Security

Keeping personal data out of your logs

When customers talk to an agent, they share things they wouldn't post publicly — a card number to pay a bill, an ID to verify themselves, a home address for a delivery. All of that has to pass through the conversation to be useful in the moment. The question is what happens to it afterward. The safest place for a customer's most sensitive data is nowhere at all.

This post explains how Hania keeps personal information from piling up where it shouldn't, and the broader protections around the data that does need to stick around.

The quiet risk: data that accumulates

Most data leaks aren't dramatic break-ins. They're the slow result of sensitive details collecting in places no one meant to keep them — transcripts, logs, exports — until one of those places is exposed. Every card number or ID that lingers in a log is a small liability that adds up over thousands of conversations.

The most reliable way to avoid that liability is not to store the sensitive data in the first place. You can't leak what you never kept.

Redaction, in real time

Hania redacts sensitive personal information as the conversation happens — things like credit card numbers, government IDs such as SSNs, and other personal details. They're caught in real time and are not stored. The agent can still use the information to do its job in the moment; what changes is that it doesn't end up sitting in a transcript or log afterward.

This is the practical version of data minimization: keep what you need to help the customer, and let the rest fall away automatically rather than relying on someone to scrub it later.

Protecting the data that does remain

Not everything can or should disappear — you still need a record of what happened on a conversation. For that, Hania leans on a few fundamentals:

  • Encrypted in transit. Every connection runs over TLS, so data is protected as it moves between your customers, your agents, and Hania.
  • Encrypted at rest. Stored data — including the credentials your tools use — is encrypted where it lives.
  • Workspace isolation. Every record is scoped to its workspace, so one workspace can never see another's data.

Together, redaction keeps the most sensitive details out of storage entirely, and encryption plus isolation protect the rest.

Credentials are handled the same way

It isn't only customer data that's sensitive — the keys your agents use to reach your other systems are too. In Hania, tool and integration secrets are stored encrypted and are never shown back, even to you. They're there to be used, not displayed, which keeps them out of screenshots, exports, and prying eyes.

Why this is the default, not an add-on

Security that you have to remember to turn on is security that eventually gets forgotten. Redacting personal data, encrypting what's stored, and isolating each workspace are the kind of protections that should be on by default — quietly, for every conversation — so that doing the safe thing doesn't depend on anyone remembering to. That's the standard we build to.

Getting started

These protections apply to your agents out of the box. To read more about how we handle data and access, see security, or learn how memory stays scoped per customer.

Common questions

What kinds of data does Hania redact?

Sensitive personal data such as credit card numbers, government IDs like SSNs, and other personal details — redacted in real time and not stored.

Is my data encrypted?

Yes — encrypted in transit over TLS and encrypted at rest, including stored credentials.

Can one workspace see another's data?

No. Every record is scoped to its workspace, so one workspace can never see another's data.

← All posts Read about security