anonym.legal

By · Last updated 2026-04-07

首页/桌面文档/安全与隐私

安全与隐私

anonym.legal 桌面应用程序如何通过军用级加密和本地优先架构保护您的数据。

保险库加密数据流我们存储的内容恢复短语

保险库加密

您的敏感数据通过军用级加密得到保护。保险库存储凭据、加密密钥和处理历史 - 所有数据均在本地加密。

加密标准

  • AES-256-GCM

    所有存储数据的行业标准加密

  • Argon2id 密钥派生

    64MB 内存,3 次迭代(OWASP 推荐)

  • BIP39 恢复短语

    用于保险库恢复的 24 个单词助记符

  • 内存清零

    锁定时从内存中清除敏感数据

访问控制

  • 1

    6 位数字 PIN

    快速日常访问以解锁应用程序

  • 2

    恢复短语

    如果忘记 PIN,则用于保险库恢复的 24 个单词

  • 3

    自动锁定

    保险库在不活动后自动锁定

您的数据流动方式

了解处理文档时究竟发生了什么:

1. 本地文件读取仅本地

您的文档从磁盘读取。文件从未离开您的计算机。

2. 本地文本提取仅本地

文本在本地从文档中提取。图像、格式和元数据保留在您的设备上。

3. API 分析仅文本

仅提取的文本发送到我们的 API 进行 PII 检测。通过 TLS 1.2+ 进行传输。

4. 匿名化服务器处理

PII 在我们位于德国的 ISO 27001 认证服务器上被检测和匿名化。

5. 本地重建仅本地

接收匿名化文本,并使用您原始的格式在本地重建文档。

6. 本地保存仅本地

匿名化文档保存到您选择的位置。处理完成。

总结:您的原始文档从未离开您的计算机。仅提取的文本被发送进行分析,并且仅通过加密连接。

我们存储的内容(和不存储的内容)

我们绝不会存储

  • 您的原始文档

    文件保留在您的设备上 - 从未上传

  • 您的恢复短语

    只有您知道您的 24 个单词短语

  • 您的加密密钥

    仅存储在您的本地保险库中

  • 文档内容

    文本仅在内存中处理 - 不会持久化

我们存储的内容(加密)

  • 帐户凭据

    用于 API 访问的 OAuth 令牌(在保险库中加密)

  • 处理元数据

    文件名、日期、实体计数(在保险库中加密)

  • 使用统计

    用于计费的令牌消耗(在服务器上)

恢复短语安全性

您的恢复短语是恢复保险库的唯一方法

如果您同时丢失 PIN 和恢复短语,则无法恢复您的保险库数据。我们没有您恢复短语的副本。

最佳实践

  • 将其写在纸上(而非数字)
  • 存放在安全的地方(保险箱、安全存储箱)
  • 考虑制作备份副本
  • 使用全新安装测试恢复过程

绝不要这样做

  • 将其存储在文本文件或笔记应用中
  • 截屏保存
  • 通过电子邮件发送给自己
  • 与任何人分享

重置您的保险库

如果您需要重新开始,可以在设置 > 安全 > 重置保险库中重置您的保险库。

警告:重置您的保险库将永久删除所有本地数据,包括加密密钥、处理历史和保存的凭据。这无法撤销。

继续阅读

功能与工作流程

了解如何使用所有应用程序功能。

故障排除

常见问题和常见问题解答。

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.