Logo

MonoCalc

/

Data Anonymizer

Encode/Decode

Anonymization Mode

Paste text, JSON, or CSV containing PII

0 characters

0 characters

PII Detection Patterns

About This Tool

🛡️ Data Anonymizer – PII Detection & Redaction in the Browser

The Data Anonymizer is a client-side privacy utility that automatically detects and removes Personally Identifiable Information (PII) from text, JSON payloads, log files, API responses, CSV exports, and any other structured or unstructured content — entirely in your browser, with zero server communication.

Why Anonymize Data?

Modern software workflows constantly expose sensitive data in unexpected places: log files contain user emails and IP addresses, database exports include SSNs and credit card numbers, and API responses leak internal identifiers. Sharing these raw artifacts in GitHub issues, Slack threads, or with third-party support teams creates serious GDPR, HIPAA, and PCI-DSS liability. Anonymizing data before sharing eliminates that risk without slowing down your workflow.

Four Anonymization Strategies

✂️ Redact

GDPR-safe

Replaces each detected PII value with a typed placeholder such as [EMAIL], [PHONE], or [SSN]. The output is completely de-identified and safe to share publicly. Ideal for support tickets and public bug reports.

🎭 Pseudonymize

Pseudonymous only

Replaces each PII value with realistic-looking fake data of the same structural type — a real-looking email for an email, a valid-format phone number for a phone number. Using a fixed seed makes the output fully reproducible: the same input always produces the same fake values, preserving referential integrity across your dataset.

🔒 Hash (SHA-256)

GDPR-safe

Converts each PII value to a truncated SHA-256 fingerprintusing the browser's native Web Crypto API. The original value cannot be recovered from the hash (one-way transformation), making this strategy suitable for compliance logging, audit trails, and cross-system correlation without exposing raw PII.

🏷️ Tokenize

GDPR-safe

Replaces each unique PII value with an opaque sequential token (TOKEN_001, TOKEN_002, …) and generates a Token Mapping Table shown below the output. The table can be exported as CSV for in-session re-identification and debugging without exposing raw values in the shared artifact.

Built-in PII Detection Patterns

The tool ships with a comprehensive regex library that covers the most common PII types without any configuration:

  • Email addresses — standard RFC 5321 format
  • US phone numbers — with or without country code, various separators
  • Social Security Numbers (SSN)NNN-NN-NNNN format
  • Credit card numbers — 13–16 digit sequences with common separators
  • IPv4 and IPv6 addresses — full octet and abbreviated notation
  • UUIDs — version-agnostic 8-4-4-4-12 hex format
  • Dates — ISO 8601, US short (MM/DD/YYYY), EU short (DD.MM.YYYY)
  • IBANs — international bank account numbers
  • MAC addresses — colon- and hyphen-separated
  • URLshttp:// and https:// prefixed links

JSON & CSV Awareness

When you paste a valid JSON object, the tool automatically parses the structure and walks every string leaf value, applying PII replacement inside string values only — leaving keys, numbers, booleans, and nested structure intact. The output is re-serialized as pretty-printed JSON, ready to paste into documentation or a support ticket. For CSV data, every cell is scanned independently, preserving column headers and delimiters.

Consistent Replacement & Seeded Pseudonymization

Enabling Consistent Replacement ensures that the same original value always maps to the same replacement throughout the entire document. For example, if [email protected] appears in ten different fields, all ten are replaced with the same fake email, preserving join relationships in relational datasets. The pseudonymization seed controls the fake-value generator: using the same seed across runs produces identical outputs, enabling reproducible demo datasets and regression tests.

Privacy Guarantee
All processing — regex matching, hash computation, and fake-data generation — runs entirely in your browser using JavaScript and the Web Crypto API. No data is transmitted to any server. This tool is safe to use with real production data, patient records, and regulated financial information.

Custom Regex Patterns

Beyond the built-in library, you can supply any JavaScript-compatible regular expression to target domain-specific identifiers such as internal account numbers (\bACCT-\d{8}\b), patient IDs (\bPAT-\d{6}\b), or proprietary reference formats. The custom pattern is validated in real time — a syntax error is shown immediately before processing.

Diff View & Detection Summary

Enable the Diff View toggle to see a line-by-line comparison between your original input and the anonymized output, with removed content highlighted in red and replacements in green. The Detection Summary panel shows a horizontal bar chart breaking down the count of each PII type found, giving you a quick privacy audit at a glance.

Frequently Asked Questions

Is the Data Anonymizer free?

Yes, Data Anonymizer is totally free :)

Can I use the Data Anonymizer offline?

Yes, you can install the webapp as PWA.

Is it safe to use Data Anonymizer?

Yes, any data related to Data Anonymizer only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

How does the Data Anonymizer work?

The tool scans your input text for PII patterns (emails, phone numbers, SSNs, credit cards, IP addresses, UUIDs, dates, and more) using built-in regular expressions. It then replaces each detected value according to your chosen mode — Redact, Pseudonymize, Hash, or Tokenize — entirely in the browser with no server processing.

What is the difference between Redact, Pseudonymize, Hash, and Tokenize modes?

Redact replaces each PII value with a typed placeholder like [EMAIL]. Pseudonymize replaces it with realistic-looking fake data of the same type. Hash converts each value to an irreversible SHA-256 fingerprint. Tokenize replaces values with short opaque tokens (TOKEN_001) and generates a separate mapping table for in-session re-identification.

Is my data sent to a server?

No. All processing happens entirely in your browser using client-side JavaScript and the Web Crypto API. Your input never leaves your device, making this tool safe for sanitizing real logs, API responses, and database exports.

What PII types does the tool detect automatically?

The tool detects email addresses, US phone numbers, Social Security Numbers (SSNs), credit card numbers, IPv4 and IPv6 addresses, UUIDs, dates (ISO 8601 and common formats), IBAN numbers, MAC addresses, and URLs. You can also add custom regex patterns to target domain-specific identifiers.

What does 'Consistent Replacement' mean?

When enabled, the same original value always maps to the same replacement throughout the entire document. For example, if '[email protected]' appears three times, all three instances will be replaced with the same fake email. This preserves referential integrity in datasets.

Can I anonymize JSON or CSV data?

Yes. The tool detects if your input is valid JSON and walks all string leaf values for PII replacement, preserving JSON structure. For CSV, it scans every cell value. Plain text mode handles any other format by applying replacement directly to the raw string.