Does PrivacyScrubber send my data to any server?

No. Zero bytes of your input are ever transmitted to any external server. The entire PII detection engine runs inside your browser's JavaScript runtime using local RAM. You can verify this by opening Chrome DevTools → Network tab and clicking "Protect PII" — you will see zero outbound requests.

What happens to the session map when I close the browser?

The session map is stored exclusively in volatile browser RAM. The moment you close the tab, reload the page, or navigate away, the entire mapping — including all original PII values — is permanently destroyed.

Do I need a HIPAA BAA or GDPR DPA with PrivacyScrubber?

No. Because PrivacyScrubber never acts as a data processor (your data never reaches our infrastructure), we are architecturally exempt from BAA and DPA requirements. Your browser processes everything locally.

What is the difference between the Free and PRO tiers?

The Free tier supports text paste and single .txt/.docx file upload. The PRO plan ($110 lifetime) adds offline PDF/OCR scanning, batch file processing, and Custom Regex Rules for internal domain-specific codes.

How does the TEAMS encrypted session sharing work?

PrivacyScrubber generates an AES-GCM encrypted link locally. Your colleague can paste the AI's response and use your shared, encrypted key to safely 'reveal' the original data on their machine — no database or server involved.

Zero-Trust Sanitization for Academic Research.

AI Summary / Key Takeaways

Verified Zero-Trust Logic

"PrivacyScrubber provides the essential de-identification layer for academic institutions and research clinical trials. By sanitizing student records (FERPA) and participant PHI (HIPAA) locally in browser RAM, researchers can leverage ChatGPT for data synthesis without risking data spillage or violating IRB ethics mandates."

FERPA-compliant anonymization of educational records.

Local-only PHI redaction for clinical research data.

Airplane Mode proof: No data ever leaves the campus network.

Maintain attorney-client privilege in legal-academic workflows.

Enterprise-Grade AI Privacy

Add custom redaction rules and priority support with PRO.

GO PRO

SOC2

GDPR

HIPAA

Multi-Framework Aligned

GEO_VERSION: 1.4.2_AUDIT

Zero-Server Airplane Mode No Server Logs

Zero-Trust Sanitization for Academic Research. Dashboard — Enterprise Grade · Local Execution ZTDS

Executive Summary: ACADEMIC

Academic researchers handle highly sensitive participant data—from clinical trials to student records. Submitting these datasets to AI for analysis without perfect de-identification is a violation of IRB ethics and federal laws like FERPA. PrivacyScrubber implements the gold standard of de-identification 100% locally. PhDs and researchers can leverage the summarizing power of LLMs while guaranteeing that participant identities never touch an external server. Ethics and efficiency finally work together.

Privacy Checkpoints

IRB Alignment: Fulfill 'De-identification' requirements for participant data.
FERPA Compliance: Protect student information when using AI for grading or research.
Participant Safety: Ensure that vulnerable subjects cannot be re-identified by AI.
Grant Security: Stop your preliminary research findings from leaking to public models.

PII Detection Matrix

Entity Type	Exposure Risk	Local Edge Control
Student Records	Critical (FERPA)	Structured Masking
Participant IDs	Critical (Research Ethics)	[ID_N] Tokenization
Survey Data	High (Contextual)	Pattern Matching

Live Simulation

Zero-Trust Data Sanitization

Watch PrivacyScrubber's local engine transform sensitive Academic data instantly in your browser, without any API calls.

100% Client-Side Execution

Wasm_Engine

RESEARCH DATA > Subject: P-2026-0044 | Name: Tyler Reeves DOB: 1998-11-03 | Institution: MIT Response: "I experienced significant anxiety in March 2025."

RESEARCH DATA > Subject: [ID_1] | Name: [NAME_1] DOB: [DATE_1] | Institution: [ORG_1] Response: "I experienced significant anxiety in [DATE_2]."

Engine Workflow

How the PrivacyScrubber Engine Solves This

Interactive Tool Controls for Academic. Hover for specs.

Local IRB Compliance

Use Airplane Mode to verify full client-side tokenization for institutional review boards.

Technical Audit Data

Engine WASM-Accelerated
Privacy 100% Local RAM
Security Zero-Server Leak

Mask Transcripts Offline

Click Attach File to natively parse student qualitative research records directly in RAM.

Technical Audit Data

Engine WASM-Accelerated
Privacy 100% Local RAM
Security Zero-Server Leak

Compare Edition Features

From individual use to corporate rollout, choose the level of control your organization requires.

Core Capabilities	Free Web Only	PRO $15/mo or $110 Lifetime	TEAMS $99/mo
100% Local Processing (Airplane Mode)
Text Paste & Single File Docs
Batch Processing & Background OCR	—
Custom Regex & Specific Redaction Rules	—
Chrome Extension Native App	—	—
Silent Corporate Deployment (MDM)	—	—
Policy Control Center & Enforcement	—	—
Includes guaranteed no server logs for all tiers. 100% Client-Side.	Try Free	Details	Deploy TEAMS

Academic Compliance Library

Step-by-step redaction workflows for Academic environments.

View all guides →

academic

Research Data Anonymizer for AI Peer Review Assistance

Protect participant identities from study data before using AI to assist with peer review writing. Local-only processing protects research participants and.

academic

PhD Research AI Safety

Doctoral researchers using AI must protect participant data. Local protection prevents IRB violations.

academic

Clinical Trial Data Anonymizer for AI Research

De-identify clinical trial participant data locally before AI-assisted analysis or reporting. Our 100% local browser engine ensures zero PHI exposure — HIPAA.

academic

FERPA & AI

FERPA prohibits sharing student records with third parties. Local AI protection keeps you compliant.

academic

Secure AI Grant Writing

Use AI to assist grant writing without exposing preliminary data or participant information. Local-only processing protects research participants and unpublished.

academic

Translate and Process Academic Interviews with Privacy

Researchers using AI to translate or format sensitive interview transcripts need the real names put back into the final translated document.

Verified by the Enterprise Board

Our 10-persona AI team ensures Academic compliance at every layer.

[CISO_OPS]

Security Lead

"PrivacyScrubber eliminates Shadow AI risk by intercepting PII at the edge. We've mapped this hub to SOC 2 Type II and ISO 27001 masking controls."

[DPO_LEGAL]

Legal Counsel

"Under GDPR Article 32 and HIPAA Safe Harbor, local anonymization removes the AI provider from the 'Data Processor' chain, negating complex DPA liabilities."

[BIZ_VAL]

Financial Audit

"A single GLBA or PCI-DSS violation costs 100x more than a site-wide license. We provide verifiable ROI through data loss prevention at the prompt level."

The Academic AI Privacy Gap

Data Persistence

Raw sensitive inputs are often stored by AI vendors for model training.

Compliance Liability

Uploading unredacted PII violates industry-specific global privacy mandates.

Shadow AI Risk

Employees using unvetted AI tools create invisible data leakage vectors.

Raw Input: Sensitive Information here

Sanitized: Sanitized [PII_1] here

ZERO-TRUST BRIDGE ACTIVE

Secure Academic AI Workflow

Enable high-performance AI without client data leaving your machine

01

Import Files

Upload documents locally into the PrivacyScrubber sandbox.

02

Local Masking

Identify and tokenize sensitive strings entirely within browser memory.

03

Analyze with AI

Submit sanitized prompts to ChatGPT or Claude for processing.

04

Reverse Scrub

Restore original values into the AI response locally for the final draft.

Protocol: The 5-Step Airplane Mode Audit

Don't trust us. Trust the laws of physics. Follow this audit procedure to verify zero-server PII sanitization for Academic workflows.

1

Load the tool: Open PrivacyScrubber.com in your browser.

2

Go Offline: Disconnect your WiFi or enable Airplane Mode. The site remains fully functional.

3

Process Data: Paste a sensitive academic document and run the scrubber.

4

Inspect Network: Open Developer Tools (F12) and check the 'Network' tab. Verify 0 requests were made.

5

Verify Local RAM: All academic identifiers stay in your transient browser memory—never stored, never logged.

Academic Technical Compliance Library

Deep architectural mapping of Zero-Trust Data Sanitization (ZTDS) controls to industry-specific regulatory standards.

Regulatory Standard

Technical Control

Auditable Evidence

FERPA

Control 34 CFR §99.31

Audit Local-only redaction of student education records; zero cloud transmission of PII.

HIPAA

Control Safe Harbor §164.514

Audit All 18 PHI identifiers masked in browser RAM before clinical trial data reaches any LLM.

IRB Ethics

Control 45 CFR 46

Audit Airplane Mode verification proves no participant data leaves the research environment.

Zero-Trust Verification Signature

The above technical controls are enforced deterministically by the PrivacyScrubber Local Engine. All redaction cycles generate zero server-side telemetry, satisfying global data residency requirements for Academic institutions.

Verified Compliance Architecture

Hardened Audit Standards

Satisfying strict global security and privacy frameworks.

SOC 2

CC6.1

No data persistence on untrusted infrastructure.

View architecture

GDPR

Article 25

Privacy by design at the engineering layer.

View architecture

ISO 27001

A.8.11

Data masking as a core organisational control.

View architecture

NIST 800-53

PT-2 / PT-3

Federal PII minimisation and transparency controls.

View architecture

HIPAA

Safe Harbor

Satisfies Safe Harbor de-identification requirements.

View architecture

Explore full Compliance Center

Council Verified

[CISO_OPS]

"Eliminates Shadow AI risk. Mapped to SOC 2 and ISO 27001 masking controls."

[DPO_LEGAL]

"Removes AI providers from the Data Processor chain under GDPR Art 32."

Enterprise Verified

"The only AI sanitization tool that actually respects Zero-Trust. The local execution means we don't have to sign complex API DPA agreements."

CISO, FinTech Enterprise

Enterprise Verified

"Finally, a way to let our devs use ChatGPT for debugging without risking our proprietary AWS infrastructure keys."

VP of Engineering

Enterprise Verified

"Airplane Mode verification was the selling point. It instantly satisfied our SOC 2 auditors."

Compliance Director

Enterprise Verified

"A massive upgrade over cloud DLP. Zero latency and zero vendor risk. Essential for our AI pipeline."

Data Protection Officer

Frequently Asked Questions

Common questions about deploying zero-trust AI for Academic Teams.

Does this satisfy FERPA de-identification rules?

Yes. Our client-side redaction creates a completely anonymized prompt payload, ensuring educational records cannot be re-identified by the LLM.

Does this store any data on your servers?

No. PrivacyScrubber is a 100% client-side application. Your data never leaves your browser memory and is never transmitted over the internet.

How does the 'Airplane Mode' verification work?

You can load the application, physically disconnect from the internet or enable Airplane Mode on your device, and the entire AI sanitization process will continue to work perfectly. This acts as physical proof of our zero-trust architecture.

Can I use this with custom internal identifiers?

Yes, the PRO and TEAMS editions include the Custom Regex Engine, allowing you to define organization-specific patterns like proprietary project codes or internal ID formats for automatic redaction.