By George Curta · Last updated 2026-06-16
By George Curta · Last updated 2026-05-15
了解令牌系统
令牌是anonym.legal的使用单位,可以把它们想象成硬币:每次分析、匿名化或解密操作都会消耗少量令牌,每次运行前都可以看到精确的费用。
什么是令牌?
令牌是使用额度。每次扫描文本中的个人信息、将其替换为占位符或还原原始内容时,都会从账户余额中扣除少量令牌。费用始终提前告知,只有成功的操作才会计费。
注意: 在anonym.legal中,「令牌」一词有两种含义。本页面讨论的是计费令牌——用于操作的额度。网站其他地方还会提到「令牌化的个人信息」,这是替换文本中姓名的技术占位符(如<PERSON_1>),不是计费单位,不会直接收费。
概览
- Free200/周期足够在几份小文档上试用平台。
- Basic — €3 / 月1,000/周期适合偶尔进行文档匿名化的用户。
- Pro — €15 / 月4,000/周期适合定期处理大量文档。
- Business — €29 / 月10,000/周期适合每日大批量处理、批量任务和API集成。
令牌配额在每个计费周期结束时重置(Free为30天,付费方案为31天)。未使用的令牌不会滚入下一周期。
哪些操作消耗令牌?
扫描文本并报告其中包含的个人信息。最常用的操作。
检测个人信息并进行转换(替换、删除、遮掩、哈希或加密)。消耗的令牌略多于Analyze。
从加密输出中还原原始内容。比Analyze更便宜。
用AI生成自定义实体识别器。每次请求固定消耗50个令牌。
免费操作: 查看令牌余额和获取费用估算不消耗任何令牌。在任何付费调用前都可以预览价格。
按文档大小分类的实际费用
在个人信息密集的英文文本上实测(实体数为分析器实际检测到的数量)。这些是生产环境中账户实际扣费的数字:
| 字符数 | 发现的实体数 | 分析 Token | 匿名化 Token | 总 Token 数 |
|---|---|---|---|---|
| 1 | 0 | 3 | — | 3 |
| 18 | 1 | 3 | 3 | 6 |
| 28 | 3 | 4 | 3 | 7 |
| 55 | 4 | 4 | 3 | 7 |
| 200 | 10 | 4 | 3 | 7 |
| 500 | 26 | 5 | 4 | 9 |
| 1,000 | 49 | 6 | 5 | 11 |
| 5,000 | 240 | 17 | 15 | 32 |
| 10,000 | 478 | 32 | 27 | 59 |
| 50,000 | 2,381 | 147 | 126 | 273 |
| 50,000 | 197 | 38 | 17 | 55 |
经验法则: For short inputs the analyze charge floors at ~4 tokens (driven by the base cost plus ~0.1 token per enabled entity type). Above 1 000 characters at GUI defaults the cost scales at roughly 1 token per 312 characters.
这些数值由生产测试套件自动导出——每次测试 JSONL 报告重新生成且回放通过时即自动更新。
Cost calculator
Estimate exactly what your workload costs. Same formula the live web app charges — verified against 381 production test rows. Edit the inputs; the breakdown and plan quote update live.
Sparse ≈ marketing copy (~3 hits/1K chars). Typical ≈ business memo (~10/1K). Heavy ≈ medical record or HR file (~50/1K).= 20 PII items per document
- Analyze
- 5
- Anonymize / Encrypt
- 4
- Decrypt
- —
- MCP detokenize
- —
550 tokens left in cycle
3,550 tokens left in cycle
9,550 tokens left in cycle
操作类型有影响吗?
几乎没有区别。以下是同一段160个字符的输入以五种不同方式匿名化的结果:
| 操作类型 | 功能说明 | 令牌数 |
|---|---|---|
| encrypt | AES-256-GCM(可用密钥还原) | 9 |
| hash | 单向SHA-256/512哈希 | 3 |
| mask | 部分遮掩,如John **** | 3 |
| redact | 黑色涂抹(永久删除) | 3 |
| replace | 用<PERSON_1>等占位符替换个人信息 | 3 |
根据您的隐私需求选择合适的操作类型——费用本质上相同。
语言有影响吗?
费用由字符数和检测到的实体数决定,与语言无关。在我们支持的48种语言中,短文本只消耗少量令牌:
| 语言 | 字符数 | 实体数 | 分析 | 匿名化 |
|---|---|---|---|---|
| zh | 70 | 4 | 4 | 3 |
| ja | 84 | 5 | 4 | 3 |
| ko | 89 | 1 | 3 | 3 |
| ar | 123 | 7 | 4 | 3 |
| he | 123 | 5 | 4 | 3 |
| bg | 132 | 5 | 4 | 3 |
| ru | 132 | 6 | 4 | 3 |
| mk | 135 | 5 | 4 | 3 |
| it | 136 | 7 | 4 | 3 |
| sr | 136 | 8 | 4 | 3 |
| hr | 137 | 5 | 4 | 3 |
| nl | 137 | 6 | 4 | 3 |
| pl | 137 | 3 | 4 | 3 |
| hi | 138 | 3 | 4 | 3 |
| sl | 138 | 6 | 4 | 3 |
| th | 138 | 5 | 4 | 3 |
| lv | 139 | 8 | 4 | 3 |
| sv | 141 | 6 | 4 | 3 |
| is | 142 | 10 | 4 | 3 |
| sk | 142 | 7 | 4 | 3 |
| tr | 142 | 6 | 4 | 3 |
| ro | 143 | 5 | 4 | 3 |
| uk | 143 | 5 | 4 | 3 |
| es | 144 | 7 | 4 | 3 |
| fa | 144 | 5 | 4 | 3 |
| nb | 144 | 5 | 4 | 3 |
| cs | 145 | 8 | 4 | 3 |
| da | 145 | 6 | 4 | 3 |
| de | 145 | 6 | 4 | 3 |
| et | 145 | 6 | 4 | 3 |
| fr | 145 | 7 | 4 | 3 |
| pt | 145 | 6 | 4 | 3 |
| lt | 146 | 5 | 4 | 3 |
| ur | 146 | 2 | 4 | 3 |
| en | 148 | 7 | 4 | 3 |
| af | 149 | 4 | 4 | 3 |
| fi | 149 | 6 | 4 | 3 |
| sw | 149 | 10 | 4 | 3 |
| hu | 150 | 6 | 4 | 3 |
| vi | 151 | 5 | 4 | 3 |
| ca | 152 | 7 | 4 | 3 |
| hy | 152 | 5 | 4 | 3 |
| id | 154 | 6 | 4 | 3 |
| bn | 158 | 3 | 4 | 3 |
| ms | 160 | 9 | 4 | 3 |
| el | 163 | 6 | 4 | 3 |
| eu | 163 | 6 | 4 | 3 |
| tl | 163 | 10 | 4 | 3 |
从19,956个字符的加密数据中还原原始内容只需10个令牌。如果您先匿名化再解密以便授权查看者查看个人信息,解密步骤只占总费用的一小部分。
余额不足?充值
付费方案用户可以在周期中途购买额外令牌。Free方案用户无法充值——升级到Basic即可启用。
| 方案 | 每€1对应的令牌数 | 有效费率 |
|---|---|---|
| Basic | 250 | €0.40 / 100 tokens |
| Pro | 300 | €0.33 / 100 tokens |
| Business | 350 | €0.29 / 100 tokens |
充值的令牌在下一个周期重置时到期,同样不会滚入下一周期。
运行前检查费用
- • 在网页应用中, 费用预览显示在每个操作按钮旁边。
- • 在API中, 访问
/api/mcp/balance端点或MCP的anonym_legal_estimate_cost工具——两者均免费。 - • 您的当前余额和近期使用情况可在 Settings → Account中随时查看。
常见问题
- 未使用的令牌可以结转吗?
- 不可以。配额和充值的令牌都会在每个周期结束时重置。
- 任务中途令牌用完会怎样?
- 下一次调用将返回402错误,并显示具体缺口数量。购买充值或等待周期重置即可。
- 失败的操作也会扣除令牌吗?
- 不会。令牌仅在操作成功后才会扣除。
- 操作类型的选择会影响价格吗?
- 不会——replace、redact、mask、hash和encrypt对相同输入的费用本质上相同(见上表)。
- 为什么不同操作的费用不同?
- Analyze和Anonymize需要进行检测处理(开销较大的步骤)。Decrypt只遍历已保存的映射,因此便宜得多。
相关内容
About this page
We update this page when our platform or the law changes.
Read our founder note for how we work.
Each change shows up in the timestamp at the top.
Related reading
- Common questions
- Glossary
- How tokens work
- Security posture
- Where we comply
- What we detect
- Case studies
- Release notes
We follow these rules
- GDPR (EU 2016/679).
- ISO/IEC 27001:2022.
- NIS2 (EU 2022/2555).
- HIPAA safe harbor under 45 CFR § 164.514(b)(2).
Our promise
We do not sell your data.
We do not train models on your text.
We store your files in Germany.
You can delete your account at any time.
You own your work.
Where we run
Our servers live in Falkenstein, Germany.
We use Hetzner. They hold ISO 27001 certification.
All data stays in the EU.
Backups run every day.
Need help?
Email support@anonym.legal.
We reply within one business day.
How we test
We run a full check suite on every release.
Each surface gets its own sweep script and report.
Human reviewers spot-check the output each week.
We track recall and precision on a labelled set.
Bad runs block the deploy.
What we never do
- We never sell your information to third parties.
- We never train models on what you upload.
- We never keep your work after you delete it.
- We never share keys with any outside firm.
- We never run ads inside the product.
Plans in plain words
We sell credits, not seats.
One credit covers one short job.
Long jobs use a few credits each.
You can top up at any time.
Unused credits roll over each month.
Read the plans page for current rates.
Who built this
A small team of engineers and lawyers built this.
We ship from Europe and work in the open.
Our founder note spells out why we started.
Where to start
- Open the web app and try a sample file.
- Learn how credits get counted.
- See current plans and limits.
- Meet the team behind the product.
How the parts fit
A browser add-on cleans text inside Chrome.
A Word plug-in handles drafts in Office.
A small desktop tool works on whole folders.
An agent protocol link feeds large models safely.
All four share one core engine and one rule set.
Words from our team
We started this work after a lunch about cookies.
One friend kept getting odd ads on her phone.
We asked why a court file leaked through a draft.
We sketched the first build on a napkin that week.
By month three we had a tiny demo for a friend.
She used it on her first case the next day.
Common questions we hear
Can the tool read scanned PDFs? Yes, with OCR.
Does it work on long files? Yes, in small chunks.
Can I roll my own rule set? Yes, save it as a preset.
Does it run offline? The desktop build runs offline.
Do you keep my files? No, the cloud build wipes after each run.
Will it learn from my work? No, we never train on inputs.
A short tour of the workflow
Upload a file or paste a snippet of prose.
Pick the entities you want gone from the draft.
Choose a method: replace, mask, hash, encrypt, or redact.
Press run and watch the side panel show each hit.
Skim the result and tweak any rule that misfired.
Save the cleaned file or send it to a teammate.