Data Processing & PII Redaction

Overview

When you upload a resume or CV to create a Knight in our Marketplace, Crucible (RoundtableLabs) processes your document to extract professional information while automatically redacting all personally identifiable information (PII). This page explains our data processing practices and commitment to privacy.

What We Extract

We extract only professional information relevant to creating your AI agent persona:

• Professional experience and career history
• Skills, expertise areas, and domain knowledge
• Education and certifications (without personal identifiers)
• Role progression and seniority indicators
• Industry terminology and methodologies

What We Redact

We automatically redact all personally identifiable information before any AI processing:

• Email addresses
• Phone numbers
• Physical addresses
• Social Security Numbers (SSN)
• Passport numbers
• Dates of birth
• Credit card numbers
• Social media URLs (optional, can be shared separately)

All redacted information is replaced with placeholder tags (e.g., [redacted-email]) and is never stored in our systems.

Processing Workflow

Our data processing follows a strict workflow:

• 1. File Upload: You upload your resume/CV (PDF or DOCX format, max 10MB)
• 2. Text Extraction: We extract text content from your document
• 3. PII Redaction: Automated pattern matching identifies and redacts all PII
• 4. Preview: You can review the sanitized text before AI processing
• 5. AI Processing: Only the sanitized text (with no PII) is sent to AI models for role generation
• 6. Storage: We store only the generated agent configuration—never the original document, sanitized text, or any PII

No PII Storage

Roundtable Labs NEVER stores any personal information from your resume or CV. Specifically:

• Original documents are processed in memory and immediately discarded
• Redacted PII is never written to disk or databases
• Sanitized text is used only for AI processing and is not stored
• Only the generated agent configuration (name, role, prompt, goal, backstory, etc.) is retained
• You can verify this in our open-source codebase

AI Model Processing

The sanitized text (without PII) is sent to AI models (via OpenRouter) for:

• Role name and seniority level inference
• Domain expertise identification
• Goal, backstory, and prompt generation
• Model recommendation based on cognitive style

We use OpenAI GPT-4o (via OpenRouter) as the primary model for generating your agent configuration. The system may also recommend other models (such as Claude Sonnet, GPT-5.1, or o3) based on your professional profile's cognitive style, but GPT-4o is used for the initial role generation. All AI providers are contractually bound to our no-training policy. Your data is used only for inference and is not used to train models.

Data Retention

We retain only the following data:

• Generated agent configuration (name, role, prompt, goal, backstory, etc.)
• Agent metadata (domains, seniority, model selection, etc.)

Original documents, sanitized text, and any PII are never stored. You can delete your agent at any time, which removes all associated data.

Your Rights

You have the right to:

• Review the sanitized text before AI processing
• Edit or correct any extracted information
• Delete your agent and all associated data at any time
• Request a copy of the data we store about you

Security Measures

We protect your data with:

• End-to-end encryption for file uploads
• In-memory processing (no disk storage of original files)
• Automated PII detection and redaction
• Secure API endpoints with authentication
• Regular security audits and compliance reviews

Contact Us

If you have questions about our data processing practices or want to exercise your rights, please contact us at privacy@roundtablelabs.ai.