Redacto logoRedacto

Guide

Anonymize personal data before you use AI (GDPR-safe)

By Meer Development B.V. ยท Updated 18 July 2026

Large language models are genuinely useful, but every prompt you send to a hosted AI leaves your computer. The moment your text contains a client's name, an email address, an IBAN or a BSN, you have shared personal data with a third party, often a company outside your organisation and sometimes outside the EU. This guide explains why that is a problem and gives you a simple, reliable way to keep using AI without exposing anyone's personal data.

Why pasting personal data into AI is risky

Tools like ChatGPT, Claude and Gemini run on servers you do not control. When you paste text into them, a few things happen that matter for privacy:

  • The data leaves your control. Once it is sent you cannot unsend it. You are relying entirely on the provider's policies and security.
  • It may be retained or reviewed. Depending on the product and its settings, prompts can be stored for a period, used to improve the service, or seen by human reviewers.
  • It can cross borders. Many AI providers process data outside the EU, which brings extra obligations under the GDPR.

Under the GDPR (the AVG in the Netherlands) personal data may only be processed with a lawful basis and a clear purpose. Quietly pasting a customer record into a consumer chatbot rarely meets that bar, and for special categories such as health data the rules are stricter still. The safest position is simple: do not send personal data to an AI you do not control.

What actually counts as personal data

Personal data is any information that can identify a living person, directly or in combination with other data. It is much broader than a name. In everyday documents it includes:

  • Names, initials and signatures
  • Email addresses and phone numbers
  • Home and delivery addresses, including postcodes
  • Dates of birth
  • Bank details such as IBANs and card numbers
  • National identifiers such as the Dutch BSN, passport and driving-licence numbers
  • Vehicle plates, IP addresses and customer or case numbers

A single sentence can carry several of these at once, which is exactly why manual redaction is so easy to get wrong.

The safe workflow: anonymize, prompt, restore

You do not have to choose between using AI and protecting privacy. The reliable pattern is three steps:

  1. Anonymize. Replace every piece of personal data with a neutral placeholder before the text leaves your machine, for example [Name#1], [Email#1] or [IBAN#1].
  2. Prompt. Paste the placeholdered text into the AI and ask your question as normal.
  3. Restore. Paste the AI's reply back into your tool, which puts the real values back in place of the placeholders.

Because the placeholders are consistent (the same person is always [Name#1]), the model still understands who is who and its answer stays coherent. The AI does its job, but it never sees a single real identifier.

Do it locally, not in another cloud

An anonymiser that uploads your text to a web service just moves the problem to a different server. To actually reduce risk, the detection has to run on your own machine. A local tool means the sensitive text is scrubbed before anything is transmitted, there is no account or log to leak, and the workflow keeps working even with no internet connection.

Redacto takes this approach. It runs an on-device model, so your document is analysed and masked entirely on your computer. Nothing is uploaded, there is no telemetry, and after the first launch it works fully offline. If your team handles personal data every day, our guide on using AI safely at work covers the practical policies.

A quick checklist before you paste

  • Have you removed names, emails and phone numbers?
  • Have you masked addresses, postcodes and dates of birth?
  • Have you handled financial and national identifiers (IBAN, BSN, passport)?
  • Did you review each detected item, so nothing real slipped through and nothing harmless was over-masked?
  • Are you keeping the mapping so you can restore the real values in the reply?

Bottom line

AI is safe to use as long as personal data never reaches it. Anonymise first, prompt with placeholders, and restore afterwards. Do the detection locally and you get the benefit of modern AI while your clients' data stays on your machine, and your organisation stays on the right side of the GDPR.

Try Redacto, free and local

Mask names, emails, IBANs and BSNs before you paste into AI, then restore the real values in the reply. Nothing leaves your computer.

Download for free