Guides: using AI without exposing personal data
How-to guides, comparisons, and foundations for using AI tools like ChatGPT with sensitive documents in a GDPR-safe way.
How-to guides
- Custom detection rules: teach the anonymizer your vocabulary
Detection rules let you always or never flag specific terms and RegEx patterns, and define your own entity types with their own placeholders like [CLIENT_1]. How to set them up in Stript, with examples for firms and companies.
- Detection profiles and presets: one click per matter type
A detection profile bundles PII types, sensitivity, language, detection depth, and your active rules into one saved configuration. Free presets for legal, medical, HR, and financial documents get you started; your own profiles make recurring document types a one-click setup.
- How to anonymize a PDF: remove personal data automatically
How to anonymize a PDF locally on your device: personal data is detected, reviewed, and replaced with placeholders, including scanned PDFs via on-device text recognition.
- How to use ChatGPT with confidential data (a GDPR-safe workflow)
To use ChatGPT safely with client or patient data, remove personal data before the text ever leaves your device. Here is the secure four-step workflow.
- How to verify that Stript never uploads your documents
Don't take 'local-first' on trust. Disconnect from the internet, watch the network traffic with Little Snitch or Wireshark, and check the complete list of network requests Stript makes.
- Making detection faster: Fast mode, hardware, and smart defaults
Stript offers two detection depths: Thorough checks every finding in context; Fast skips the deepest analysis for a much quicker first pass. When to use which, how hardware tiers affect speed, and how to keep quality where it matters.
- Using ChatGPT privately: why your personal data doesn't belong there either
Even for personal use, you shouldn't put personal data into ChatGPT and similar tools. Everything you paste is processed on someone else's servers. The safe way: remove personal details locally, before the text leaves your device.
For your profession
- AI for tax advisors: protecting client data
Tax advisors can use AI without breaching confidentiality by removing client data locally, before the text ever leaves the device.
- AI in healthcare: protecting patient data
Doctors and clinics can use AI without exposing health data by removing patient data locally, before the text ever leaves the device.
- Enabling AI across your company: a guide for data protection officers
Data protection officers can enable AI instead of banning it by removing personal data locally, before employees paste it into an AI tool.
- GDPR-safe AI for law firms
Lawyers can use AI tools like ChatGPT without breaching client confidentiality by removing client data locally, before the text ever leaves the device.
Comparisons
- All-in-one anonymizing AI chat vs. your own ChatGPT or Claude
An all-in-one AI chat with built-in anonymization is convenient, but it usually costs more, gives you only the raw model, and has to receive your original text first. Anonymizing locally and using your own AI keeps the full product, predictable cost, and your data on your machine.
- On-device vs cloud anonymization: the difference
With on-device anonymization, the document content never leaves your machine. Cloud services still transmit the data to someone else's server, even when hosted in Germany.
- Stript vs. anonymization.ai (Glanos): desktop app or enterprise platform?
anonymization.ai (Glanos) is an enterprise anonymization platform: SaaS hosted in Germany or on-premise Docker, sold via demo. Stript is a self-serve desktop app where documents never leave the device. A factual comparison.
- Stript vs. anymize.ai: on-device app or cloud service?
anymize.ai is a German cloud service: documents are uploaded and processed on Hetzner servers in Germany. Stript is a desktop app: the document never leaves your machine. A factual comparison of architecture, pricing, and compliance.
Benchmark
- How accurate is Stript's on-device PII detection? A benchmark
On our German and English benchmark, Stript's on-device pipeline reaches an F1 of 97.3 (English) and 95.8 (German), with 95 to 98% recall. Checksum-validated identifiers like IBANs, credit cards, and bank accounts are caught at 100% recall. Every detection can be reviewed before anonymization.
Foundations
- Anonymization vs. pseudonymization (GDPR): the difference
Anonymization removes the link to a person irreversibly. Pseudonymization replaces identifying data with placeholders and stays reversible with separately held information. What that means for using AI.