How Capillary Identifies and Uses PSI and PII

Capillary uses PSI to enforce access control and data masking, and PII to support data deletion and regulatory compliance.

The table below shows how different data types are treated by default and where configuration is allowed.

Notes and clarifications

• Always PII means the field is automatically included in deletion and compliance workflows.

• Always PSI means the field is masked unless the user or API client has PSI access.

• Configurable means you explicitly decide whether the field should be treated as PSI or PII.

• External ID is never masked to ensure system traceability and integration stability.

• Behavioural event attributes can be masked (PSI) but are not considered PII by default.

Note: PSI and PII marking in connected organisations

In a Connected Organisation setup, PSI and PII behaviour depends on where the field is defined.

Extended fields

• Extended fields defined at the parent organisation are inherited by all child organisations.
• PSI or PII marking applied at the parent level applies automatically across all connected child organisations.
• Child organisations cannot override PSI or PII settings for parent-level extended fields.

Custom fields

• Custom fields follow organisation-specific ownership.
• PSI and PII marking applies only within the organisation where the custom field is created.

Behaviour:

• Parent-level custom fields

  • PSI/PII marking applies only at the parent organisation.
  • Child organisations cannot modify or override these settings.

• Child-level custom fields

  • PSI/PII marking applies only within that specific child organisation.
  • Other child organisations and the parent organisation are not affected.