Customer data privacy

Your clients may enter sensitive information like credit card numbers or social security numbers into their messages. When these messages come into Gorgias, this sensitive information is automatically obfuscated/scrambled so your agents don't have access to it. 

How it works

Before a new message is stored in our database, it is scanned for records that fit the format of sensitive numbers; if any credit card numbers or social security numbers are detected, they are automatically obfuscated or stripped before being stored in the database and displayed to agents and users. Your clients' sensitive numbers are never stored by Gorgias. 

Numbers that are between 13 and 19 digits long are considered for obfuscation. This is the length of most major credit card numbers. The Luhn algorithm is then used to validate the credit card number. The number is obfuscated only when it passes validation. The last four digits of the card number are preserved; the rest are replaced with a special character (*).

For example, if an incoming ticket contains the text:

  • "My credit card number is 4532 0151 1283 0366."

It is stored in Gorgias as:

  • "My credit card number is **** **** **** 0366."

Tickets that contain a string with valid social security numbers are also obfuscated. 

If an incoming ticket contains the text:

  • "I need help. My social security number is 123-45-6789."

It is stored in Gorgias as:

  • "I need help. My social security number is ***-**-****."
This obfuscation satisfies Requirement 3 of the Payment Card Industry’s Data Security Standard (PCI DSS), "Protecting stored cardholder data".
In order to protect your privacy, we use unlisted public URLs for storing our attachments and displaying them for our customers in the Helpdesk UI. These public URLs are long and randomized strings and would be impossible for someone to guess. We store all attachments including photos, voicemails, and call recordings (once live) in these URLs.

Gorgias performs these privacy checks automatically with no work required on your part, so you can be assured that your users' sensitive data remains hidden!


What do you think? Yay or Nay?