AI Usage Overview
Privacy by design
Pathfinder receives all requests through the Lobster API Server without any customer or user identifiers. This initial step ensures the system has no knowledge of which organization or individual submitted a request. On top of this, the Pathfinder Gateway automatically sanitizes and pseudonymizes the content of the request before it reaches AI agents. This guarantees agents only process redacted data, even if a query inadvertently contains sensitive information. As a result, stored interactions are fully anonymous. Where query integrity requires specific values (e.g. SQL generation), secure mapping preserves functionality without exposing original data to the AI.
Non-personal customer data
Pathfinder exclusively processes non-personal customer data — metadata and configuration data used to provide AI assistance. The following categories are automatically protected and never exposed to AI agents in identifiable form:
Protected data | Examples |
|---|---|
Information linked to individuals | Usernames, email addresses, personal identifiers. |
Credentials | Passwords, certificates, API keys. |
Network identifiers | IP addresses. |
Message payloads | Business data and content processed by the platform. |
Data processing and storage
Does Lobster use my data to train LLMs?
No. Neither Lobster nor the underlying foundation model provider trains Large Language Models (LLMs) using your data.
Lobster: Does not train LLMs on customer interactions.
AWS Bedrock: Enterprise service with no model training on customer inputs — your queries are processed for inference only.
Does Lobster store my interactions with Pathfinder?
Yes. Interactions are logged within Lobster's internal systems for:
Service quality monitoring.
Performance analytics.
Debugging and incident resolution.
Improving response accuracy and identifying common error patterns.
Important:
This data is used for operational purposes only — not for LLM training.
Stored interactions contain no customer or user identifiers and cannot be traced back to specific organizations.
What data is stored?
Pathfinder stores only sanitized, non-personal data for operational purposes. All stored data has been automatically pseudonymized by the gateway:
Data element | Stored | Sanitized? | Contains customer identity? |
|---|---|---|---|
User queries | Yes | Yes | No |
Agent responses | Yes | Yes | No |
Request metadata | Yes | Yes | No |
Timestamps & latency | Yes | N/A | No |
Data is subject to automated retention policies and is purged when no longer needed for operational purposes.
What data does the SQL generation agent receive?
The SQL agent receives the database schema only — it sees the structure of your database (table names, column names, data types, relationships) but never the actual data stored in those tables.
Data element | Visible to SQL agent |
|---|---|
Table names | Yes |
Column names | Yes |
Data types | Yes |
Relationships (keys) | Yes |
Actual row data | No |
Values in tables | No |
This design ensures the AI can generate accurate SQL queries while your business data remains in your platform instance. Only structural metadata (schema definitions) is transmitted — never the actual content or payloads stored in your tables.
Can I opt out of data storage?
Data logging supports service delivery, quality assurance, and support capabilities. While opting out is not currently available, all stored data is automatically sanitized and contains no customer identifiers — ensuring your privacy is protected regardless.
Architecture and isolation
How is Pathfinder deployed?
Pathfinder operates as a centralized service within Lobster's managed AWS infrastructure. All Lobster Data Platform instances connect through the Lobster API Server, which forwards requests without customer or user identifiers.
All infrastructure — including AI models — is hosted exclusively in EU regions.
Where is my data processed and stored?
No data leaves the European Union.
Component | Location | Data residency |
|---|---|---|
Pathfinder services | AWS EU region | EU only |
AI models (AWS Bedrock) | AWS EU region | EU only |
Operational data store | AWS EU region | EU only |
How is my data protected from other customers?
Pathfinder implements privacy-by-design through its architecture:
Automatic sanitization — the gateway pseudonymizes sensitive data before it reaches AI agents, ensuring agents only process redacted information.
No customer identifiers reach Pathfinder — requests arrive via the API Server without information about the originating customer or user.
Complete isolation between customers and users — no context, conversation history, or data is ever shared across different customer systems or between different users. Each interaction is fully independent.
Stored data cannot be attributed — there is no way to correlate interactions to specific customers or users.
Strict context boundaries — even within a single session, conversation contexts are isolated and cannot access information from other sessions or users.
Each request is:
Processed without knowledge of who submitted it.
Treated as a standalone, anonymous interaction.
Stored without any customer-identifying information.
Is this a multi-tenant system?
Yes, Pathfinder is a shared service infrastructure. However, the architecture provides strong privacy guarantees:
Pathfinder has no visibility into which customer submitted any request.
Stored data cannot be correlated to specific organizations.
Each request is processed independently.
Cross-customer data attribution is not possible.
Transparency
Which AI systems does Pathfinder use?
To provide a secure, scalable, and compliant service, we have built Pathfinder on Amazon Web Services (AWS).
Component | Technology | Data handling |
|---|---|---|
Large Language Models | AWS Bedrock | Inputs are not used for model training. Content may be monitored to prevent abuse. |
Hosting region | EU region | Our policy ensures data processing and storage remains within the European Union. |
Custom embedding models | AWS deployment (EU) | Used for internal search, operating within the EU region per AWS regional services. |
Why we chose AWS Bedrock
Partnering with AWS Bedrock allows us to provide an enterprise-grade AI infrastructure with these key data handling commitments:
Strict data privacy: In line with AWS’s policies, your data, inputs, or outputs are not shared with third-party model providers. As detailed in the AWS Service Terms (section 50.12), content may be monitored to prevent abuse, and necessary metadata is processed for billing.
No training on your data: Customer data submitted to Pathfinder is processed for inference only. As confirmed by AWS, your data is never used to train the underlying foundational models.
EU data residency: We have architected Pathfinder to process and store all data within the European Union. While the underlying AWS platform provides optional cross-region capabilities, our standard implementation ensures your data remains in the EU, a principle aligned with the AWS Digital Sovereignty Pledge.
Verifiable enterprise compliance: Our service inherits the robust security and compliance of the AWS framework. Through tools like AWS Artifact, we can provide access to compliance reports that verify adherence to numerous global standards, as outlined in AWS's introduction to security compliance.
What technical measures protect my data?
Layer | Protection |
|---|---|
Data sanitization | Gateway automatically pseudonymizes sensitive data before AI processing. |
AI guardrails | Additional protection layer at the model level. |
Privacy architecture | No customer identifiers reach Pathfinder. |
Data residency | EU regions exclusively — no data transfer outside EU. |
Transport | TLS encryption (HTTPS) for all communications. |
Network | Private VPC with controlled access. |
Access control | API gateway authentication. |
AI infrastructure | AWS Bedrock (no external LLM providers). |
Monitoring | Comprehensive logging for security auditing. |
Data ownership and rights
Can my data or metadata reveal business information to others?
No. The architecture ensures:
Pathfinder does not receive information about which customer or user submitted a request.
Stored interactions cannot be linked to specific organizations.
Customer-level analysis is not possible because the system has no knowledge of customer identity.
Your processes, suppliers, products, and pricing cannot be associated with your organization within Pathfinder.
Personal information (usernames, emails), credentials, IP addresses, and message payloads are never exposed to the LLM in identifiable form.
Summary
Question | Answer |
|---|---|
What data do AI agents see? | Sanitized, pseudonymized data only — sensitive information is automatically redacted. |
Is my data used for LLM training? | No — neither by Lobster nor by AWS Bedrock. |
Can stored data be traced to me? | No — Pathfinder receives no customer identifiers. |
Can I opt out of storage? | No — logging is integral to service delivery. |
Is this a shared system? | Yes — centralized infrastructure, but requests contain no customer identity. |
Can other customers access my data? | No — data cannot be attributed to any specific customer. |
What AI technology is used? | AWS Bedrock — EU region. |
Where is my data processed? | EU exclusively — no data leaves Europe. |
Does Pathfinder have access to database content in the SQL agent? | No — Pathfinder only has access to the schema for which the SQL agent is triggered. |
For additional questions regarding AI usage, data handling, or security measures, please contact your Lobster account representative.