Back to Lastik

Frequently Asked Questions

Clear answers about security, local processing, and de-identification workflows.

General & Security

What is Lastik?

Lastik is an open-source data de-identification tool that helps mask Personally Identifiable Information (PII) in text before sharing it with LLMs such as ChatGPT or Gemini, or with other third parties.

Is my data sent to any server for processing?

No document text is sent by Lastik's masking engine. Detection and replacement run in your browser runtime on your device. Operational hosting logs may still exist at infrastructure level (for example, standard request metadata), but your editor text is not uploaded by the app logic.

Is Lastik GDPR compliant?

Lastik is a privacy-first utility that can help reduce exposure of personal data and support GDPR, HIPAA, and CCPA workflows. Compliance depends on your full process and legal requirements; Lastik is a technical tool and does not provide legal advice.

Is it safe to use online editors for sensitive text?

It depends on their processing model and retention policy. Many online tools can send text to remote servers. Lastik is built for local-first processing so masking happens in-browser before data is shared elsewhere.

Core Features

What types of information can Lastik detect?

Lastik uses deterministic rule-based detection for common PII classes, including names, emails, phone numbers, payment data, and dates. It includes regional document patterns for EU, RU, and AM.

Can I manually mask specific words or phrases?

Yes. Highlight text in the editor and use Replace Selection. Lastik creates a local user rule and can apply it to matching occurrences in the same document.

How do I control which entities are masked?

Lastik provides an interactive split-pane workflow with a review sidebar. You can enable or disable masking globally or per detected item before exporting or copying the result.

Workflows & LLM Integration

What is Tag Mode and why is it useful?

Tag Mode replaces sensitive values with placeholders like [PERSON_1] and [EMAIL_1]. This preserves context and structure for AI models while hiding original private values.

How does Reverse Workflow (de-anonymization) work?

After receiving an AI response with tags, you can paste it back into Lastik and load the saved rule set. Lastik then maps placeholders back to the original values locally.

Can I save or share masking rules?

Yes. You can export rules as JSON and import them later to continue work or standardize masking in your team workflows.