Skip to main content

Introduction to Piiano Vault

Learn about the basic and advanced features of Piiano Vault

Piiano Vault is the platform the industry needs for safely storing and using customers' sensitive and personal data. Whether hosted by Piiano in the cloud or self-hosted in the cloud or on-prem, Vault is a secure database, the home for Personally Identifiable Information (PII), Payment Information (PCI DSS), Protected Health Information (PHI), and sensitive secrets, such as your customers' webhook tokens.

Privacy and security covered with:

  • Full protection
  • All data access fully audited
  • Sensitive data segregated and kept in the Vault
  • Encryption at field level, at rest, and in transit (supporting search on encrypted data)
  • Tokenization and masking to protect traveling data
  • Design to protect from SQL injection, IDOR, etc.
  • Granular access controls, including for transformations and masking
  • Data and privacy compliance out of the box
  • Admins unable to access data (by default)
With Piiano VaultWith Piiano Vault

As a secure database, Vault supports the security and privacy requirements of data and privacy regulations such as the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).

Vault is made for developers, with simplicity a top priority. It has several editions and can be deployed anywhere – on your machine for development and testing and in the cloud for staging and production environments. Integration is straightforward, using the REST APIs and the pvault CLI.

Vault includes built-in semantic data types, such as name, email, SSN, credit card, OAuth tokens, KYC documents, etc. You can define custom data types including code to validate, normalize, and transform data.

These data types are used as part of the schema definition for objects, which makes Vault data-aware and enables it to be smart, with tokenization, transformations, and encryption features. For the first time, you can use personal data while inherently reducing its exposure and risk as much as possible.

Using semantic data types also means the data is always tagged and enables Vault to support data subject rights, such as Data Subject Access Request (DSAR) and the Right To Be Forgotten (RTBF).

Key features

  • Vault is dedicated to securely storing sensitive personal information. It removes the pain of understanding and implementing the data and privacy regulations' requirements and empowers and encourages the implementation of security and privacy by design.

  • Vault can store full name, phone number, email address, home address, SSN, know your customer (KYC) documents, payment details, and many more. It is hardened against data leaks and credentials theft, and monitors and limits data access.

  • PII and PCI DSS information have unique workflows and life cycles. Vault natively supports them while maximizing data protection, including searching, querying, and processing encrypted and protected information.

  • The security and privacy compliance requirements needed when storing PII, PCI DSS, PHI, and other sensitive information are built into Vault. For example, Vault includes seamless encryption and key rotation, tokenization, tight access controls, full audit, individual privacy rights implementation, and more.

  • Vault empowers the simple implementation of pseudonymization – the decoupling of PII from the original data sets.

  • Vault is built with developers in mind: making privacy engineering simple with APIs that enable the straightforward integration of Vault into applications.

At last, there's a specialized data store for sensitive personal information in your modern tech stack. Vault is deployed next to other data stores, so sensitive data stays within your account, in your full control.

Vault integrates with your applications, as other databases do.

Data pseudonymizationData pseudonymization

Next steps

On this page