General
What is PrivacyProxy?
PrivacyProxy is a GDPR-compliant proxy for LLM APIs (OpenAI, Anthropic, etc.). It automatically detects and masks personally identifiable information (PII) in your prompts before they are sent to the LLM provider. Responses are automatically unmasked so you get the original data back.
How does PII masking work?
PrivacyProxy uses a three-stage detection: 1) Regex patterns for structured data (IBAN, tax numbers, etc.), 2) Presidio + spaCy for Named Entity Recognition (names, locations, organizations), 3) GLiNER for zero-shot detection of unknown entities. Detected PII is replaced with placeholders (e.g., "[NAME_a1b2]") and restored after the LLM response.
Is PrivacyProxy GDPR compliant?
Yes. PrivacyProxy is hosted in Germany, personal data is masked before being sent to US providers, and we don't store any prompts or responses. Through masking, real PII data never leaves the EU - the LLM only sees placeholders like "[NAME_a1b2]".
Technical
Which LLM providers are supported?
PrivacyProxy supports all OpenAI-compatible APIs: OpenAI (GPT-4, GPT-4o, etc.), Anthropic (Claude), Google (Gemini), Mistral, Groq, Together AI, Perplexity, and many more. You bring your own API key (BYOK) and only change the base_url.
How do I integrate PrivacyProxy?
Integration takes 30 seconds - you only change the base_url in your existing code. Instead of "api.openai.com" you use "api.privacyproxy.dev". Your API key and the rest of your code remain unchanged. No SDK installation, no code changes.
Which PII types are detected?
Over 420 patterns for all EU-27 countries: names, email addresses, phone numbers, addresses, IBAN, credit cards, tax numbers, social security numbers, passport numbers, driver's licenses, license plates, and many country-specific IDs (German tax ID, Austrian social security, Swiss AHV, etc.).
Privacy & Security
Where is my data hosted?
PrivacyProxy runs on servers in Germany (Frankfurt). We use Laravel Forge for deployment. PII masking happens in Germany before data is sent to LLM providers. We don't store any prompts, responses, or API keys.
How much does PrivacyProxy cost?
PrivacyProxy offers flat-fee pricing: Developer (€29/mo) for up to $100 LLM usage, Professional (€99/mo) for up to $1,000 LLM usage. No hidden costs, no per-request charges. You only pay the monthly fee plus your normal LLM costs to your provider.
What does BYOK (Bring Your Own Key) mean?
BYOK means you use your own API key for OpenAI, Anthropic, or other providers. PrivacyProxy stores your key encrypted and forwards requests to your provider. You keep full control over your LLM costs and can use any supported provider.
Is my data stored?
No. PrivacyProxy doesn't store prompts, responses, or the masked/unmasked data. The mapping between placeholders and real values only exists during the request in memory and is deleted afterwards. We only log anonymized metrics (request count, latency) for billing.
Features
Does PrivacyProxy support streaming?
Yes. PrivacyProxy supports Server-Sent Events (SSE) streaming for all providers. Unmasking happens in real-time during the stream, so you see the original data as soon as it's generated by the LLM.
Can I exclude certain PII types?
Yes. In the dashboard, you can configure which PII types should be masked. If, for example, you don't want to mask email addresses (because the LLM needs them for a task), you can disable that type.
Still have questions?
Send us an email or start integrating right away.