Data-class catalog
Every request and document is classified by content into exactly one data class. The class drives the policy matrix lookup. This is the authoritative catalog; for the concept, see data classes.
Classification resolves the highest-priority class when content matches more than one (for example, content tagged both Public and Unknown resolves to Public). Class names have short and long aliases (e.g. PII, PHI, and Identity all resolve to PII / Personal Data).
| Data class | Risk | Covers | Default handling |
|---|---|---|---|
| Source Code / Secrets | Critical | API keys, passwords, tokens, connection strings, private source code | Block — every tier |
| PCI / Payment Data | Critical | Payment-card numbers (PAN) and related payment data | Enterprise-managed · redact |
| Strategy / Board Confidential | Critical | Board materials, M&A, confidential strategy and forecasts | Enterprise-managed · route |
| Legal / Contractual | High | Contracts, legal advice, settlements | Enterprise-managed · route |
| Financial Data | High | Revenue, forecasts, internal financials | Enterprise-managed · route |
| HR Data | High | Compensation, performance, employee records | Enterprise-managed · route |
| PII / Personal Data | High | SSNs, national IDs, passports, identity documents, PHI | Enterprise-managed · route (sensitive spans redacted) |
| Customer Data | Medium | Customer records and account details | Enterprise-managed · route |
| Public / Non-sensitive | Low | Published or general content | Public frontier · allow |
| Unknown | High | The classifier is not confident | Enterprise-managed · route |
Unknown is protected, not permitted
A low-confidence classification is treated as elevated risk — routed to a trusted destination, never allowed through by default.
Detectors
Classes are assigned from a mix of deterministic detectors and a semantic classifier:
- Deterministic (regex/validators) — secrets and API keys, payment-card numbers (Luhn), SSNs and national IDs, and prompt-injection patterns. These are high-precision and can hard-block on their own.
- Semantic classifier — content-level classification for the business classes (Financial, Strategy, Legal, HR, Customer). Runs before routing, on a fixed safe classifier, and never on the chat destination.
- Custom rules — organization-specific detectors you add (DLP & rules), mapped to any class.
Notes
- The risk level is inherent to the class; it drives dashboards and prioritization.
- The Default handling column is the shipped
DEFAULT_TRUST_MATRIX— every row is tenant-tunable in the policy matrix. - See the policy-action catalog for what each action does.