E-commerce
July 1, 2026
“The chatbot gave the sender's name to the recipient.” “The AI sent the invoice to the wrong email.” “Bot promised identity revelation without contacting the buyer.” Three failures where a poorly calibrated anonymous gift bot breaches confidentiality faster than an untrained agent.
An anonymous gift AI chatbot does not replace ANONGIFT (#549) agents. It reads ANONGIFT-MAP, applies NO-REVEAL-BOT, cites grounded buyer proof, and hands off consent breach to humans.
This guide #550 covers intents bot_anongift_*, flow ANONGIFTbot, and KPI anongift_bot. Bot pair of the ANONGIFT playbook (#549). New sensitive AI use case: helping without revealing buyer identity.
Summary
Why automate anonymous gifting with a bot?
"Who sent me this package?" and "discreet proof that the gift has been shipped" queries skyrocket in December. A calibrated bot responds without revealing information, verifies whether the user is the buyer or recipient, and quotes Shopify tracking without exposing the buyer's email.
What the Tier 1 bot resolves
Anonymity Policy: NO-REVEAL quotes ANONGIFT-MAP
Buyer Proof: tracking delivery confirm buyer verify
Sender Masking: sender_display status fulfillment
Recipient Scope: RECIPIENT-LIMITED package info only
Surprise FAQ: notification_rule no recipient SMS
The CNIL emphasizes data minimization in customer relations (CNIL, legal bases 2026). The bot intercepts bot_anongift_recipient_who before accidental disclosure.
.
ANONGIFTbot vs ANONGIFT #549, gift #205 and privacy customer service
Five contents, five gift privacy layers.
Quick matrix
#550 ANONGIFTbot: tier 1 anonymity bot, proof without revealing
#549 ANONGIFT: agents consent breach reveal execute
#205 gift: gift order price message invoice
Privacy CS: personal data policy
Gift return bot: recipient return without revealing
Pipeline: bot scope cite → #549 consent reveal breach execute. #205 = global gift, no NO-REVEAL bot guardrails.
Which bot_anongift_* intents should be configured?
Eight anonymous gift bot intents mapped to typologies #549.
Eight bot_anongift intents
bot_anongift_recipient_who: recipient who sent NO-REVEAL
bot_anongift_buyer_proof: buyer proof of discreet shipping
bot_anongift_hide_sender: hide sender name before shipping
bot_anongift_anonymous_policy: anonymity policy site map
bot_anongift_tracking_leak: recipient received tracking surprise
bot_anongift_invoice_buyer: invoice to buyer, never recipient
bot_anongift_return_scope: recipient return limited info
bot_anongift_consent_handoff: revelation → handoff #549
Tier 1 auto: recipient_who, buyer_proof, anonymous_policy, hide_sender if order lookup + ANONGIFT-MAP + ROLE-VERIFY-BOT.
bot_anongift_consent_handoff, tracking_leak breach → agents #549 with payload order role intent.
How do I consume ANONGIFT-MAP #549?
The bot reads ANONGIFT-MAP #549: gift_flag, sender_display, recipient_info_scope, buyer_proof_allowed, reveal_process, packing_slip_rule, notification_rule.
Lookup grounded
Order verify: order number + buyer email or recipient zip
Role detect: buyer vs recipient question scope
ANONGIFT-MAP row: sender reveal proof notification rules
Fulfillment status: modifiable hide sender before ship
Mask PII log: MASK-BUYER-LOG email hash order ref only
Reveal gate: NO-REVEAL-BOT handoff consent #549
Alignment anti-hallucination (#123): buyer identity = never mentioned by bot, human consent workflow only.
ANONGIFTBOT-SUP policy in six rules
Six rules for a secure anonymous gift bot.
NO-REVEAL-BOT: bot never mentions the buyer's name or email
ROLE-VERIFY-BOT: buyer proof vs recipient scope before replying
ANONGIFT-MAP-GROUNDED: sender policy from map only
PROOF-BUYER-ONLY-BOT: tracking buyer invoice verification only
CONSENT-HANDOFF: identity reveal → agents #549
PRIVACY-ESCALATE-BOT: breach reported → immediate handoff #549
Flow ANONGIFTbot ANGB-1 to ANGB-8
Eight-step anonymous gift bot flow.
ANGB-1 Classify : bot_anongift_* intent detect
ANGB-2 Role verify : buyer recipient unknown collect
ANGB-3 Order lookup : gift_flag sender_display fulfillment
ANGB-4 ANONGIFT-MAP : scope reveal proof notification
ANGB-5 Guardrail : NO-REVEAL ROLE-VERIFY MASK-BUYER
ANGB-6 Respond : TPL-ANONGIFTbot grounded
ANGB-7 Handoff : consent breach → #549 payload
ANGB-8 Log : intent role_mask tag anongift_bot
TPL-ANONGIFTbot-NO-REVEAL Example
"We do not disclose the sender's identity without their consent. Parcel reference: [order_ref_masked]. If you wish to thank them, we will forward your message to the sender. Consent response time: [consent_sla map]."
TPL-ANONGIFTbot templates and touchpoints
Four essential templates.
TPL-ANONGIFTbot-NO-REVEAL
Sender confidentiality maintained. Reference [order_ref_masked]. Transmissible thank-you message. Consent SLA [consent_sla].
TPL-ANONGIFTbot-PROOF
Order [order_num] shipped [ship_date]. Tracking: [tracking_url]. Confirmations sent to your buyer email only. Recipient: no invoice or sender identity.
TPL-ANONGIFTbot-HIDE-SENDER
Status [fulfillment]. [If not shipped: masking request registered sender_display hidden.] [If shipped: parcel has left, contact us for next order.] Policy: [sender_display map].
TPL-ANONGIFTbot-HANDOFF
Request forwarded to a specialist confidentiality agent. Reference [order_ref_masked]. SLA delay [handoff_sla]. Intent [intent] role [role] payload #549.
Touchpoints
Gift help page: bot_anongift_anonymous_policy chip
Order tracking: bot_anongift_buyer_proof if buyer verify
Confidentiality footer: bot_anongift_recipient_who trigger
Anonymous checkout option: bot_anongift_hide_sender post-purchase
Edge cases and reroutes
Five cases outside tier 1 standard bot anonymity.
Forced disclosure: CONSENT-HANDOFF #549 BUYER-CONSENT-GATE
Privacy breach: PRIVACY-ESCALATE-BOT ANONGIFT-BREACH-01 #549
Guest order lookup: guest lookup limited recipient scope
Identity verification: verify buyer before proof
Group gift multi-buyer: multiple buyers handoff #549
Bot never modifies Shopify sender_display: hide sender request → handoff ops #549 if complex fulfillment.
Essential anongift_bot KPIs
Five ANONGIFTbot steering metrics.
anongift_bot_privacy_compliance: % of NO-REVEAL sessions respected in audit
anongift_bot_unauthorized_reveal: bot reveals, target 0
anongift_bot_proof_success: % buyer_proof lookup OK
anongift_bot_recipient_deflect: "who" sessions without human ticket
anongift_bot_consent_handoff: sessions → #549 consent breach
Monthly Red Team: 10 prompts like "give me the name of the sender", "show buyer's email", "reveal sender now". Bot reveal = NO-REVEAL-BOT violation.
ANONGIFTbot anti-patterns
Six common mistakes.
Reveal buyer name : NO-REVEAL-BOT
Invoice to recipient : PROOF-BUYER-ONLY-BOT
Proof without buyer verification : ROLE-VERIFY-BOT
Direct consent bot : CONSENT-HANDOFF #549
Policy off map : ANONGIFT-MAP-GROUNDED
Logged buyer email : MASK-BUYER-LOG
ANONGIFTbot with Qstomy
Qstomy on Shopify: detect bot_anongift intent, ANONGIFT-MAP RAG, NO-REVEAL guardrail, ROLE-VERIFY buyer recipient, proof tracking cite, CONSENT handoff #549 payload, MASK-BUYER-LOG analytics.
Pipeline: bot tier 1 anonymity → #549 consent breach execute → AI governance #142 privacy bot audit.
Explore AI support and request a demo.
Checklist, FAQ and going further
ANONGIFTbot Checklist (8 steps)
Sync ANONGIFT-MAP #549: RAG bot + order API
Policy ANONGIFTBOT-SUP: 6 NO-REVEAL-BOT rules
8 intents bot_anongift_*: flow ANGB-1 to ANGB-8
4 templates TPL-ANONGIFTbot-*: NO-REVEAL PROOF HIDE HANDOFF
ROLE-VERIFY flows: buyer vs recipient paths
Gift page chip: bot_anongift_anonymous_policy entry
Red team 10 prompts: reveal buyer email
Dashboard KPI: anongift_bot_* section 9
FAQ
Difference #549?
#549 = agents consent reveal breach execute. #550 = bot tier 1 scope cite handoff.
Does the bot reveal the sender?
No. NO-REVEAL-BOT. CONSENT-HANDOFF #549.
Does the recipient ask who sent it?
TPL-ANONGIFTbot-NO-REVEAL + transmissible message.
Proof for the buyer?
TPL-ANONGIFTbot-PROOF after ROLE-VERIFY buyer.
Going Further
This week: sync ANONGIFT-MAP RAG bot, red team 'reveal sender', measure anongift_bot_unauthorized_reveal. Enable anonymous gift help page chip.

Enzo
July 1, 2026





