensure user privacy while maintaining the functionality of personalized services. By implementing tokenization, encryption, differential privacy, and comprehensive access controls, protecting sensitive information throughout its lifecycle.