Understanding Aptly
Core concepts for PII redaction, compliance frameworks, and audit logging.
PII Redaction Modes
Aptly supports three redaction modes. Configure your account's default mode via the PATCH /v1/me endpoint.
mask (Default)
Replaces PII with labeled placeholders. Best for maintaining context while protecting data.
✓ Preserves sentence structure
✓ LLM can still understand relationships
✓ Best for most use cases
hash
Replaces PII with deterministic hashes. Same value always gets the same hash.
✓ Maintains consistency across requests
✓ Can track entities without revealing identity
✓ Good for analytics use cases
remove
Completely removes PII from the text. Most secure but may lose context.
✓ Maximum data protection
✓ Best for highly sensitive data
⚠ May reduce LLM usefulness
Detected PII Types
Aptly uses Microsoft Presidio to detect these PII entity types:
- • PERSON (Names)
- • EMAIL_ADDRESS
- • PHONE_NUMBER
- • US_SSN
- • CREDIT_CARD
- • US_DRIVER_LICENSE
- • US_PASSPORT
- • IP_ADDRESS
- • LOCATION
- • DATE_TIME
Compliance Frameworks
Tag your account with compliance frameworks to organize audit logs and demonstrate regulatory compliance.
General Data Protection Regulation (EU)
Health Insurance Portability and Accountability Act (US)
System and Organization Controls Type 2
Audit Logs
Every API request creates an immutable audit log entry with:
- ✓Timestamp: Exact date/time of request
- ✓PII Detections: Which PII types were found and how they were redacted
- ✓Provider & Model: Which LLM was called (e.g., "openai/gpt-4")
- ✓Token Usage: Input/output tokens and cost
- ✓User ID: Optional end-user identifier for tracking
- ✓Request/Response Data: Full messages (with PII already redacted)
Database Trigger: Audit logs are enforced immutable at the database level. Even with service role access, modification and deletion are prevented via PostgreSQL triggers.
Data Retention
Audit logs are retained based on your plan:
| Plan | Retention |
|---|---|
| Free | 30 days |
| Pro | 1 year |
| Enterprise | 7 years (configurable) |