How anonym.legal Works
Regex patterns for structured data deliver 100% reproducible results. Proven ML models for names provide high accuracy. Transparent, auditable detection you can trust.
How Does PII Detection Work?
PII detection identifies personal data in text using pattern matching and machine learning. anonym.legal uses a hybrid approach:
- 1Pattern Matching: Regex patterns detect structured data (SSNs, credit cards, IBANs) with checksum validation.
- 2Named Entity Recognition: NER models identify names, locations, and organizations in 48 languages.
- 3Context Scoring: Each detection is scored based on surrounding context to minimize false positives.
This hybrid approach detects 285+ entity types while maintaining deterministic, reproducible results — essential for compliance and legal discovery.
Our Hybrid Approach
How We Detect PII
- Regex patterns for structured data (emails, SSNs, credit cards)
- Proven ML models for names and organizations
- 100% reproducible regex results
- High accuracy ML detection
- Fully auditable for compliance
- Transparent confidence scoring
Pure AI-Only Approach
- Inconsistent results across runs
- Black-box decision making
- Hallucination risks with LLMs
- High compute costs per request
- Difficult to audit or explain
- May miss structured patterns
The 10-Step Process
From input to output, here's exactly what happens to your document
Input Text
Submit your document via web interface, API, or Office Add-in
Language Detection
System identifies the document language for optimal processing
Tokenization
Text is broken into tokens for pattern matching
Pattern Matching
Regex patterns scan for 285+ entity types
Context Analysis
Surrounding text improves detection accuracy
Confidence Scoring
Each detection receives a confidence score
Entity Classification
Detected items are categorized by type
Review Results
See all detections with positions and scores
Apply Anonymization
Choose your method: Replace, Redact, Hash, Encrypt, or Mask
Output Document
Download your anonymized document
MCP Server: Privacy-First AI Integration
How your data flows through the MCP Server to keep AI tools safe
AI Tool Request
Your AI tool (Cursor, Claude) sends a request containing PII
MCP Server Intercepts
Server analyzes and detects all PII entities
Anonymization
PII is replaced with tokens or redacted
AI Processing
AI receives and processes only anonymized data
Response Return
AI response comes back through MCP Server
De-tokenization
Optional: Original values restored for user
Real-World Example
Process payment for John Doe, email john@example.com, card 4532-1111-2222-3333What AI sees
Process payment for PII_PERSON_001, email PII_EMAIL_001, card PII_CREDIT_CARD_001What you get back
Frequently Asked Questions
Why use regex instead of AI for PII detection?
Regex-based detection is deterministic and reproducible. The same input always produces the same output. AI/ML models can be unpredictable and may miss or falsely flag data. For compliance, reproducibility matters.
How accurate is the detection?
Our hybrid approach combines regex patterns with Named Entity Recognition (NER) for high accuracy. All patterns include checksum validation where applicable (credit cards, IBANs, SSNs). False positives are minimized through context-aware scoring.
What happens to my data during processing?
Text is sent to our EU-hosted servers (Hetzner, Germany) over TLS 1.3 for analysis. We don't store your data after processing. With Zero-Knowledge auth, we can't even identify which user made the request.
Can I add custom entity types?
Yes! You can create custom recognizers with your own regex patterns and context words. Custom entities support the same operators (replace, mask, hash, encrypt, redact) as built-in types.
How does reversible encryption work?
The Encrypt operator uses AES-256-GCM encryption with your key. Only you can decrypt. This allows re-identification for audits or legal discovery while keeping data protected in transit and storage.
See It in Action
Try our PII detection and anonymization free with 200 tokens per cycle.