Privacy you can verify in the architecture.
Most AI vendors ask you to trust a policy. Faylo asks you to inspect a design. The guarantee that client data never leaves in the clear is a property of how the pipeline is built — not a promise on a slide.
An honest note on certifications
Faylo does not currently hold ISO 27001, SOC 2 or any formal AVG certification, and we will never claim one we don’t have. What we offer instead is an architecture where identifiable client data is removed before egress — something you and your own data protection officer (DPO) can audit directly, today.
What we can actually promise
Plain-language guarantees, grounded in how the system works.
No identifiable data leaves in the clear
Names, BSNs, KvK, btw and IBAN numbers are detected and replaced with tokens before any request leaves your environment. The provider receives pseudonymised text only.
Deterministic, reversible only by you
Tokenisation is deterministic within a session, so context is preserved. The value-to-token mapping is the only way back — and it exists solely inside your tenant.
No training on your data
Requests run as stateless inference. Faylo never uses your prompts or documents to train models, and tokenised traffic carries nothing that could be learned about a real client.
You hold the keys, literally
Encryption keys and the mapping vault live in your Azure tenant or on-premises. Faylo operates the software; you retain custody of everything that could re-identify a person.
What stays in, what goes out
There is exactly one line that client identifiers never cross. Here is what sits on each side of it.
Inside your tenant
- Original client names, BSNs, KvK, btw and IBAN
- The value-to-token mapping vault
- Encryption keys and audit logs
- Token resolution of the final answer
Sent to the AI provider
- Pseudonymised prompt with [[ENTITY]] tokens
- Non-identifying figures (revenue, salary, balances)
- The tokenised response, returned for local resolution
How it behaves in production
Operational properties.
EU-region processing
Inference runs against EU-resident model endpoints. No client traffic is routed outside the region you choose.
Full audit trail
Every refraction and resolution is logged in your tenant, so your firm can reconstruct exactly what was tokenised and when.
Processing agreement ready
A verwerkersovereenkomst (DPA) is in place before any pilot, with Faylo acting strictly as processor under your instructions.
Least privilege by default
Faylo personnel have no path to your mapping vault or keys. The software runs with the minimum access needed and nothing more.
Common privacy questions
Is my client data sent to OpenAI or Anthropic?
No — not in identifiable form. The provider receives pseudonymised text only: names, BSNs, KvK, btw and IBAN are replaced with tokens before the request leaves your environment. Only non-identifying figures and the tokens themselves reach the model.
Does Faylo hold ISO 27001 or SOC 2 certification?
No. Faylo holds no ISO 27001, SOC 2 or AVG certification today, and we make no certification claims we cannot back up. Trust rests on the architecture: you and your DPO can verify directly that identifiable data is removed before egress.
Can Faylo re-identify our tokens back to real people?
No. The mapping vault and encryption keys live in your own tenant or on-premises. Faylo holds no copy and has no access path; no one outside your firm can reverse a token back to a real value.
Does that make Faylo AVG-compliant?
Compliance is a property of your firm and your processing, not something a vendor can tick off for you. Faylo is designed to support your AVG/GDPR obligations — by keeping identifiable data within your control — but we do not present ourselves as “certified” or “compliant”. Assess the architecture together with your own DPO.
Our roadmap
Today we are not certified. If we pursue a formal certification track in the future (for example ISO 27001), we will say so here — and only once it is actually achieved, never as an upfront promise.
Have your DPO assess the architecture
Book a pilot and walk the trust boundary, the vault and the audit logs with your data protection officer.