Security & Compliance

euRedact is built with privacy as a core architectural principle. Local processing, open-source rules, and zero data transmission give you full control over how personal data is handled.

How Your Data Flows

integration_instructionsYour Application

shieldeuRedact SDK (Local)

Rule Engine detects: IBANs, BSNs, phones, emails, IDs

Structured PII removed

cloudeuRedact CloudComing Soon

AI model detects: names, addresses, contextual PII

Redacted text returned

integration_instructionsYour Application

verified_user

Structured PII never leaves your device.

Why You Can Trust euRedact

lock

100% Local Processing

euRedact Rules runs entirely on your machine. No data is sent to any external server. Your text never leaves your infrastructure.

code

Open Source & Auditable

The full rule engine is open source under Apache 2.0. Every regex pattern, checksum validator, and suppression rule is visible and auditable on GitHub.

swap_horiz

No Vendor Lock-in

euRedact is a library, not a service. Your redaction rules, custom patterns, and configuration are yours. No accounts, no API keys, no data retention.

package_2

Zero Required Dependencies

No external packages required in either Python or Node.js. Minimal attack surface, no transitive dependency risks, easy to audit and deploy.

Cloud Tier — Planned Architecture

When the cloud tier launches, these privacy measures will protect contextual PII detection. Today, euRedact Rules runs 100% locally — nothing leaves your machine.

tag

Hash-Based Segment Routing

Text is split into segments and routed via one-way hashes. The cloud model never sees the full document -- only isolated, unlinkable fragments that cannot be reassembled server-side.

shuffle

Cross-Client Shuffling

Segments from different clients are shuffled together in each inference batch. Even if an attacker compromises a batch, no single client's text can be isolated.

data_object

Constrained JSON Output

The model is constrained to emit only structured JSON with entity labels and offsets -- never free-form text. This eliminates the risk of the model echoing or leaking input data.

wifi_off

Graceful Offline Fallback

When the cloud is unreachable, the SDK falls back to the local rule engine automatically. Structured PII is still detected with high precision -- your pipeline never stalls.

Apache 2.0 LicensedAuditable by ConstructionNo Data RetentionZero Dependencies