This IMO is a bad bad bad idea. If you host PII on the site, any site you visit will be able to just ping your ip's port 80 and figure out who you are. This exact setup lead to the 2012 LinkedIn hack