Core Concepts
Privacy & Data Lifecycles
Fastino is built with privacy by design, ensuring all user data ingested through the Personalization API is handled with strict privacy filtering, automatic deletion, and full GDPR/SOC 2/ISO 27001 compliance.
This section outlines how data flows through Fastino’s infrastructure — from ingestion to deletion — and the safeguards that guarantee no personal or sensitive data ever persists beyond the permitted window.
Overview
The Privacy & Data Lifecycles model governs how Fastino processes user data across the personalization stack:
Phase | Description |
|---|---|
Ingestion | Developers connect user data sources (e.g., Gmail, Notion) via OAuth. Raw content is streamed to Fastino’s |
Filtering & Insight Gathering | Data is passed through an LLM that generates privacy-filtered insights, explicitly removing all names, identifiers, and sensitive attributes. Raw content exists in memory only (≤ 60 seconds) and is never written to disk. |
PII Detection | A detection layer rejects payloads containing PII, financial data, biometric data, authentication tokens, or demographic/health attributes. Non-compliant inputs return |
Safe Retention | Only privacy-filtered insights (e.g., “User dislikes snail food”) are retained. These contain no unique identifiers or sensitive categories (religious, political, etc.). |
Deletion | All insights are subject to automatic deletion within 30 days (configurable per workspace). End users can request immediate deletion at any time. |
Policy Highlights
Developers must not transmit personal or sensitive data.
Any detected PII is redacted and deleted within ≤ 60 seconds.
All insights expire automatically within 30 days (default).
End-users can opt out of their insights being used for aggregate improvements.
Data never leaves memory and is never used for model retraining.
Fully GDPR / SOC 2 / ISO 27001 compliant.
Example Flow
Stage | Example Data | Result |
|---|---|---|
Input |
| Rejected (contains religious views) |
Input |
| Accepted (safe behavioral data) |
Processing | Raw text held ≤ 60 s → LLM insights removes identifiers → stored as abstracted representation | |
Retention | Encrypted insights only ( | |
Deletion | Automatic ≤ 30 days or on user request |
Technical Workflow
Developer OAuths with end-user account (e.g., Gmail read permissions).
Data forwarded via
/ingest→ LLM generates privacy-filtered insights.PII Detection Layer scans for banned content (government IDs, financial data, auth tokens, biometric info, religious or political beliefs, precise geolocation).
Safe Data Retained only if compliant (semantic/behavioral only).
Encrypted Storage → AES-256 at rest, TLS 1.3 in transit.
Automatic Expiry & Deletion ≤ 30 days (extendable per workspace).
Developer Responsibilities
Ensure client apps filter or anonymize PII before sending.
Avoid transmitting emails, phone numbers, or personal text verbatim.
Handle
400 PII_DETECTEDresponses gracefully.Use
/deleteendpoint or dashboard to purge user data.
Compliance Summary
Framework | Scope | Status |
|---|---|---|
GDPR Art. 5 | Data minimization / storage limitation | Compliant |
SOC 2 Type II | Security & confidentiality controls | Aligned |
ISO 27001 | Information security management system | Certified |
CCPA | User data access / erasure rights | Supported |
Summary
Fastino’s ingestion architecture enforces ephemeral memory-based handling, automatic redaction, and configurable deletion windows — ensuring no personal or sensitive information ever persists beyond what’s required for safe, privacy-preserving personalization.
Join our Discord Community