Built as a privacy-safe one-message pipeline.
Each stage has a single responsibility. Raw text lives only in the request lifecycle. PostgreSQL holds masked messages, PII metadata, analysis output, and audit trail — never raw entity values.
- 01
Next.js frontend
Single-message form, live pipeline view, results dashboard.
- 02
FastAPI backend
Stateless request orchestration. Raw text never leaves the request scope.
- 03
Presidio + regex detection
Entity recognition for NAME, EMAIL, PHONE, LOCATION + custom IDs.
- 04
Masking layer
Stable, numbered placeholders preserve referential structure.
- 05
Second safety gate
Re-scans the masked payload before any external call. Fails closed.
- 06
LLM analysis (masked-only)
Sentiment, topic, intent, urgency, summary, recommended action.
- 07
PostgreSQL safe storage
Stores masked text, PII metadata (counts/types), analysis, audit log.
- 08
Operations dashboard
Read-only views over safe results. No raw PII surface, ever.
data retention policy
Raw messages are processed in-memory and are not stored by default. PostgreSQL stores only masked messages, PII metadata (entity types and counts), analysis results, and audit information. Raw entity values — names, emails, phone numbers, IDs — are never persisted.