Keep customer PII from walking out of your CRM
An agent reading Salesforce or HubSpot pulls emails, phone numbers, and addresses into its context and your chat logs. Mask them on the way out.
For: RevOps and data-governance owners exposing a CRM to AI tooling
A CRM record carries the personal data you're accountable for: emails, mobile numbers, mailing addresses, birthdates, sometimes an SSN or a card number dropped into a notes field. Point an agent at those records to "draft a follow-up" and it pulls all of that straight into its response. From there it copies into the model context and the chat transcript, which then gets logged somewhere outside the CRM.
This is an egress problem. The values already exist in Salesforce and HubSpot, so there's nothing to block on the way in. The leak happens on the way out, when the response is handed back to the MCP client. redact-pii (one policy per app) is transform-only. It never denies a call; it rewrites matching fields and patterns to [REDACTED] before the caller sees them. Name and Account stay intact by design, so the records remain usable.
That covers reads. Add protect-contact-fields on the ingress side to stop agents from overwriting protected contact data: ownership, account linkage, consent flags. That covers both directions. Protected fields don't read out, and protected fields can't be overwritten.
Policies in this guide
Salesforce Redact PII
Redacts personal contact information from Salesforce tool responses before they reach the caller.
Salesforce Protect Contact Fields
Blocks Salesforce Contact updates that modify protected fields — ownership, account linkage, contact PII, name, and consent flags.