General Questions
What happens to my data when I use Blindfold?
What happens to my data when I use Blindfold?
- Text is processed in real-time and not stored
- PII mappings are returned to you (not stored by us)
- No training on your data
- EU data residency (GDPR compliant)
- SOC 2 compliant infrastructure
- You send text → 2. We detect PII → 3. Return protected text → 4. Data deleted
How accurate is the PII detection?
How accurate is the PII detection?
- Email addresses: ~99% accuracy
- Phone numbers: ~95% accuracy
- Names: ~90-95% accuracy (varies by language)
- Credit cards: ~98% accuracy (with Luhn validation)
- Medical records: ~92% accuracy
policy="strict" for maximum detection or adjust score_threshold for your needs.What languages are supported?
What languages are supported?
- English, German, French, Spanish, Italian, Portuguese, Dutch, Polish, Russian
- Czech, Slovak, Danish, Swedish, Norwegian, Romanian
- Chinese, Japanese, Arabic
See All Languages
Can I detect custom entity types?
Can I detect custom entity types?
"order number","booking reference","employee id""internal code","project name","case number"- Industry-specific identifiers
What's the difference between policies?
What's the difference between policies?
| Policy | Entity Count | Use Case |
|---|---|---|
basic | 3 types | General PII (names, emails, phones) |
gdpr_eu | 15+ types | European data protection |
hipaa_us | 11+ types | US healthcare compliance |
pci_dss | 8+ types | Payment card industry |
strict | 60+ types | Maximum protection |
How do I handle false positives?
How do I handle false positives?
Technical Questions
What are the API limits?
What are the API limits?
| Free | Pay As You Go | |
|---|---|---|
| Characters | 500K / month | Unlimited |
| Max text per request | 5K chars | 500K chars |
| Price | $0 | $0.50 / 1M chars |
Can I use Blindfold in the browser?
Can I use Blindfold in the browser?
How do I restore tokenized data?
How do I restore tokenized data?
- Store
mappingsecurely (Redis, encrypted DB, session) - Set expiration (e.g., 24 hours)
- Without mapping, data cannot be restored
What's the difference between tokenize, mask, and redact?
What's the difference between tokenize, mask, and redact?
| Method | Reversible | Example | Use Case |
|---|---|---|---|
| Tokenize | ✅ Yes | <person_1> | AI processing, chatbots |
| Mask | ❌ No | ***3456 | Display to users |
| Redact | ❌ No | “ (removed) | Permanent removal |
| Hash | ❌ No | ID_a3f8b9 | Analytics, matching |
| Encrypt | ✅ Yes | gAAAAABh... | Secure storage |
| Synthesize | ❌ No | Jane Smith (fake) | Testing, demos |
Does Blindfold work with all AI providers?
Does Blindfold work with all AI providers?
- ✅ OpenAI (GPT-4o, GPT-4, o1)
- ✅ Anthropic (Claude Sonnet, Opus, Haiku)
- ✅ Google (Gemini 2.5 Flash, Pro)
- ✅ AWS Bedrock, Azure OpenAI
- ✅ LangChain, LlamaIndex, Vercel AI SDK
- ✅ Cohere, Hugging Face, self-hosted models
- ✅ Any LLM API
- OpenAI
- Anthropic Claude
- Google Gemini
- Any Provider
See All Integrations
Can I use Blindfold without an API key?
Can I use Blindfold without an API key?
| Local Mode | Cloud API | |
|---|---|---|
| Entity types | 80+ (regex-based) | 60+ NLP + 80+ regex |
| API key | Not needed | Required |
| Data privacy | Never leaves your infrastructure | Processed in EU/US, not stored |
| Names & addresses | Not supported | NLP-powered detection |
| Compliance policies | Not available | GDPR, HIPAA, PCI DSS |
| Audit logs | Not available | Full audit trail |
Compliance & Privacy
Is Blindfold GDPR compliant?
Is Blindfold GDPR compliant?
- ✅ EU data residency (servers in EU)
- ✅ No data storage (real-time processing)
- ✅ Data Processing Agreement (DPA) available
- ✅ Regular security audits
- Prevents PII from reaching third-party AI providers
- Meets “data minimization” requirements
- Supports “right to be forgotten”
- Enables lawful AI processing
Does Blindfold support HIPAA compliance?
Does Blindfold support HIPAA compliance?
- ✅ Use
policy="hipaa_us"for healthcare data - ✅ Detects PHI (Protected Health Information)
- ✅ Business Associate Agreement (BAA) available
- ✅ Encrypted data transmission
- Names, SSN, medical record numbers
- Health insurance IDs
- Medical conditions, medications
- Dates of birth
Can I get a custom Data Processing Agreement (DPA)?
Can I get a custom Data Processing Agreement (DPA)?
- Data processing terms
- Security measures
- Subprocessor list
- Your rights and obligations
- Incident response procedures
- Email: hello@blindfold.dev
- Subject: “DPA Request”
- Include: Company name, plan tier
Pricing & Plans
Is there a free tier?
Is there a free tier?
- ✅ 500K characters per month
- ✅ All 60+ entity types
- ✅ All global policies
- ✅ 18 languages supported
- ✅ 3 team members, 2 API keys
- ✅ Dashboard & audit logs
- Testing and development
- Proof of concepts
- Small projects
Sign Up Free
How is usage calculated?
How is usage calculated?
- Each API call counts the number of characters in the
textfield - Batch requests count total characters across all texts
- Policy management and dashboard usage are free
- “Hello, my name is John Doe” = 26 characters
- A 1,000-word email ≈ 5,000 characters