Detection profiles, categories, and severity
How profiles, data categories, and severity levels fit together, and how to tune them per team and per app.
Detection profiles
Choose which categories BeeSensible highlights.
| Entity | Severity | Enabled |
|---|---|---|
| Email address | Warning | |
| Full name | Warning | |
| Phone number | Warning | |
| Street address | Warning | |
| IBAN | Critical |
A detection profile defines what BeeSensible looks for and how it treats each finding. It pulls together three things:
- Categories: the kinds of data BeeSensible can recognize.
- Severity: how strongly each category is flagged.
- Scope: which app the rule applies to.
Profiles live under Detection → Profiles in the admin dashboard. Profiles are assigned at the group level. A user belongs to one group for detection purposes.
Severity levels
| Level | Highlight | What the user sees |
|---|---|---|
| Critical | Red | A clear prompt to remove, replace, or mask before sending |
| Warning | Yellow | The detection is shown; no prompt |
| Off | None | The data type is not detected for this profile |
The extension does not block sending. Even Critical detections leave the choice with the user.
Categories
BeeSensible recognizes sensitive entities across categories that include identity and authentication, health and medical, financial, location and contact, sensitive personal attributes, technical credentials, travel, and general business. The exact entity types and their default severity are configurable per profile.
If you need a specific list of entity types for an RFP or factsheet, contact hello@beesensible.eu for the verified version.
Default profile and custom profiles
Every workspace has a Default profile. It applies to anyone whose group does not have a more specific profile assigned. You can edit the default. You cannot delete it.
Custom profiles let you tailor behaviour per team. A medical-records team may want every health identifier set to Critical. A customer-support team may want most email addresses set to Warning, because handling them is part of their job.
Creating a profile
- Open Detection → Profiles.
- Click New profile.
- Give it a name that says what it is for ("HR strict", "Customer support reduced noise").
- For each data type, set the severity (Critical, Warning, or Off).
- Click Save.
The profile is available immediately. It does not affect anyone until you assign it to a group.
Assigning a profile to a group
- Open Users → Groups.
- Pick the group.
- Open the Detection profile tab.
- Pick the profile.
- Click Save.
Group members start using the new profile at their next extension sync.
Per-app severity overrides
Within a profile, you can override severity per app. A common case: email addresses set to Warning by default, but Critical when typed into ChatGPT or another external AI tool. Apps without an explicit override fall back to the profile default.
Disabling a data type
If a data type produces too much noise for a particular team, set it to Off in their profile. Disabled types produce no detections and consume no processing. Use the profile description field to record why a type was disabled, so it is clear to whoever picks it up next.
Recommended starting points
| Use case | Starting point |
|---|---|
| External AI tools | All identity, financial, and credential categories at Critical |
| Internal email | Identity at Warning, financial at Critical, credentials at Critical |
| Internal chat | Financial at Critical, identity at Warning, others at Off |
| Internal tools | Credentials at Critical, everything else at Off |
These are starting points. Run them with a pilot group, look at the handled rate, and tune from there.