# Key Concepts

Understanding Aptly

Core concepts for PII redaction, compliance frameworks, and audit logging.

PII Redaction Modes

Aptly supports three redaction modes. Configure your account's default mode via the PATCH /v1/me endpoint.

01

mask (Default)

Replaces PII with labeled placeholders. Best for maintaining context while protecting data.

Example
Input: "Contact John Smith at john@acme.com"
Output: "Contact PERSON_A at EMAIL_ADDRESS_A"

✓ Preserves sentence structure
✓ LLM can still understand relationships
✓ Best for most use cases

02

hash

Replaces PII with deterministic hashes. Same value always gets the same hash.

Example
Input: "John Smith called, John Smith left a message"
Output: "HASH_a3f2c1b9 called, HASH_a3f2c1b9 left a message"

✓ Maintains consistency across requests
✓ Can track entities without revealing identity
✓ Good for analytics use cases

03

remove

Completely removes PII from the text. Most secure but may lose context.

Example
Input: "Contact John Smith at john@acme.com"
Output: "Contact [REDACTED] at [REDACTED]"

✓ Maximum data protection
✓ Best for highly sensitive data
⚠ May reduce LLM usefulness

Detected PII Types

Aptly uses Microsoft Presidio to detect these PII entity types:

  • • PERSON (Names)
  • • EMAIL_ADDRESS
  • • PHONE_NUMBER
  • • US_SSN
  • • CREDIT_CARD
  • • US_DRIVER_LICENSE
  • • US_PASSPORT
  • • IP_ADDRESS
  • • LOCATION
  • • DATE_TIME

Compliance Frameworks

Tag your account with compliance frameworks to organize audit logs and demonstrate regulatory compliance.

🇪🇺
GDPR

General Data Protection Regulation (EU)

🏥
HIPAA

Health Insurance Portability and Accountability Act (US)

🔒
SOC 2

System and Organization Controls Type 2

Audit Logs

Every API request creates an immutable audit log entry with:

  • Timestamp: Exact date/time of request
  • PII Detections: Which PII types were found and how they were redacted
  • Provider & Model: Which LLM was called (e.g., "openai/gpt-4")
  • Token Usage: Input/output tokens and cost
  • User ID: Optional end-user identifier for tracking
  • Request/Response Data: Full messages (with PII already redacted)

Database Trigger: Audit logs are enforced immutable at the database level. Even with service role access, modification and deletion are prevented via PostgreSQL triggers.

Data Retention

Audit logs are retained based on your plan:

PlanRetention
Free30 days
Pro1 year
Enterprise7 years (configurable)