Four steps between your prompt and a private answer.
Faylo sits between your team and the model as a refraction layer. Identifiable client data is split out and pseudonymised on the way in, and resolved again on the way out — so the provider does the reasoning while you keep the identities.
Capture · Refract · Reason · Restore
The pipeline, step by step. Your team notices nothing — the privacy lives in the layer beneath.
Onze cliënt Jansen Bouw B.V. (KvK 61234567, btw NL853123456B01) heeft over 2024 een omzet van €1.240.000 en een nettowinst van €185.000. DGA is de heer P. van den Berg (BSN 999995649), die nu een salaris van €48.000 per jaar opneemt. De rekening-courantschuld aan de B.V. staat op €78.500. De vennootschap houdt aan op IBAN NL44 RABO 0123 4567 89.
Kun je beoordelen of het gebruikelijk loon van de DGA in lijn is met de richtlijnen voor 2024, en de risico’s rond de oplopende rekening-courantschuld aangeven?
The provider never receives a name, number or account it could re-identify.
- 01
Step 01 · Capture — your prompt, in the clear
Your team writes exactly as they always would: full names, BSNs, KvK and btw numbers, IBANs. Faylo works inside your existing tools and detects Dutch entities — person, organisation, BSN, KvK, btw and IBAN.
- 02
Step 02 · Refract — identifiers split & pseudonymised
Each identifier is detected and replaced with a stable, opaque token, for example [[ORG_4f9c2a]] or [[BSN_5c0a]]. The value-to-token mapping is written to a vault that never leaves your tenant. Deterministic: the same value always gets the same token within a session.
- 03
Step 03 · Reason — the model sees only tokens
The pseudonymised prompt is sent to the model. Because tokens are consistent, the model reasons about relationships and context at full quality — without any value it could re-identify. No name, number or account ever reaches the provider.
- 04
Step 04 · Restore — tokens resolved in your answer
The model’s response comes back still tokenised. Faylo resolves every token against the local vault, so your team reads a clean, fully restored answer about the real client. Resolution happens locally and users never see a token.
What the provider never sees
Identifiable identifiers are replaced with tokens before egress. Non-identifying figures — revenue, salary, balances — pass through unchanged, exactly what the reasoning needs.
Person names
Personal names and roles are detected and tokenised before they leave the environment.
Organisations, KvK & btw
Company names, KvK and btw numbers become stable tokens while their mutual relationships are preserved.
BSN & identifiers
Citizen service numbers (BSN) and other direct identifiers never reach the provider.
IBAN & accounts
Account numbers and IBANs are tokenised; the figures around them stay usable for analysis.
What firms ask before a pilot
Does pseudonymisation hurt the quality of the answer?
No. Because tokens are deterministic, the model still sees that “the same company” and “the same person” recur throughout the prompt, so relationships and context are preserved. Non-identifying figures — revenue, salary, balances — pass through unchanged, which is exactly what the reasoning needs.
What counts as an identifier?
Person names, organisation names, BSN, KvK and btw numbers, IBANs, addresses and other direct identifiers. The set is configurable per firm, and detection is tuned for Dutch entities and document formats.
Where are the value-to-token mappings stored?
In a vault inside your own tenant or on-premises environment. Faylo never holds the mapping or the keys, which means no one outside your firm — including us — can reverse a token back to a real value.
Which models can we use?
Faylo is model-agnostic and works with leading ChatGPT-class models. Because the provider only ever receives tokenised text, you can choose the model that fits your needs without changing the privacy guarantees.
Ready to see the pipeline on your own files?
We set up a short pilot in your environment and walk the architecture and audit logs with your DPO.