Is OpenRedaction free?

Yes, the OpenRedaction library is free and open-source. Use it locally or self-host with no fees. Enterprise support and custom deployments are available via contact.

What is the difference between regex mode and AI mode?

OpenRedaction uses 500+ tested regex patterns for fast, deterministic PII detection. It works completely offline and is free. You run it in your own environment via the npm library.

Does OpenRedaction store my data?

When you use the open-source library, your data never leaves your environment. We do not operate a hosted service that processes or stores your text. Processing runs in your process only.

How do I get enterprise support?

OpenRedaction is open source and self-hostable. For enterprise support, custom deployments, or SLAs, contact us via the Enterprise page or contact form.

Privacy Policy | OpenRedaction

OpenRedaction is designed with privacy and data minimization at its core. This policy explains how we handle your data.

No Data Storage

We do not store or log your text. When you use OpenRedaction on this site (e.g. the playground) or the npm library in your own app, your data is processed in memory and discarded immediately after processing unless your deployment adds persistence.

No persistent databases
No logs of your input text
No retention of processed data
All processing happens in memory

Self-Hosted Option

For complete privacy and control, you can self-host OpenRedaction on your own infrastructure:

Your data never leaves your environment
You control all processing and logging
No external API calls — all detection runs locally
Complete control over data handling

OpenRedaction is fully open source, so you can audit the code and deploy it on your own servers.

Data Minimization Principles

Our approach aligns with GDPR and UK-GDPR data minimization principles:

Storage limitation: We don't store your data
Data minimization: We only process what you send, and only for the purpose of redaction
Purpose limitation: Data is used solely for PII detection and redaction
Transparency: All code is open source and auditable

User Data Discarded After Processing

All user data is discarded immediately after processing:

Input text is processed and then discarded
No intermediate storage
No caching of results
No analytics or tracking of your content

Third-Party Services

OpenRedaction uses the following third-party services:

Email Service: We use an email service provider for the contact form and support communications. Email addresses are used solely for replying to your enquiries and are not shared with third parties for marketing purposes.

All third-party services are used in compliance with applicable privacy laws and data protection regulations.

Metadata Logging

For rate limiting, abuse prevention, and service improvement, we may log minimal metadata:

IP addresses (e.g. for abuse prevention)
Request timestamps
Response status codes

We do not log: your input text, detected entities, or any content of your requests. All metadata is retained only as long as necessary for rate limiting and abuse prevention purposes.

GDPR & UK-GDPR Compliance

Our data handling practices align with GDPR and UK-GDPR principles:

Data Minimization: We only process data necessary for the service (PII detection and redaction)
Storage Limitation: We do not store your text — processing is stateless
Purpose Limitation: Data is used solely for PII detection and redaction
Transparency: All code is open source and auditable
Right to Erasure: Since we don't store your text, there's nothing to delete. For metadata, contact us to request deletion.

For complete control over your data, you can self-host the open-source library, which requires no external services and processes everything locally.

Contact

If you have questions about this privacy policy, please contact us through our support channels or contact page.

Last updated: January 2025