TrustSavi
Data

Data in. Confidence out.

A valuation is only as good as its data boundary. Keep the file clean, lawful, traceable, and scoped.

Principles

Control the file.

Purpose first

Define the decision, users, audience, and reliance limits before a file moves.

Role clarity

Name each party's data role for every dataset and output.

Minimum necessary data

Send only the fields needed for the agreed analysis. Leave unrelated documents out.

Traceability

Keep source, date, field definitions, limitations, run record, and version together.

Minimum tape

Structured. Reconciled. Explainable.

  • Stable account, facility, or loan identifier that does not expose more identity data than necessary.
  • Product type, origination or vintage date, current status, default date, write-off date where applicable, and days-past-due bucket.
  • Original balance, current balance, arrears balance, write-off balance, accrued interest treatment, and recoveries posted to date.
  • Last payment date, payment amount history where available, collection-cost history, legal-stage flags, and settlement or restructure indicators.
  • Segmentation fields relevant to the model, such as product, vintage, balance band, province, channel, employer or sector code where lawful, and legal status.
  • Field definitions, exclusions, duplicates, reconciliation totals, cut-off date, currency, source system, and known data-quality limitations.
Controls

Govern the transfer.

Before transfer

Agree scope, authority, users, transfer method, retention, deletion, and incident contact.

During analysis

Separate source files from outputs. Log assumptions and material data issues.

After delivery

Return, delete, archive, or retain files only as agreed.

Transfer gate

The button is not the permission.

Preview uploads

Use dummy, redacted, synthetic, or approved files until live-data terms are signed.

Approved channel

Move live portfolio files only through the approved engagement channel.

Archive controls

Use ZIP files only when agreed. Exclude passwords, executables, keys, and unrelated folders.

Rejection right

Files outside scope, incomplete, corrupted, or unsupported may be rejected.

Do not send

Less data is stronger.

  • Passwords, API keys, private keys, access tokens, system credentials, or unrestricted database exports.
  • Identity documents, biometric data, health data, criminal records, children's information, or special personal information unless expressly required in writing.
  • Unredacted correspondence, call recordings, bank-card data, debit-order mandate images, or unrelated supporting documents.
  • Data for portfolios where the sender cannot confirm lawful authority, provenance, permitted use, and onward-transfer rights.

If sensitive information is genuinely required, the engagement must say why, who can access it, how it is protected, how long it is kept, and what happens when the work ends.