Free PII redactor

Paste text or drop a file to find and remove personal data: emails, phone numbers, credit cards, SSNs, IBANs, IP addresses, and API keys. The text is scanned on your device and never uploaded, which is the whole point of redacting it in the first place.

0 characters·.txt,.csv,.json,.log,.md up to 2 MB

What to redact

Dates and passport-style IDs are off by default. They look like ordinary numbers, so they match order references and version strings too. Turn them on when your text really contains them.

How to redact it

Each match is replaced by a label such as [EMAIL]. Nothing of the original value survives.

Detection is pattern matching, so it finds identifiers with a predictable shape. It will miss personal information written in free text, such as a name, a job title beside an employer, or an unusual identifier format. Read the highlighted preview before you share the result.

Copied to clipboard

How the PII redactor works

1

Paste text or drop a file

A .txt, .csv, or .json file is read with the browser's FileReader API. It is opened on your machine, not uploaded to ours.

2

Choose what to catch

Each type has a toggle. Card numbers are checked with the Luhn algorithm and IBANs with the mod-97 checksum, so ordinary long numbers are left alone.

3

Copy or download the result

Mask the value, keep a fragment of it, or swap it for a stable token. Then copy the text or save it as a file. Nothing leaves your device.

Private by design: nothing leaves your browser

Text that needs redacting is, by definition, text that should not be handed to a stranger's server. Uploading a customer transcript to an online redaction service to make it safe to share has already shared it. This tool is built so that trade never comes up:

01

100% client-side

Matching is JavaScript regular expressions running in your tab, and files are read with FileReader. The page makes no request with your text in it, so there is nothing on a server to breach or subpoena.

02

Nothing stored or logged

There is no account and no analytics on what you paste. The text, the detections, and the pseudonym mapping live in memory and are gone when you reload.

03

Checksums, not guesses

Candidate card numbers must pass the Luhn check and IBANs the ISO 13616 mod-97 check before anything is touched, so a 16-digit order reference is not shredded along with the real data.

What this does not claim

  1. Pattern matching finds structured identifiers. It does not understand your text, so a name, an employer, or a rare medical detail written in prose will pass straight through.
  2. This is not GDPR anonymisation and it is not HIPAA Safe Harbor de-identification. Both have requirements a regex pass does not meet.
  3. Treat the output as reduced exposure, not as proof of compliance. Review it before you send it anywhere.

Built for developers and privacy-conscious teams

Anyone who has to share text that carries data it should not carry. BlockSurvey takes the same position on research data with zero-knowledge surveys, where responses are encrypted before they ever reach a server.

Developers

Scrub a production log or a stack trace before pasting it into a ticket, a chat, or a model prompt, and catch the API key someone left in it.

Support & ops teams

Strip card numbers and addresses out of a customer transcript before it goes to a vendor, and keep the ticket readable while you do it.

Researchers & analysts

Swap identifiers for stable tokens so open-ended responses can still be grouped and counted per person without the person being in the file.

Building something that handles sensitive data?

BlockSurvey runs on zero-knowledge surveys, so the responses you collect are never sold or mined. Responses are encrypted on the respondent's device, so the server stores nothing readable.

More free privacy tools

Browse all privacy tools

These tools run in your browser because that is how we build everything. The same idea, applied to research: privacy-first surveys with end-to-end encryption.

Frequently asked questions

Is this PII redactor free?

Yes, completely free, with no sign-up and no cap on how many times you can run it. The only limit is 200,000 characters per pass, which is there to keep the page responsive.

Does the text I paste get sent to a server?

No. The text stays in the browser tab. Detection is regular-expression matching in JavaScript, redaction is string replacement, and files are read with the browser's FileReader API, so the contents never travel over the network. There is no upload, no request, and nothing for us to log or keep. Close the tab and the text is gone.

What counts as PII here, and what does the tool detect?

It detects structured identifiers that follow a predictable shape: email addresses, phone numbers, credit card numbers, US Social Security numbers, IBANs, IPv4 and IPv6 addresses, API keys and bearer tokens, street addresses, dates, and passport-style IDs. Each type has its own toggle, so you can redact only what you care about.

Will it catch every piece of personal data in my text?

No, and you should not treat it as if it does. Regex detection finds identifiers with a recognisable structure. It will miss free-text personal information that has no fixed shape, such as a person's name, a job title next to an employer, a rare medical detail, or an identifier written in an unusual way. Read the highlighted preview and check the result before you share it.

Does this make my data anonymous under GDPR or HIPAA?

No. Redacting identifiers reduces exposure, but it is not the same as anonymisation under GDPR or de-identification under the HIPAA Safe Harbor method, both of which have specific requirements this tool does not attempt to meet. Use it to strip obvious identifiers before sharing a log, a transcript, or a support ticket. Do not use it as your compliance control.

How does it avoid flagging random numbers as credit cards?

Every candidate card number is run through the Luhn algorithm, the checksum that real card numbers satisfy. A 16-digit order reference will almost always fail it and be left alone. IBANs get the same treatment with the ISO 13616 mod-97 check, so only numbers with a valid checksum are redacted.

What is the difference between the three redaction styles?

Block mask replaces the whole value with a label such as [EMAIL], which is the safest option. Partial mask keeps a fragment for reference, such as the last four digits of a card, so a human can still recognise a record. Pseudonym replaces each unique value with a stable token such as EMAIL_1, so the same address is always the same token and the text stays analysable without exposing the value.

Is the pseudonym mapping reversible?

Only by you, and only while the tab is open. The mapping table lives in memory in your browser, is never written to disk or sent anywhere, and disappears on reload. If you need to reverse the tokens later, copy the table out yourself and store it somewhere you control. Anyone holding just the redacted text cannot recover the originals from it.

Can I use this offline?

Yes. Once the page has loaded you can disconnect from the internet and keep redacting, because every part of it runs in your browser.

Do you store the text I paste in?

No. Detection and redaction both run in your browser, so the text you paste, and the pseudonym mapping built from it, are never sent to or kept on a server. Both disappear when you reload the page.

How is this different from a paid PII redaction tool?

Paid redaction tools, and some free ones, typically send your text to a server or an AI API to find the sensitive spans. This one detects and redacts entirely client-side with pattern matching, so text that may contain private data never leaves your browser, and there is no sign-up or usage cap.
Scripts are blocked. This site won’t work properly. If you’re using Brave, click the Shields icon and turn off Block scripts. Otherwise disable your ad blocker for this site.