Data protection
Detection modes, the 60-detector library, person-name detection, the model notice, and retention.
Data protection runs on every request before dispatch. The default mode is tokenize: every detected value is swapped for a stable typed token like «EMAIL_1». Only tokens reach the provider, and the response is restored to the real values on its way back to you, streamed or not. The token map lives in memory for the life of the request and is never persisted.
Other modes: mask rewrites detected values irreversibly, block refuses the request with 422, and allow_log passes it through while flagging the audit row.
60 built-in detectors ship out of the box: 28 for personal data, including a checksum-validated EU national-ID pack, and 32 for secrets and credentials. Each one can be toggled per organisation, and custom terms (plain or regex) cover anything specific to your business:
Person-name detection
Names are the hardest PII class: no pattern matches them. Sluis adds four opt-in layers: context heuristics (honorifics, salutations, signatures), email correlation (derives names from addresses in the same text), a tenant name directory, and NER, Sluis's own multilingual recognition model that ships with the deployment and runs inside it, so text never leaves your perimeter to be scanned.
Model notice
When tokenization rewrote a request, Sluis injects a leading system message telling the model the «…» tokens are opaque placeholders it must keep intact; that is what keeps the restore reliable. On by default; customise or disable it per organisation.
Retention & audit fidelity
Content retention (request and response bodies for the audit log) is on by default and encrypted at rest; audit fidelity chooses whether retained content stores the tokens or the original values. Turn retention off for a metadata-only ledger; that also disables the response caches.