Xoxoday Plum supports the removal or de-identification of sensitive data from its AI systems upon valid customer request, governed by enterprise-grade compliance frameworks including GDPR, CCPA, ISO 27001, and SOC 2 Type II.
AI Data Governance by Design
Xoxoday Plum is built on enterprise-grade data governance principles. Across all product modules—rewards, employee engagement, sales incentives, loyalty, and merchant offers—AI features operate within strict data handling boundaries that honour individual and organisational data rights. Sensitive data removal is a supported workflow, not a one-off exception. Xoxoday Plum’s compliance posture aligns with the right to erasure under GDPR and equivalent rights under CCPA, covering both structured records and data processed through AI systems.Session-Scoped AI Processing
LLM-based features within Xoxoday Plum—such as reward explanation bots and natural language query interfaces—do not persist user-specific inputs beyond the session scope. When a query completes, no user-identifiable data is retained in the model or its context. Purge requests can be executed without degrading model performance. For sales incentives workflows, custom dashboards built through natural language queries are temporarily cached and can be purged or redacted by an administrator or through the support team at any time.Tenant-Isolated Deletion
Xoxoday Plum operates a multi-tenant architecture in which each organisation’s data—including AI interaction history—is logically segregated and encrypted with per-tenant keys. This isolation ensures deletion actions are precise and cannot inadvertently affect another organisation’s data. Administrators can raise deletion requests for engagement logs, recognition data, and user-generated content through data control APIs and administrative workflows. Deletion confirmations and audit logs are available to support compliance reviews under ISO 27001 and SOC 2 Type II.PII Sanitisation Before Model Ingestion
Within the Employee Engagement module, Xoxoday Plum applies AI-driven content moderation to scan and block personally identifiable information before it reaches internal models. This prevents long-term PII retention by design, rather than relying solely on post-hoc deletion. Consent-based processing governs AI-driven analytics including skill mapping and sentiment analysis. Administrators or users can revoke consent and trigger removal of associated processed data at any time.Disabling AI Modules for Sensitive Use Cases
For situations where data sensitivity requires a more conservative approach, Xoxoday Plum allows AI modules to be disabled at the tenant or use-case level. This prevents further processing without requiring deletion of underlying records, giving your organisation granular control over AI exposure. This option is particularly relevant for organisations that integrate Xoxoday Plum with HRMS platforms such as Workday, SAP SuccessFactors, or Darwinbox, where data residency or sector-specific regulations may restrict AI-driven processing of employee records. Learn more: [Xoxoday Plum Help Centre — AI Data Security](GDPR & CCPA Compliance on Xoxoday Plum
Understand how Xoxoday Plum handles data subject rights, lawful processing bases, and cross-border data transfers across all product modules.
Data Encryption and Multi-Tenant Architecture
Learn how per-tenant encryption keys and logical data segregation protect your organisation’s data at rest and in transit.