Skip to content
PiiBlock

Everything PrivacyShield Does to Protect Your Data

15+ PII types detected. Auto-masking for critical data. 100% local processing. Here's how every feature works.

What types of personal data does PrivacyShield detect?

Auto-Protected (Critical PII)

Always masked — no user choice needed

Credit Card Numbers

Detected with Luhn algorithm validation. Supports Visa, Mastercard, Amex, and other major card formats.

Social Security Numbers

US SSN formats detected and auto-masked.

API Keys & Secrets

Detects OpenAI, AWS, GitHub, Stripe, and other common API key patterns.

Passwords

Catches password strings in common formats.

Bank Account Numbers

Detects account number patterns.

User-Controlled (Soft PII)

Detected and flagged — you decide whether to mask

Person Names

Detected using NER-based (Named Entity Recognition) analysis that understands context, not just pattern matching.

Physical Addresses

Street addresses, city, postal code combinations.

Phone Numbers

US and UK formats including +44, 07xxx, and standard US patterns.

Email Addresses

Standard email format detection.

Dates of Birth

Common date formats associated with birth date context.

Ages

Age mentions in context.

Salary & Income

Financial figures in employment context.

Medical Conditions

Health conditions, diagnoses, medications.

Employer Names

Company and organization names in employment context.

UK National Insurance Numbers

AB123456C format with HMRC-compliant prefix validation.

How does real-time detection work?

PrivacyShield scans text as you type into ChatGPT, Claude, or Gemini. Detected PII is highlighted with color-coded underlines directly in the chat input field. You see what's been detected before you send anything.

The detection engine uses a hybrid approach: NER-based contextual detection for names and entities, combined with regex pattern matching for structured data like credit cards, SSNs, and API keys. This catches PII that pure regex misses while keeping false positives low.

How does the masking dialog work?

Before your message is sent, PrivacyShield intercepts it and presents a confirmation dialog. The dialog separates detections into two categories: auto-protected items that are always masked, and user-choice items where you decide.

Critical PII like credit cards, SSNs, API keys, and passwords are auto-masked with no user action needed. Soft PII like names, addresses, and phone numbers are flagged with Mask and Send as-is buttons for each item.

You can also click “Send Unprotected” to skip masking entirely, or “Cancel” to go back and edit your prompt.

How does response unmasking work?

When the AI responds using placeholder tokens like [PERSON_A] or [CREDIT_CARD_1], PrivacyShield automatically swaps them back to your real data in the response. The conversation reads naturally as if no masking happened.

Unmasking works across the full conversation thread, including follow-up responses. The mapping between placeholders and real values is maintained for the duration of your session.

What else can PrivacyShield do?

Right-Click Masking

Select any text in the chat input, right-click, and choose "Mask with PrivacyShield" to manually mask anything the automation misses.

Personal Dictionary

Teach PrivacyShield your name, project codenames, or any custom terms. It remembers them and detects them automatically in future sessions.

One-Click Purge

Instantly wipe all stored mapping data with a single button click in the extension popup. No traces left.

Auto-Expiring Data

Encrypted mappings automatically expire after 4 hours even if you forget to purge them. Encryption keys are lost when the browser closes.

How does PrivacyShield keep my data secure?

AES-256-GCM Encryption

All mapping data between your real information and placeholder tokens is encrypted with AES-256-GCM. This is the same encryption standard used by banks and military systems.

Ephemeral Keys

Encryption keys exist only in browser memory. They are never written to disk and are lost when you close the browser.

Zero Infrastructure

PiiBlock does not operate any servers. There is no database, no API, no cloud infrastructure. It is architecturally impossible for PiiBlock to access user data.

No Telemetry

Zero analytics, zero tracking cookies, zero third-party scripts. PiiBlock does not know who its users are.

Want to see how these features work in practice? Explore use cases across healthcare, legal, development, and more →

Start protecting your data in 10 seconds

Free forever. No account needed. No data collected.

Add to Chrome — Free

Last updated: