Privacy Policy

Last updated: March 28, 2026

This Privacy Policy for PII Eraser (‘we’, ‘us’, or ‘our’), describes how and why we might access, collect, store, use, and/or share (‘process’) your personal information when you use our services (‘Services’), including when you:

  • Visit our website at piieraser.ai.
  • Use the interactive web demo on our site.
  • Purchase or use the PII Eraser self-hosted software container.
  • Engage with us in other related ways, including customer support or sales inquiries.

Because PII Eraser is fundamentally designed as a privacy-enhancing tool, data minimization is built into our core product architecture. If you have any questions or concerns about this policy, please contact us at support@piieraser.ai.

1. How We Interact With Data

To provide absolute clarity on our security posture, we have separated our data practices into four distinct categories based on how you interact with our Services:

A. The Container Product (Self-Hosted Software)

PII Eraser is distributed as a self-hosted, stateless container that is built for regulated environments.

  • Zero Telemetry & Content Privacy: The container is designed to run securely within your environment. It does not phone home, report usage statistics, or send any of your inputs or data back to us. If deployed via a cloud marketplace, the only external communication is standard, automated metering data sent strictly to your cloud provider (e.g., AWS or Azure) to manage billing.
  • Stateless Operation: The software is entirely stateless and utilizes a read-only filesystem. No text, data, or logs processed by the container are saved, retained, or transmitted by us.
  • Customer Data: We do not process, see, or have access to any of the data you pass through the self-hosted container. Because the container runs entirely within your infrastructure, PII Eraser does not act as a data processor with respect to the data you process using the self-hosted software. You retain full controllership.

B. The Interactive Web Demo

We provide a web demo for evaluation purposes. PII Eraser is the data controller for any data submitted to the web demo.

  • Transient Processing: Text submitted to the web demo is sent securely to a container instance hosted on Huggingface Spaces purely for real-time processing.
  • Abuse Monitoring: We may monitor demo usage, including submitted inputs, for abuse detection and security purposes.
  • Legal Basis: We process demo submissions on the basis of our legitimate interest in allowing prospective customers to evaluate our product and in protecting our Services from abuse.

C. The Website (piieraser.ai)

Our website is a static site designed to provide information about our product.

  • Analytics: We use Google Analytics to understand basic website traffic and usage patterns. This involves collecting basic device and browser information (such as your IP address, browser type, and pages visited).

D. Sales & Billing

If you purchase PII Eraser, we must process limited administrative data to facilitate the transaction.

  • Cloud Marketplaces: If purchased via a cloud Marketplace, we receive basic customer and billing information as provided by those platforms to manage your subscription.
  • Direct Sales: If purchased directly, we collect basic business contact details (name, email, billing address). Payment processing is handled entirely by secure third-party processors (like Stripe). We do not collect or store your raw credit card details.

2. How and Why We Process Your Information

We process your personal information only when we have a valid legal reason to do so. Our primary purposes include:

  • To fulfill our contractual obligations: To process your purchases, manage your subscriptions, issue invoices, and provide customer support.
  • To provide and protect our web demo: To allow prospective customers to evaluate PII Eraser’s capabilities and to monitor for abuse (based on our legitimate business interests).
  • To improve our Services: To analyze website traffic via Google Analytics to understand how visitors interact with our site (based on our legitimate business interests).
  • Based on your consent: To set analytics cookies on our website, where consent is required by applicable law. You may withdraw this consent at any time via your browser settings or our cookie banner.

3. Artificial Intelligence & Machine Learning

PII Eraser utilizes machine learning models to detect and redact Personally Identifiable Information (PII).

  • Inference Only: The models are strictly used for inference (analyzing inputs you provide).
  • No Training on Customer Data: We never use customer data, or data submitted to our web demo, to train, fine-tune, or improve our machine learning models.

4. When and With Whom We Share Your Information

We do not sell your personal information. We only share necessary information with the following categories of third parties to facilitate our Services:

  • Cloud Providers: Huggingface (as the infrastructure provider for our web demo; inputs are processed transiently within our container and are not retained by us or, to our knowledge, by Huggingface in accordance with their data processing terms).
  • Payment Processors & Marketplaces: Stripe, AWS Marketplace, and Azure Marketplace (to process transactions and manage billing).
  • Analytics Providers: Google Analytics (to analyze website performance).

5. International Data Transfers

The self-hosted container product involves no transfer of data to us or any third party.

For our website and sales/billing activities, your personal information may be transferred to, and processed in, countries other than the country in which you are resident. Specifically, our third-party service providers (Google Analytics, Stripe) may process data in the United States or other jurisdictions.

Where such transfers occur, we rely on appropriate safeguards recognized under applicable law, including:

  • The European Commission’s adequacy decisions (e.g., the EU-US Data Privacy Framework).
  • Standard Contractual Clauses (SCCs) approved by the European Commission or the UK ICO’s International Data Transfer Agreement, where applicable.

6. Cookies and Tracking Technologies

We use Google Analytics cookies to understand website traffic. These are only set if you provide consent via our cookie banner. You can manage your preferences or opt out of being tracked across all websites by visiting https://tools.google.com/dlpage/gaoptout.

7. How Long Do We Keep Your Information?

We keep your information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Demo Data: Not retained by PII Eraser after processing. Infrastructure-level logging by Huggingface, if any, is subject to their data processing terms. If demo usage is logged for abuse detection purposes, such logs are retained for no more than 30 days.
  • Sales/Billing Data: Retained for as long as you have an active account or subscription with us, and thereafter only as long as required by applicable tax, accounting, or corporate laws.
  • Analytics Data: Retained according to standard Google Analytics retention windows.

8. Children’s Privacy

We do not knowingly collect data from or market to children under 18 years of age. Our Services are intended for business and enterprise use. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records.

9. Your Privacy Rights (Global)

Depending on your region (including the US, EEA, UK, Switzerland, Canada, Australia, and New Zealand), you have certain rights regarding your personal data. We believe in a unified approach to privacy, extending these core rights to all our users regardless of geography:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Correction: You can request that we correct any inaccurate or incomplete data.
  • Right to Deletion: You can request that we erase your personal data from our systems (subject to legal billing/tax retention requirements).
  • Right to Portability: You can request to receive your personal data in a structured, commonly used, machine-readable format.
  • Right to Restrict Processing: You can request that we restrict the processing of your personal data under certain circumstances.
  • Right to Object: You can object to our processing of your personal data where we rely on legitimate interests (e.g., analytics). We will cease processing unless we demonstrate compelling legitimate grounds.
  • Right to Withdraw Consent: If we are processing your data based on consent, you can withdraw it at any time.

For US residents: We do not sell your personal information, nor do we share it for cross-context behavioral advertising, as those terms are defined under applicable US state privacy laws (including the California Consumer Privacy Act). You may exercise any applicable rights by contacting us at the email below.

How to exercise your rights: To exercise any of these rights, simply email our privacy team at support@piieraser.ai. We will verify your identity and respond to your request within 30 days, in accordance with applicable data protection laws. This period may be extended by up to two additional months for complex or numerous requests, in which case we will notify you of the extension.

If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection authority.

10. Updates to This Policy

We may update this Privacy Policy from time to time to stay compliant with relevant laws or to reflect changes in our business practices. The updated version will be indicated by an updated ‘Last updated’ date at the top of this document.

11. Contact Us

If you have questions, comments, or wish to exercise your privacy rights regarding this policy, please contact us by email at:

support@piieraser.ai