Mask sensitive data.
Stay GDPR compliant.

Anonymize personal data in text, documents, logs, emails and more. Stateless API for GDPR compliance. Prepaid credits, no subscription.

Get Early Access
Try it live:
Rules Language AI Detection
Masked text...

Stateless by Design

No database, no Redis, no storage. The mapping is returned to you - you decide where and how long to store it.

Automatic Detection

Detects 420+ data types: names, emails, IBANs, phone numbers, tax IDs, healthcare data and more. Optimized for DACH, works across EU.

Simple API

Just two endpoints: /mask and /unmask. Integrate in any language in under 10 minutes. REST, JSON, done.

Not just for LLMs

PrivacyMask works everywhere personal data needs to be anonymized.

LLM Prompts

Use ChatGPT, Claude, Gemini GDPR-compliantly

Documents

Anonymize contracts, applications, protocols

Server Logs

Clean logs before cloud storage

Analytics

Anonymize user data for analysis

Support Tickets

Mask customer data before outsourcing

Email Archives

GDPR-compliant archiving

Data Exports

Prepare Art. 15 data requests

ML Training

Anonymize training data

What Gets Detected?

420 detection patterns. Made in Germany. Works across Europe.

Universal

Email
max@firma.de
Name
Max Mustermann
Credit Card
4532-1234-5678-9010
IP Address
192.168.1.1

Financial & Business

IBAN
DE89370400440532013000
Tax ID
12345678901
VAT ID
DE123456789
Company Register
HRB 12345

Personal Documents

Phone
+49 151 12345678
Social Security No.
12 010180 A 123
ID Card
PA1234567
Postal Code + City
10115 Berlin

+ more patterns for DACH, EU-27, UK

How It Works

PrivacyMask is a stateless API. You call /mask, get masked text plus mapping, process the text, and call /unmask to restore original data.

Call /mask - Sensitive data is detected and masked

Store mapping - You store the mapping locally

Process text - Send to LLM, archive, analyze...

Call /unmask - Restore original data

Integration:
// 1. Mask PII before sending to LLM
const masked = await fetch('https://api.privacymask.dev/v1/mask', {
  method: 'POST',
  body: JSON.stringify({ text: userInput })
});

// 2. Send masked text to your LLM
const llmResponse = await openai.chat({
  messages: [{ content: masked.masked_text }]
});

// 3. Unmask the response
const final = await fetch('https://api.privacymask.dev/v1/unmask', {
  method: 'POST',
  body: JSON.stringify({
    text: llmResponse,
    mapping: masked.mapping
  })
});

Why PrivacyMask?

For developers who want full control. No vendor lock-in, no server-side storage, no trust issues.

GDPR Compliance

Sensitive data is masked before processing. Only anonymized data leaves your system. Art. 25 Privacy by Design.

No Storage

We store no mappings, no requests, no logs. Data is processed in RAM only, never persisted.

Under 50ms Latency

Three-stage detection system (simple rules → language analysis → AI detection) with optimized performance. Barely noticeable delay.

German Detection

Specially optimized for German formats: tax IDs, social security numbers, phone numbers, postal codes and more.

EU-27 Coverage

420 patterns for all EU countries plus Switzerland and UK. From Austrian social security numbers to French SIRET.

Simple Integration

Just 2 endpoints: /mask and /unmask. No SDK required, works with any HTTP client in any language.

Prepaid Credits

Pay only for what you use. No subscriptions, no expiration.

How billing works

1 Credit = 1,000 characters. Rounded up per request.

900 characters = 1 Credit
1,500 characters = 2 Credits
10,000 characters = 10 Credits

Starter

€5
500 Credits
Join Waitlist

Standard

€20
2.200 Credits
+10% Bonus
Join Waitlist
Best Value

Pro

€50
6.000 Credits
+20% Bonus
Join Waitlist

Business

€100
13.000 Credits
+30% Bonus
Join Waitlist
Too complicated?

PrivacyProxy: Drop-in LLM proxy with automatic masking. Just change base_url, done.

Go to PrivacyProxy