PII-free architecture
Your customers stay invisible.
Mechanus IQ never receives customer names, addresses, phone numbers, email, or SIN. The dealer strips PII at source before the CSV ever leaves the DMS. Employees enter the system only as anonymous dealer-assigned personnel codes. Every one of the 1044 detection vectors operates on operational data, not personal data.
Sample column surface
Representative slice of the deal log ingestion schema. Dealer-side export templates enforce the left column (stripped) is never present.
| Treatment | Column | Reason |
|---|---|---|
| stripped | Customer first and last name | Stripped at dealer export |
| stripped | Customer address | Stripped at dealer export |
| stripped | Customer phone, email, SIN | Stripped at dealer export |
| stripped | Employee name | Replaced by dealer-assigned anonymous personnel code |
| kept | Deal #, stock #, RO # | Operational identifier, no PII |
| kept | Deal gross, reserve, product attach | Operational financial data |
| kept | Advisor personnel code | Anonymous code assigned by dealer |
| kept | Lender identifier | Institutional, not personal |
| kept | Funded date, status | Operational event data |
| kept | VIN (optional) | Dealer decides; not required by MIQ |
Residency
- Data never leaves AWS ca-central-1.
- LLM inference is routed through AWS Bedrock, which keeps inference inside the Canadian boundary.
- Backups, snapshots, and disaster recovery all in-region.
Regulatory fit
- PIPEDA: the system was architected to avoid the compliance footprint, not just meet it.
- FINTRAC: reporting thresholds and data classification align with the federal AML framework.
- BC RIA 2027: appearance-style product review, GAP, warranty, and proposed Rule 7(25) disclosure fields are already in the diagnostic surface.