Does PrivacyScrubber send my data to any server?

No. Zero bytes of your input are ever transmitted to any external server. The entire PII detection engine runs inside your browser's JavaScript runtime using local RAM. You can verify this by opening Chrome DevTools → Network tab and clicking "Protect PII" — you will see zero outbound requests.

What happens to the session map when I close the browser?

The session map is stored exclusively in volatile browser RAM. The moment you close the tab, reload the page, or navigate away, the entire mapping — including all original PII values — is permanently destroyed.

Do I need a HIPAA BAA or GDPR DPA with PrivacyScrubber?

No. Because PrivacyScrubber never acts as a data processor (your data never reaches our infrastructure), we are architecturally exempt from BAA and DPA requirements. Your browser processes everything locally.

What is the difference between the Free and PRO tiers?

The Free tier supports text paste and single .txt/.docx file upload. The PRO plan ($110 lifetime) adds offline PDF/OCR scanning, batch file processing, and Custom Regex Rules for internal domain-specific codes.

How does the TEAMS encrypted session sharing work?

PrivacyScrubber generates an AES-GCM encrypted link locally. Your colleague can paste the AI's response and use your shared, encrypted key to safely 'reveal' the original data on their machine — no database or server involved.

Zero-Trust Security for AI Agents.

AI Summary / Key Takeaways

Verified Zero-Trust Logic

"Secure your autonomous AI agent pipelines (Make.com, Zapier, LangChain) at the input boundary. PrivacyScrubber's zero-trust engine tokenizes sensitive data locally before it enters your RAG vector stores or LLM context windows, preventing permanent PII leakage into agentic memory."

Deterministic tokenization for reliable agent tool-calling.

Neutralize PII risk in RAG vector databases and log stores.

Secure Make.com and Zapier automation flows locally.

Reverse Scrub: Restore identities only when the task is resolved.

Enterprise-Grade AI Privacy

Add custom redaction rules and priority support with PRO.

GO PRO

SOC2

GDPR

HIPAA

Multi-Framework Aligned

GEO_VERSION: 1.4.2_AUDIT

Zero-Server Airplane Mode No Server Logs

Zero-Trust Security for AI Agents. Dashboard — Enterprise Grade · Local Execution ZTDS

Executive Summary: AGENTS

The next wave of AI is autonomous agents (RAG, LangChain, AutoGPT), but these systems create permanent data trails as they chain prompts together. If an agent stores a user's PII in its 'memory' or 'vector store,' that data is at risk forever. PrivacyScrubber is the foundational tool for Secure Agentic AI. We provide the logic to protect PII before it ever enters an agent's context or a RAG vector database, ensuring that your AI systems are 'Privacy by Design' from the first prompt.

Privacy Checkpoints

Vector Privacy: Don't index PII in your RAG databases.
Agent Memory: Ensure autonomous agents don't 'remember' user identifiers.
Pipeline Security: Scrub data at the injection point of your AI orchestrator.
Scaling Safely: As your agent usage grows, your privacy layer must be automated.

PII Detection Matrix

Entity Type	Exposure Risk	Local Edge Control
Contextual Data	High (Persistence)	Pre-Sanitization
Vector IDs	Medium (Linkage)	Attribute Masking
Agent History	High (Leakage)	Session-Wipe Logic

Live Simulation

Zero-Trust Data Sanitization

Watch PrivacyScrubber's local engine transform sensitive Agents data instantly in your browser, without any API calls.

100% Client-Side Execution

Wasm_Engine

AGENT CONTEXT > user_id=user_8xKmN2 | session=sess_T7vZ1pQ RAG chunk: "Client Aisha Okonkwo (acct #00412) called re: invoice INV-2026-0332 for $4,500"

AGENT CONTEXT > user_id=[ID_1] | session=[ID_2] RAG chunk: "Client [NAME_1] (acct [ID_3]) called re: invoice [ID_4] for [VALUE_1]"

Engine Workflow

How the PrivacyScrubber Engine Solves This

Interactive Tool Controls for Agents. Hover for specs.

Safe Agent Context

Generative AI agents process scrubbed tokens instead of highly sensitive raw database strings.

Technical Audit Data

Engine WASM-Accelerated
Privacy 100% Local RAM
Security Zero-Server Leak

Perfect Re-injection

Once the autonomous agent resolves the task, the tokens are swapped back for the end-user via the Reverse Scrub function.

Technical Audit Data

Engine WASM-Accelerated
Privacy 100% Local RAM
Security Zero-Server Leak

Compare Edition Features

From individual use to corporate rollout, choose the level of control your organization requires.

Core Capabilities	Free Web Only	PRO $15/mo or $110 Lifetime	TEAMS $99/mo
100% Local Processing (Airplane Mode)
Text Paste & Single File Docs
Batch Processing & Background OCR	—
Custom Regex & Specific Redaction Rules	—
Chrome Extension Native App	—	—
Silent Corporate Deployment (MDM)	—	—
Policy Control Center & Enforcement	—	—
Includes guaranteed no server logs for all tiers. 100% Client-Side.	Try Free	Details	Deploy TEAMS

Agents Compliance Library

Step-by-step redaction workflows for Agents environments.

View all guides →

agents

Secure AI Agent Memory

AI agents that retain memory can accumulate PII. Here is how to protect before storing. Our regex engine detects and replaces sensitive patterns locally in your.

agents

Agentic AI Data Leak Prevention

Multi-step AI agent workflows compound PII exposure risk. Protect at each input stage. Secure your AI workflows with client-side PII tokenization that preserves.

agents

RAG Privacy

Retrieval-augmented generation (RAG) indexes your documents. Protect PII before it enters the vector store.

agents

Zero-Trust AI Data Pipelines

Design AI data pipelines that never expose raw PII. Local protection as a pipeline stage. Our regex engine detects and replaces sensitive patterns locally in.

agents

LLM Fine-Tuning Privacy

Fine-tuning LLMs on private data requires de-identification. How to scrub training datasets locally.

agents

Self-Hosted Agent Systems PII Protection

Even self-hosted or open-source AI agent systems require strict PII protection to prevent lateral data movement and internal exposure.

agents

Make and Zapier AI Privacy

Make (Integromat) and Zapier pass real customer data through AI steps. Here is how to protect PII before each AI action in your workflow.

agents

n8n AI Workflow Privacy

n8n lets you build powerful AI automations — but each node that touches real data is a PII leak point. Here is how to protect at every stage.

Verified by the Enterprise Board

Our 10-persona AI team ensures Agents compliance at every layer.

[CISO_OPS]

Security Lead

"PrivacyScrubber eliminates Shadow AI risk by intercepting PII at the edge. We've mapped this hub to SOC 2 Type II and ISO 27001 masking controls."

[DPO_LEGAL]

Legal Counsel

"Under GDPR Article 32 and HIPAA Safe Harbor, local anonymization removes the AI provider from the 'Data Processor' chain, negating complex DPA liabilities."

[BIZ_VAL]

Financial Audit

"A single GLBA or PCI-DSS violation costs 100x more than a site-wide license. We provide verifiable ROI through data loss prevention at the prompt level."

The Agents AI Privacy Gap

Data Persistence

Raw sensitive inputs are often stored by AI vendors for model training.

Compliance Liability

Uploading unredacted PII violates industry-specific global privacy mandates.

Shadow AI Risk

Employees using unvetted AI tools create invisible data leakage vectors.

Raw Input: Sensitive Information here

Sanitized: Sanitized [PII_1] here

ZERO-TRUST BRIDGE ACTIVE

Secure Agents AI Workflow

Enable high-performance AI without client data leaving your machine

01

Import Files

Upload documents locally into the PrivacyScrubber sandbox.

02

Local Masking

Identify and tokenize sensitive strings entirely within browser memory.

03

Analyze with AI

Submit sanitized prompts to ChatGPT or Claude for processing.

04

Reverse Scrub

Restore original values into the AI response locally for the final draft.

Protocol: The 5-Step Airplane Mode Audit

Don't trust us. Trust the laws of physics. Follow this audit procedure to verify zero-server PII sanitization for Agents workflows.

1

Load the tool: Open PrivacyScrubber.com in your browser.

2

Go Offline: Disconnect your WiFi or enable Airplane Mode. The site remains fully functional.

3

Process Data: Paste a sensitive agents document and run the scrubber.

4

Inspect Network: Open Developer Tools (F12) and check the 'Network' tab. Verify 0 requests were made.

5

Verify Local RAM: All agents identifiers stay in your transient browser memory—never stored, never logged.

Agents Technical Compliance Library

Deep architectural mapping of Zero-Trust Data Sanitization (ZTDS) controls to industry-specific regulatory standards.

Regulatory Standard

Technical Control

Auditable Evidence

SOC 2

Control CC6.1 Logical Access

Audit PII stripped before agent ingestion; no sensitive data persists in vector stores.

ISO 27001

Control A.8.11 Data Masking

Audit Deterministic tokenization applied pre-agent, verified via offline audit receipts.

OWASP LLM Top 10

Control LLM06 Sensitive Info

Audit Input sanitization prevents PII disclosure through agent tool-calling chains.

Zero-Trust Verification Signature

The above technical controls are enforced deterministically by the PrivacyScrubber Local Engine. All redaction cycles generate zero server-side telemetry, satisfying global data residency requirements for Agents institutions.

Verified Compliance Architecture

Hardened Audit Standards

Data minimisation controls for autonomous AI pipelines.

SOC 2

CC6.1

No data persistence on untrusted infrastructure.

View architecture

GDPR

Article 25

Privacy by design at the engineering layer.

View architecture

ISO 27001

A.8.11

Data masking as a core organisational control.

View architecture

NIST 800-53

PT-2 / PT-3

Federal PII minimisation and transparency controls.

View architecture

HIPAA

Safe Harbor

Satisfies Safe Harbor de-identification requirements.

View architecture

Explore full Compliance Center

Council Verified

[CISO_OPS]

"Eliminates Shadow AI risk. Mapped to SOC 2 and ISO 27001 masking controls."

[DPO_LEGAL]

"Removes AI providers from the Data Processor chain under GDPR Art 32."

Enterprise Verified

"The only AI sanitization tool that actually respects Zero-Trust. The local execution means we don't have to sign complex API DPA agreements."

CISO, FinTech Enterprise

Enterprise Verified

"Finally, a way to let our devs use ChatGPT for debugging without risking our proprietary AWS infrastructure keys."

VP of Engineering

Enterprise Verified

"Airplane Mode verification was the selling point. It instantly satisfied our SOC 2 auditors."

Compliance Director

Enterprise Verified

"A massive upgrade over cloud DLP. Zero latency and zero vendor risk. Essential for our AI pipeline."

Data Protection Officer

Frequently Asked Questions

Common questions about deploying zero-trust AI for Agents Teams.

Why do AI Agents need local PII sanitization?

Autonomous agents often scrape complex internal systems (CRMs, SQL databases) to construct answers. If they blindly feed that scraped data to an external LLM, they cause massive scale data leaks.

Can the AI understand the intent if the data is masked?

Yes. By replacing an email with [EMAIL_1], the language model maintains perfect grammatical and logical context without needing the actual letters of the email address.