Treza LabsT R E Z A
PII Redaction

Redact PII before it reaches the model.

Treza detects and strips names, emails, SSNs, and payment data from prompts in flight — replacing them with typed placeholders so your agents keep working and sensitive data never leaves your perimeter.

Start free trial->See what gets redacted
Built for sensitive data
Stripped pre-modelTyped placeholdersFull audit log
14-day free trialOpenAI · Anthropic · AzureNo agent rewrite
PII redaction
What the model actually sees
Live
Your agent sends
jane@acme.com
412-55-1981
Redacting in flight
The model receives
[EMAIL_1]
[US_SSN_1]
Forwarded to your model
What it is

PII redaction for LLM prompts

PII redaction detects and removes personal data from a prompt before it reaches the model. Treza runs it as a proxy: a one-line base-URL change strips sensitive data in flight. It’s the redaction layer of the Treza AI control plane and ships built into the AI gateway.

Redact PII with a base-URL change
from openai import OpenAI

client = OpenAI(
    base_url="https://app.trezalabs.com/api/redact",
    api_key="treza_...",  # your Treza key
)

# PII is detected and stripped before the prompt reaches the model
client.chat.completions.create(
    model="gpt-4o",
    messages=[{"role": "user", "content": "Email jane@acme.com re: SSN 412-55-1981"}],
)
# The model sees: "Email [EMAIL_1] re: SSN [US_SSN_1]"
What gets redacted

Common PII, replaced with typed placeholders

Each entity becomes a numbered token so the model keeps its context. Choose which types to redact per use case.

Names

Jane Doe->[PERSON_1]

Email addresses

jane@acme.com->[EMAIL_1]

Phone numbers

+1 415 555 0117->[PHONE_1]

SSNs & national IDs

412-55-1981->[US_SSN_1]

Payment & card data

4111 1111 1111 1111->[CREDIT_CARD_1]

Postal addresses

1 Market St, SF->[ADDRESS_1]

Dates of birth

1990-04-12->[DOB_1]

IP addresses

203.0.113.5->[IP_1]

…and more. Define the exact entity set to redact per use case, provider, and environment.

How it works

Detect, replace, forward, audit

Four steps run on every request — no SDK to learn and no agent to rewrite.

01

Detect

Treza scans every prompt for PII — names, contact details, government IDs, and financial data.

02

Replace

Each match becomes a typed, numbered placeholder like [EMAIL_1], so the model keeps coherent context.

03

Forward

The redacted prompt goes to your provider. Raw PII never leaves your perimeter.

04

Audit

Every redacted request is logged and exportable for security, legal, and compliance.

Compliance

Redaction that holds up in review

Turn “we think it’s fine” into provable data handling for GDPR, HIPAA, and SOC 2.

GDPR data minimization

Send models only the minimum data they need — redact the rest by default and prove it.

HIPAA-conscious workflows

Keep PHI out of third-party providers while still running LLM workflows over patient data.

SOC 2 evidence

An exportable log of every redacted request gives auditors proof of how data is handled.

Hardware-isolated option

For the most sensitive data, run redaction inside a Nitro Enclave with cryptographic attestation.

Use cases

For teams running AI on regulated data

Wherever sensitive data meets an LLM, Treza keeps the PII on your side of the line.

Healthcare & life sciences

Run LLM workflows over PHI without exposing patient data.

Fintech & banking

Keep account numbers and PII out of third-party models.

Support & ops agents

Let agents act on tickets without leaking customer PII.

RAG on internal data

Redact sensitive fields before retrieval hits the model.

14-day free trial No agent rewrite Live in minutes
Start your free trial->
FAQ

PII redaction questions, answered

What is PII redaction?

PII redaction is the process of detecting and removing personally identifiable information — names, emails, SSNs, payment data, and more — from text before it is stored, processed, or sent to a third party. For LLMs, it means stripping PII from a prompt before it reaches the model.

How do I redact PII before sending it to OpenAI or Anthropic?

Point your existing client at Treza's redaction endpoint instead of the provider directly. Treza strips PII in flight and forwards the cleaned prompt to the model you targeted — no agent rewrite required.

What types of PII does Treza redact?

Common entity types including names, email addresses, phone numbers, SSNs and national IDs, payment and card data, postal addresses, dates of birth, and IP addresses. You choose which types to redact per use case and environment.

Does redaction break the model's response quality?

No. PII is replaced with typed, numbered placeholders like [EMAIL_1] rather than deleted, so the model keeps the structure and context it needs to respond well.

How does PII redaction help with GDPR and HIPAA?

Redaction enforces data minimization — a core GDPR principle — by ensuring third-party models only receive the minimum necessary data, and it keeps PHI out of external providers for HIPAA. Every request is logged so you can prove what was and wasn't sent.

Which LLM providers does it work with?

OpenAI, Anthropic, Azure OpenAI, or a custom upstream. You keep your existing SDK and simply change the base URL.

AI Control Plane

Redact PII before it hits the model.

Point your OpenAI client at Treza, configure a redaction proxy, and start sending requests in minutes. 14-day free trial, no sales call required.

Get started->Talk to us
Read the docs
Quickstarts, SDK reference, attestation guides
->
Browse pre-built apps
KYC, key signing, AI agents. Deploy in one click.
->
Read the blog
How teams are using enclaves in production
->