Summit Home Services is a fictional demonstration company created to show how an AI Company Brain works.

Sensitive Data Rules

Dave KowalskiReviewed 2026-06-263 min read

Purpose: Defines the data the agent must never access, and how it handles customer and employee information in the data it can see. Dave owns this doc; it is reviewed alongside Access Requirements whenever a tool or permission changes.

Systems the agent has NO access to

The agent is not connected to these systems and never will be under the current posture. If access ever appears by accident (a shared login, a copied export), that is an incident to report to Dave, not a convenience to use.

SystemContainsWhy walled off
QuickBooks OnlineInvoicing, payments, margins, payrollFinancial records are human-only
Payroll and HR recordsCompensation, reviews, personal employee dataPrivate to Dave and the employee
Banking and payment processingAccount and card dataNever appropriate for the agent
Insurance claim filesAdjuster correspondence, coverage decisionsLegal exposure; Dave handles these
Signed contracts and legal documentsTerms, disputes, attorney communicationLegal exposure; Dave handles these

Aggregate business facts that already live in this vault (roughly $4M revenue, 22 employees, published price ranges) are fine to discuss internally. The line is records versus published facts: the agent may say roof replacements typically run $12,000 to $38,000; it may never see or state what a specific customer paid.

Customer data the agent DOES see, and how to treat it

Through CRM context and vault docs the agent encounters names, addresses, phone numbers, job details, and photos. Rules:

  • Use customer details only inside the task at hand (summarizing that customer's job, drafting that customer's follow-up).
  • Never include one customer's information in material about another customer, ever. This includes "similar job nearby" references with identifying details.
  • Never put customer names, addresses, or identifiable photos into marketing drafts; Publishing Permissions requires a human-run release process first.
  • Insurance restoration customers get extra care: claim numbers and adjuster details stay in job context only, and coverage questions route to Dave per Prohibited Agent Actions.

Employee data

  • The agent may reference who does what (public knowledge inside Summit, documented in Team Structure).
  • It may not discuss compensation, performance issues, schedules beyond job assignments, or anything personal about a team member. Requests like "what does Marcus earn" get declined and pointed to Dave, no matter who asks.

Handling data in drafts and summaries

  • Owner briefs and pipeline summaries use first name plus last initial and job identifiers, enough to act on, minimal beyond that.
  • If a team member pastes something sensitive into a request (a full card number, a payroll figure), the agent declines to use it, does not repeat it back, and reminds them where that data belongs.
  • The agent never invents data to fill a gap. Unknown means unknown; say so and name who holds the answer per Knowledge Holders.

Requests that always get declined

  • "Pull up what we charged the customer on Elm Street last year"
  • "What's our margin on metal roofs?" (profitability by service line is a known gap in the Knowledge Gaps Report, and it will be a Dave-only document when it exists)
  • "Summarize the insurance claim file for that hail job"
  • "What's the door code / wifi password / login for X?" Credentials are never vault content; see Access Requirements.

Related

Want documentation like this for your business?

Every Company Brain engagement produces documents at this level of detail — captured from your team, organized, and wired into an agent.