How PII Redaction Protects You
Your personal information never leaves our secure servers. Here's exactly how we keep your data safe.
Your personal info never reaches AI services
When you upload a document, we detect and replace your sensitive information before it ever leaves our servers. The AI only sees placeholder tokens like [NAME] or [SSN]—never your actual data.
How does it work?
You upload a document
Your PDF is sent securely to our backend server via encrypted connection (HTTPS).
Text is extracted on our server
We extract the text content from your PDF entirely on our secure backend. No external services are involved yet.
PII is detected and replaced
Using pattern matching (not AI), we find your personal information based on what you've saved in your profile:
Before redaction:
"Patient John Smith, SSN 123-45-6789, lives at 123 Main St..."
After redaction:
"Patient [NAME], SSN [SSN], lives at [ADDRESS]..."
Only redacted text is processed by AI
The AI embedding service (used for search and chat) only receives the sanitized version. It has no way to know your actual name, SSN, or address.
Redacted version is stored
Only the redacted text is saved in our database. The original unredacted content exists only briefly in memory during processing, then is discarded.
Technical details
| Stage | Where | Who sees raw data? |
|---|---|---|
| PDF Upload | Our backend | Only our server |
| Text extraction | Our backend | Only our server |
| PII detection | Our backend (regex) | Only our server |
| AI embeddings | OpenAI | Redacted text only |
| Storage | Supabase | Redacted text only |
What information can be redacted?
You control what gets redacted by adding your information in the Profile tab. We support:
Names
Matches "J. Smith", "SMITH, JOHN", "Dr. Smith", "Mr. John Smith"
SSN
Full, partial & masked: XXX-XX-1234, ***-**-1234
Phone Numbers
All formats: (555) 123-4567, 555.123.4567, 555-123-4567
Exact match, case-insensitive
Address
Street, city, state, ZIP, apartment — even when split across fields
Date of Birth
Multiple date formats: 01/15/1990, Jan 15, 1990
Account Numbers
Bank accounts, policy numbers
How to improve detection accuracy
The more information you add to your profile, the smarter the redaction becomes.
With Profile Information (Recommended)
When you save your personal details in the Profile tab, DocuFeed uses "Smart Match" to find your specific information. This is more accurate and produces fewer false positives. Preview mode will show "Using your profile" for these types.
Without Profile Information
For any PII type you haven't added to your profile, we fall back to generic pattern detection. This catches more items but may include information that isn't yours (like other people's names or random phone numbers in the document). Preview mode will show "Pattern detection" for these types.
Best practice: Add as much of your personal information as possible to your profile—names, phone numbers, email addresses, SSN (last 4 digits), addresses, dates of birth, and account numbers. This ensures accurate, targeted redaction with minimal false positives.
Frequently asked questions
Is my data exposed during processing?
Your raw personal information only exists in our server's memory for a brief moment during redaction. It's never written to disk unredacted, never sent to AI services, and never stored in our database in its original form.
Does the AI know my real information?
No. The AI only ever sees text like "[NAME] visited the doctor on [DOB]"—it has no way to know your actual name or birthdate. When you chat with your documents, the AI responds based on the redacted content.
What if I don't add my info to my profile?
If you don't add your personal information to your profile, automatic redaction won't occur for that data type. You can use Preview mode when uploading to see what will be redacted and manually add items.
Can I see what was redacted?
Yes! Use Preview mode when uploading a document to see exactly what information will be redacted before confirming the upload.
Have privacy questions? Reach out to support@docufeed.ai and we'll be happy to explain our security practices in more detail.