v2.0.0 · MIT Licensed · Open Source

Your AI data is leaking
PII right now.
Install a firewall in 30 seconds.

AI Privacy Gateway intercepts every API call to LLMs — detecting and masking phone numbers, emails, ID cards, bank cards, and 14 entity types

14 Entity Types Detected
<1ms Avg. Latency Added
10K+ QPS Per Instance
0 Data Ever Uploaded
Raw Request Masked → AI
Live Preview
{
  "model": "gpt-4",
  "messages": [{
    "role": "user",
    "content": "My phone is 13812345678,
    email is alice@example.com,
    and my ID is 110101199001011234."
  }]
}

Works with ChatGPT, Claude, DeepSeek, Cursor, Kimi — any OpenAI-compatible API.

Every AI call exposes your
sensitive data

Every time you paste code, patient records, or customer data into an AI prompt, that information leaves your control. Here is what is at stake.

Data at rest nowhere

Phone numbers, emails, addresses, and bank cards fly through third-party servers every time you use an AI tool.

78% of corporate AI prompts contain PII

Training data leaks

LLMs memorize patterns. Your data could resurface in another user's session — a documented risk in production AI systems.

Known Model inversion & extraction attacks

Regulatory exposure

Sending PII to third-party AI APIs without masking violates GDPR, CCPA, PIPL, and HIPAA. Fines can reach millions.

€20M+ GDPR max fine per violation

Three steps. Zero code changes.

Point your API base URL to the gateway. Everything else is automatic.

01

Intercept

Gateway captures every request headed to your AI provider

02

Detect & Mask

14 entity types identified via regex + NER, replaced with safe placeholders

03

Forward & Restore

Masked data sent to LLM; response placeholders restored before returning to you

One-line change. Any SDK.
Before
# Unprotected — direct to AI
client = OpenAI(
  api_key="sk-...",
  base_url="https://api.openai.com/v1"
)
After
# Protected — via gateway
client = OpenAI(
  api_key="sk-...",
  base_url="http://localhost:9999/v1"
)

Why AI Privacy Gateway?

Built for teams that ship fast and care about data security. Every feature ships in the free Lite edition.

Core Engine

Intelligent Masking Engine

Regex + NER dual-engine detects 14 entity types: phone, email, ID card, bank card, name, address, license plate, IP, URL, date, amount, postal code, organization, and custom keywords. Zero configuration.

Phone Email ID Card Bank Card Name Address Org +7 more
14 Entity Types
<1ms Detection Latency
93% Coverage Rate

SSE Streaming

Full SSE proxy with real-time masking and unmasking. Zero added perceptible latency.

Local SQLite Vault

Encrypted local storage. Mapping data never leaves your machine.

30-Second Deploy

Single binary, Docker, or pip. Download and run. No dependencies.

Architecture

Data Flow Pipeline

Request enters gateway → regex scan → NER inference → placeholder replacement → forward to LLM. Response reverses the pipeline. End-to-end under 1ms overhead.

Client
Gateway
LLM
Regex Match NER Detect Map & Replace Reverse on Response

Custom Rules

Regex + keyword patterns for domain-specific PII. Flexible and extensible.

Admin Dashboard

Real-time stats: masking count, entity distribution, mapping records, and throughput.

MIT Licensed

Free forever. Personal use, commercial use, self-hosted. No restrictions.

Performance Benchmarks

P99 latency under 2ms. Single instance handles 10,000+ QPS. Zero data leaves your network.

Regex Matching
0.3ms
NER Inference
0.8ms
Map Restore
0.1ms

Works with everything

Drop-in proxy for any OpenAI-compatible API. No SDK changes, no vendor lock-in.

Python SDK
JavaScript SDK
Flutter SDK
Android SDK
iOS SDK
Browser Ext.

Your data should not be
nobody else's training set.

Deploy in 30 seconds. No credit card. No account. No data ever leaves your machine.