By George Curta · Last updated 2026-04-07
419/419 Tests Passing
100% Pass RateProduction test suite covering GUI, API endpoints, protection, performance, and cross-browser compatibility — verified with Playwright.
Infrastructure Upgrade
Up to 467× FasterMigrated to a dedicated server with 16x more RAM, 5 parallel workers, and all 48 language models preloaded. Cold starts eliminated.
Concurrent Performance
The new server handles hundreds of simultaneous requests across all services with zero failures.
| Service | Concurrent | Success | Avg | RPS |
|---|---|---|---|---|
| Analyzer (spaCy) | 500 | 100% | 331 ms | 634 |
| Analyzer (12-lang mix) | 120 | 100% | 114 ms | 515 |
| Anonymizer | 1,000 | 100% | 8 ms | 1,501 |
| Structured Data | 100 | 100% | 331 ms | 144 |
| Frontend (Next.js) | 200 | 100% | 979 ms | 104 |
| Mixed Workload | 110 | 100% | 56 ms | 536 |
Full Pipeline Speed
End-to-end analyze + anonymize latency on the new server, measured with all language models warm.
| Language | Engine | Pipeline Avg | Entities |
|---|---|---|---|
| English | spaCy | 10.2 ms | 9 |
| German | spaCy | 13.4 ms | 9 |
| French | spaCy | 10.5 ms | 10 |
| Spanish | spaCy | 7.8 ms | 9 |
| Japanese | spaCy | 9.9 ms | 6 |
| Chinese | spaCy | 13.6 ms | 5 |
| Arabic | Transformer | 12.7 ms | 7 |
| Hebrew | Stanza | 117.3 ms | 6 |
Old server times include full GUI test pipeline (Playwright + API). New server times are API-only benchmarks with all models warm. The improvement reflects real infrastructure gains: eliminated cold starts, 5× parallelism, and NVMe storage.
13 Test Milestones
Each milestone covers a distinct functional area of the platform, from authentication to cross-browser compatibility.
Authentication & Session
22/22 tests
Login, session persistence, profile, health checks, auth guards, logout/re-login
PII Detection (Analyzer)
62/62 tests
48-language analysis via GUI, entity filters, score thresholds, edge cases, keyboard shortcuts
Anonymizer (5 Operators)
40/40 tests
Replace, Redact, Hash, Mask, Encrypt operators via API and GUI, quick actions, multi-language
Decrypt (Roundtrip)
22/22 tests
Encrypt-then-decrypt roundtrips for AES-256/128/192, multi-language, key validation, large text
Batch & File Upload
20/20 tests
Batch text processing, file upload UI, tab switching, processing status
Entity Management
28/28 tests
Entity CRUD across 3 tabs, AI Creator, validation rules, cleanup verification
Preset Management
28/28 tests
Preset CRUD across 3 tabs, apply flow, validation rules, cleanup verification
Settings (10 Tabs)
42/42 tests
All 10 settings tabs: Account, Billing, Tokens, Protection, History, Language, Encryption Keys, Services, Developer
API Security
35/35 tests
Core endpoints, protection headers, CORS policy, input validation, auth safeguards, rate limiting
Token Usage Monitoring
24/24 tests
Unit consumption by text size, operator, language, entity filter, decrypt, batch, CSV export
Lighthouse & Quality
20/20 tests
Lighthouse scores on 8 pages, viewport responsiveness, accessibility, SEO, console errors, broken links
48 Languages + RTL
56/56 tests
Analysis for all 48 languages, 4 RTL layout checks, language switching, selector validation
Cross-Browser
20/20 tests
5 pages across Chromium, Firefox, WebKit, and Mobile Chrome — zero console errors
48-Language Coverage
Every supported language is tested with real PII samples. Three NLP engine types ensure optimal accuracy per language.
| Language | Code | Engine | Entities | Old Server | New Server | Speed Gain | Status |
|---|---|---|---|---|---|---|---|
| English | en | spacy | 113 | 270 ms | 8 ms | 34× | |
| German | de | spacy | 148 | 313 ms | 7 ms | 45× | |
| Spanish | es | spacy | 104 | 1,841 ms | 6 ms | 307× | |
| French | fr | spacy | 133 | 2,327 ms | 8 ms | 291× | |
| Italian | it | spacy | 97 | 1,787 ms | 7 ms | 255× | |
| Portuguese | pt | spacy | 61 | 1,764 ms | 6 ms | 294× | |
| Dutch | nl | spacy | 122 | 2,486 ms | 6 ms | 414× | |
| Polish | pl | spacy | 70 | 1,726 ms | 8 ms | 216× | |
| Russian | ru | spacy | 41 | 2,226 ms | 6 ms | 371× | |
| Japanese | ja | spacy | 23 | 1,436 ms | 6 ms | 239× | |
| Chinese | zh | spacy | 24 | 2,554 ms | 7 ms | 365× | |
| Korean | ko | spacy | 16 | 1,305 ms | 6 ms | 218× | |
| Arabic | ar | transformer | 20 | 554 ms | 8 ms | 69× | |
| Hindi | hi | transformer | 22 | 486 ms | 7 ms | 69× | |
| Turkish | tr | spacy | 112 | 504 ms | 6 ms | 84× | |
| Romanian | ro | spacy | 122 | 1,730 ms | 6 ms | 288× | |
| Greek | el | spacy | 29 | 1,822 ms | 7 ms | 260× | |
| Croatian | hr | spacy | 67 | 989 ms | 7 ms | 141× | |
| Slovenian | sl | spacy | 64 | 1,264 ms | 7 ms | 181× | |
| Macedonian | mk | spacy | 24 | 1,259 ms | 7 ms | 180× | |
| Swedish | sv | spacy | 140 | 1,002 ms | 6 ms | 167× | |
| Danish | da | spacy | 107 | 1,910 ms | 7 ms | 273× | |
| Norwegian | nb | spacy | 109 | 1,606 ms | 7 ms | 229× | |
| Finnish | fi | spacy | 118 | 1,229 ms | 7 ms | 176× | |
| Icelandic | is | transformer | 73 | 559 ms | 8 ms | 70× | |
| Ukrainian | uk | spacy | 25 | 1,434 ms | 9 ms | 159× | |
| Lithuanian | lt | spacy | 86 | 1,601 ms | 7 ms | 229× | |
| Bulgarian | bg | stanza | 24 | 8,735 ms | 98 ms | 89× | |
| Serbian | sr | transformer | 24 | 519 ms | 8 ms | 65× | |
| Hungarian | hu | stanza | 82 | 8,141 ms | 39 ms | 209× | |
| Czech | cs | transformer | 81 | 562 ms | 8 ms | 70× | |
| Slovak | sk | transformer | 70 | 577 ms | 8 ms | 72× | |
| Latvian | lv | transformer | 83 | 526 ms | 8 ms | 66× | |
| Estonian | et | transformer | 79 | 531 ms | 8 ms | 66× | |
| Hebrew | he | stanza | 17 | 8,850 ms | 101 ms | 88× | |
| Persian | fa | transformer | 12 | 439 ms | 7 ms | 63× | |
| Vietnamese | vi | stanza | 74 | 11,282 ms | 99 ms | 114× | |
| Indonesian | id | transformer | 79 | 524 ms | 7 ms | 75× | |
| Thai | th | transformer | 20 | 521 ms | 5 ms | 104× | |
| Malay | ms | transformer | 87 | 510 ms | 7 ms | 73× | |
| Filipino | tl | transformer | 75 | 501 ms | 7 ms | 72× | |
| Bengali | bn | transformer | 18 | 455 ms | 7 ms | 65× | |
| Urdu | ur | transformer | 12 | 445 ms | 7 ms | 64× | |
| Afrikaans | af | stanza | 119 | 7,867 ms | 55 ms | 143× | |
| Swahili | sw | transformer | 68 | 526 ms | 7 ms | 75× | |
| Armenian | hy | stanza | 69 | 19,643 ms | 85 ms | 231× | |
| Catalan | ca | spacy | 100 | 3,267 ms | 7 ms | 467× | |
| Basque | eu | stanza | 82 | 783 ms | 40 ms | 20× |
Cross-Browser Compatibility
5 critical pages tested across 4 browser engines with zero console errors and no horizontal overflow.
Chromium
5 of 5 pages
All PassingFirefox
5 of 5 pages
All PassingWebKit
5 of 5 pages
All PassingMobile Chrome
5 of 5 pages
All PassingSecurity Testing
35 Tests35 dedicated protection tests covering API endpoints, headers, CORS, input validation, authentication, and rate limiting.
Core Endpoints
8 tests8 tests verifying API endpoint accessibility and response codes
Safeguards Headers
6 tests6 tests for CSP, X-Frame-Options, HSTS, and more
CORS Policy
5 tests5 tests for cross-origin request handling
Input Validation
6 tests6 tests for XSS, SQL injection, and malformed input
Auth Protection
5 tests5 tests for authentication bypass and session protection
Rate Limiting
5 tests5 tests for API rate limit enforcement and Retry-After headers
Token Usage Analysis
Total Tokens Used: 76122 token consumption tests measuring cost efficiency across operations, text sizes, languages, and operators.
| Operation | Chars | Language | Entities | Operator | Tokens | Response Time |
|---|---|---|---|---|---|---|
| analyze | 50 | en | 44 | N/A | 4 | 220 ms |
| analyze | 200 | en | 140 | N/A | 9 | 276 ms |
| analyze | 500 | en | 387 | N/A | 21 | 367 ms |
| analyze | 1,000 | en | 745 | N/A | 39 | 542 ms |
| analyze | 5,000 | en | 3776 | N/A | 193 | 4,398 ms |
| analyze | 10,000 | en | 7566 | N/A | 385 | 14,494 ms |
| anonymize | 160 | en | 113 | replace | 7 | 291 ms |
| anonymize | 160 | en | 113 | redact | 7 | 236 ms |
| anonymize | 160 | en | 113 | hash | 7 | 243 ms |
| anonymize | 160 | en | 113 | mask | 7 | 276 ms |
| anonymize | 160 | en | 113 | encrypt | 7 | 242 ms |
| analyze | 148 | en | 4 | lang-compare | 2 | 0 ms |
| analyze | 145 | de | 3 | lang-compare | 2 | 0 ms |
| analyze | 144 | es | 3 | lang-compare | 2 | 0 ms |
| analyze | 145 | fr | 4 | lang-compare | 2 | 0 ms |
| analyze | 136 | it | 3 | lang-compare | 2 | 0 ms |
| analyze | 145 | pt | 3 | lang-compare | 2 | 0 ms |
| analyze | 137 | nl | 3 | lang-compare | 2 | 0 ms |
| analyze | 137 | pl | 2 | lang-compare | 2 | 0 ms |
| analyze | 132 | ru | 3 | lang-compare | 2 | 0 ms |
| analyze | 84 | ja | 2 | lang-compare | 2 | 0 ms |
| analyze | 70 | zh | 2 | lang-compare | 2 | 0 ms |
| analyze | 123 | ar | 4 | lang-compare | 2 | 0 ms |
| analyze | 160 | en | 106 | PERSON only | 7 | 258 ms |
| analyze | 160 | en | 108 | PERSON+EMAIL+PHONE | 8 | 266 ms |
| analyze | 160 | en | 113 | All entities | 8 | 264 ms |
| decrypt | 342 | en | 37 | decrypt | 2 | 188 ms |
| batch-analyze | 476 | en,de,fr | 394 | N/A | 26 | 5,278 ms |
Testing Methodology
Our test suite combines GUI-level Playwright testing with direct API validation for comprehensive coverage.
GUI Testing
Playwright browser automation tests real user workflows — clicking buttons, filling forms, navigating between pages, and verifying visual output.
API Testing
Direct HTTP requests validate every endpoint with edge cases, malformed input, and boundary conditions that GUI testing alone cannot cover.
Session Caching
Authenticated sessions are cached and reused across milestones, reducing test runtime while maintaining realistic user behavior.
CRUD Cleanup
Every entity, preset, and encryption key created during testing is cleaned up afterward, ensuring tests are idempotent and repeatable.
About this page
We update this page when our platform or the law changes.
Read our founder note for how we work.
Each change shows up in the timestamp at the top.
Related reading
- Common questions
- Glossary
- How tokens work
- Security posture
- Where we comply
- What we detect
- Case studies
- Release notes
We follow these rules
- GDPR (EU 2016/679).
- ISO/IEC 27001:2022.
- NIS2 (EU 2022/2555).
- HIPAA safe harbor under 45 CFR § 164.514(b)(2).
Our promise
We do not sell your data.
We do not train models on your text.
We store your files in Germany.
You can delete your account at any time.
You own your work.
Where we run
Our servers live in Falkenstein, Germany.
We use Hetzner. They hold ISO 27001 certification.
All data stays in the EU.
Backups run every day.
Need help?
Email support@anonym.legal.
We reply within one business day.
How we test
We run a full check suite on every release.
Each surface gets its own sweep script and report.
Human reviewers spot-check the output each week.
We track recall and precision on a labelled set.
Bad runs block the deploy.
What we never do
- We never sell your information to third parties.
- We never train models on what you upload.
- We never keep your work after you delete it.
- We never share keys with any outside firm.
- We never run ads inside the product.
Plans in plain words
We sell credits, not seats.
One credit covers one short job.
Long jobs use a few credits each.
You can top up at any time.
Unused credits roll over each month.
Read the plans page for current rates.
Who built this
A small team of engineers and lawyers built this.
We ship from Europe and work in the open.
Our founder note spells out why we started.
Where to start
- Open the web app and try a sample file.
- Learn how credits get counted.
- See current plans and limits.
- Meet the team behind the product.
How the parts fit
A browser add-on cleans text inside Chrome.
A Word plug-in handles drafts in Office.
A small desktop tool works on whole folders.
An agent protocol link feeds large models safely.
All four share one core engine and one rule set.
Words from our team
We started this work after a lunch about cookies.
One friend kept getting odd ads on her phone.
We asked why a court file leaked through a draft.
We sketched the first build on a napkin that week.
By month three we had a tiny demo for a friend.
She used it on her first case the next day.
Common questions we hear
Can the tool read scanned PDFs? Yes, with OCR.
Does it work on long files? Yes, in small chunks.
Can I roll my own rule set? Yes, save it as a preset.
Does it run offline? The desktop build runs offline.
Do you keep my files? No, the cloud build wipes after each run.
Will it learn from my work? No, we never train on inputs.
A short tour of the workflow
Upload a file or paste a snippet of prose.
Pick the entities you want gone from the draft.
Choose a method: replace, mask, hash, encrypt, or redact.
Press run and watch the side panel show each hit.
Skim the result and tweak any rule that misfired.
Save the cleaned file or send it to a teammate.