GDPR-safe · PII never reaches the LLM

Fan intelligence without exposing fan identity.

Detect, mask, and analyze football fan messages with a GDPR-safe AI pipeline. Raw PII stays protected. Only anonymized text reaches the LLM.

0%
PII leakage target
EN · DE
languages supported
1 msg
pipeline mode
fan-intel · pipeline.live
01 · raw input
Hi, I'm Lukas Weber from Berlin. Email lukas.weber@gmail.com. Refund BK-92811.
02 · detect
NAMECITYEMAILBOOKING_ID4 entities · 0.97 conf
03 · masked
Hi, I'm [NAME_1] from [CITY_1]. Email [EMAIL_1]. Refund [BOOKING_ID_1].
04 · llm insight
sentiment
Negative
topic
Refund
urgency
Medium
no raw PII forwarded142 ms
The problem

Fan messages are full of insight — and sensitive data.

Football clubs receive an enormous volume of fan communication. Useful signal is mixed with personally identifiable information that must never leak into a third-party model.

PII risk

Raw messages contain names, emails, phones, IDs. Sending them to an LLM leaks personal data.

Manual review doesn't scale

Clubs receive thousands of messages weekly across email, app, social, and forms.

Multilingual complexity

English, German, and code-switched messages confuse off-the-shelf detectors.

Insight buried in text

Without structure, sentiment, urgency, and recommended actions stay invisible.

The pipeline

Privacy first. Intelligence second. Always in that order.

Five deterministic stages. PII detection runs locally before any text reaches the LLM, and a second safety gate verifies the masked payload.

  1. 01

    Input

    Single fan message ingested via API or form.

  2. 02

    Detect

    Presidio + regex find PII locally — names, emails, IDs.

  3. 03

    Mask

    Replace each entity with a stable placeholder token.

  4. 04

    Verify

    Second safety scan rejects anything still leaking.

  5. 05

    Analyze

    Only masked text reaches the LLM for insight.

Before / after

Anonymization preserves meaning, not identity.

The masked payload retains enough context for accurate sentiment, topic, intent, and urgency detection — without exposing a single private value.

Raw input · contains PII
01 / RECEIVED

Hi, I'm Lukas WeberNAME from BerlinCITY. My email is lukas.weber@gmail.comEMAIL. I waited 45 minutes at Gate C and want a refund for booking BK-92811BOOKING_ID.

NAME detectedCITY detectedEMAIL detectedBOOKING_ID detected
Anonymized · safe for LLM
02 / MASKED

Hi, I'm [NAME_1] from [CITY_1]. My email is [EMAIL_1]. I waited 45 minutes at Gate C and want a refund for booking [BOOKING_ID_1].

4 entities masked · 0 raw values forwardedcleared
What you get back

Structured insight from anonymized text.

The LLM analyzes only the masked message and returns a compact, structured payload your team can route, prioritize, and act on.

insight · message #2841 · masked input only
142 ms
Sentiment
Negative
−0.62
Topic
Refund
ticket-ops
Intent
Request refund
actionable
Urgency
Medium
SLA: 24h
Language
EN
confidence 0.98
Action
Route → Ticketing
auto-suggest

Summary

Fan reports a 45-minute wait at Gate C and requests a refund for one booking. Recommend: acknowledge delay, offer compensation per matchday-ops policy, escalate if repeated.

Trust & security

Designed to reduce sensitive-data exposure at every step.

Raw PII never reaches the LLM

Raw messages not stored by default

PII entity values are not stored

Second safety scan before LLM call

Final PII scan on AI output

PostgreSQL holds only safe results

Where it fits

Built around how clubs actually work.

Six concrete fan communication surfaces a club already operates — now with structured insight and zero PII exposure.

Ticket refund complaints
Matchday operations feedback
Accessibility issues
Membership support
Merchandise & order problems
Fan sentiment tracking

See the privacy pipeline in action.

Walk through a real fan message — from raw input to anonymized insight — in under a minute.