# scrub-customer-pii **Rule:** The personal data of REVIEWERS (the end customers who left the reviews) is scrubbed at ingest. It does not flow to third-party LLM calls, it does not appear in logs in unscrubbed form, it does not get shared across tenants. This hook is about REVIEWER PII, not operator PII. The operator's name, email, and phone are the operator's own data we hold in their account; that's normal SaaS-customer data covered by the privacy policy. **What gets scrubbed at ingest (review-aggregator does this):** - Reviewer full name -> first name + last initial only. "Alex R." not "Alex Rodriguez". - Any email address mentioned in the review body -> `[REDACTED EMAIL]`. - Any phone number mentioned in the review body -> `[REDACTED PHONE]`. - Any street address mentioned in the review body -> `[REDACTED ADDRESS]`. - Profile photo URLs are not stored at all. **What does NOT get scrubbed:** - The reviewer's first name + last initial (we need to be able to greet them in a response). - The review body text after the scrub above. - The rating, platform, date. **Logging:** - Agent prompts and outputs that touch reviews land in `/agent_logs/` in D1 with the same scrubbing applied. Operator can read their own logs; tenant isolation prevents cross-tenant reads. - Errors that quote a review excerpt scrub it first. **Third-party LLM calls:** - The reviewer's first name + last initial is allowed in the prompt to the response-drafter (Sonnet 4.6) so the response can address them by name. Nothing beyond that. - We do not send raw review bodies through any model OTHER than the one approved for that specific agent's workflow. No general "summarize all this customer feedback" jobs without explicit consent. **Customer (operator) data subject rights:** - Operators can export or delete all their data on request. Reviewer PII in their tenant is part of that scope. - The same is true for reviewers themselves, although in practice they would not know to ask us; the platforms own the relationship. **Why this exists:** reputation software is a soft target for PII leakage. We get out ahead of it.