anonym.legal

By · Last updated 2026-05-28

Compliance Overview

Last Updated: January 30, 2026

About This Document#

This page explains how anonym.legal keeps your data safe and follows important security and privacy rules.

Security Standards We Follow#

ISO 27001 - Information Security#

Status: Implemented

We follow ISO 27001, which is an international standard for keeping information safe. This means we have:

  • Security Rules: Clear rules about how we protect your data
  • Access Controls: Only the right people can see certain information
  • Incident Handling: We have plans ready if something goes wrong
  • Regular Checks: We review our security practices often

GDPR - Privacy Protection#

Status: Implemented

We follow the GDPR, which is a European law that protects your privacy. This means:

  • Privacy by Design: We built our service to protect your privacy from the start
  • Your Rights: You can see, download, or delete your data anytime
  • Data Protection: We handle your data carefully and only for its intended purpose
  • Breach Response: If there is ever a data problem, we have a plan to tell you

How We Protect Your Data#

Data Security#

  • Encrypted Connections: All data sent to and from our service is encrypted
  • Secure Storage: Any stored data is protected with strong encryption
  • Safe Key Handling: Encryption keys are stored and managed securely

Who Can Access What#

  • Login Protection: We support extra login security (two-factor authentication)
  • Permission Levels: Users only see what they need to see
  • Device Tracking: You can see which devices are logged into your account
  • Strong Passwords: We require passwords that are hard to guess

How We Handle Your Text#

  • No Storage: Your text is processed instantly and not saved on our servers
  • Minimal Data: We only keep basic usage information and payment records
  • Secure Processing: All work happens in protected, isolated systems

Your Privacy Matters#

What We Promise#

  • Only What We Need: We collect only the data necessary to provide our service
  • Clear Purpose: We use your data only for the reasons we tell you about
  • You Are in Control: You can export or delete your data whenever you want
  • Honesty: We are open about how we handle your information

Our Commitments#

  • We Never Sell Your Data: Your information is not for sale
  • No Unauthorized Access: Strict controls prevent unwanted access
  • Confidentiality: All data is treated as private and confidential
  • Following the Law: We comply with all applicable privacy laws

Security Logs#

What We Record#

We keep security logs to help protect you:

  • Login Activity: When you log in or change your password
  • Usage Activity: How you use the service
  • Payment Activity: Records of payments
  • Admin Actions: What administrators do on the system

Why We Keep Logs#

  • Safety: Logs help us investigate if something goes wrong
  • Compliance: Some laws require us to keep certain records
  • Limited Access: Only authorized staff can view the logs

Where Your Data Lives#

Your data is processed and stored in secure data centers located in Europe.

Continuous Improvement#

We are always working to make our security better:

  • Regular security reviews
  • Ongoing compliance monitoring
  • Keeping our systems up to date
  • Training our team on security best practices

Learn More#

Last Updated: January 30, 2026

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.