The only fields we gather that could be considered PII are the names of the users in the organization, which are gathered from the Active Directory data. If you wish to not have this information gathered, simply do not point the appliance at your domain controllers in the Active Directory settings. However, it should be noted, that this information is typically used in Microsoft audit-type engagements and is quite useful in understanding the makeup of your organization!