# Confidential Data Detection

Nullify inspects every diff for sensitive personal information that should never live in source control. When detected, the finding appears in the secrets channel with the relevant PII category and rotation guidance.

## Categories We Classify

* Personal information: surnames, email addresses, phone numbers, postal addresses, dates of birth.
* Financial information: payment card numbers and bank identifiers.
* Location and identity data sourced from structured dumps or seed files.

All detections currently focus on English-language datasets.

## Example Workflow

1. A developer commits a seed file containing realistic user records (`create.sql`).
2. Nullify analyses the diff, labels the exposure as **Personal Information**, and posts the finding to the dashboard.
3. The reviewer can remediate, suppress with justification, or convert the event into a campaign task.

> 💡 PII detection is available to enterprise tenants on request. Contact your Nullify representative to enable it for your environment.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nullify.ai/capabilities/code-reviews/secrets-detection/confidential-data-detection.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.