03 · architecture

Built as a privacy-safe one-message pipeline.

Each stage has a single responsibility. Raw text lives only in the request lifecycle. PostgreSQL holds masked messages, PII metadata, analysis output, and audit trail — never raw entity values.

  1. 01

    Next.js frontend

    Single-message form, live pipeline view, results dashboard.

  2. 02

    FastAPI backend

    Stateless request orchestration. Raw text never leaves the request scope.

  3. 03

    Presidio + regex detection

    Entity recognition for NAME, EMAIL, PHONE, LOCATION + custom IDs.

  4. 04

    Masking layer

    Stable, numbered placeholders preserve referential structure.

  5. 05

    Second safety gate

    Re-scans the masked payload before any external call. Fails closed.

  6. 06

    LLM analysis (masked-only)

    Sentiment, topic, intent, urgency, summary, recommended action.

  7. 07

    PostgreSQL safe storage

    Stores masked text, PII metadata (counts/types), analysis, audit log.

  8. 08

    Operations dashboard

    Read-only views over safe results. No raw PII surface, ever.

data retention policy

Raw messages are processed in-memory and are not stored by default. PostgreSQL stores only masked messages, PII metadata (entity types and counts), analysis results, and audit information. Raw entity values — names, emails, phone numbers, IDs — are never persisted.