Privacy Policy

1. Privacy-by-Design

Lastik is designed so de-identification runs in the browser runtime on your device. The core masking logic does not require sending your document text to external APIs.

2. Data Handling

• All de-identification and rule matching happen locally in your browser session.
• Input text is not uploaded by Lastik's anonymization logic.
• Export files are generated locally and saved directly to your device.

3. Cookies, Tracking, and Logs

• Lastik does not include analytics SDKs, advertising scripts, or third-party tracking pixels in app logic.
• Lastik uses local browser storage only for product UX state (for example, onboarding completion).
• Like most hosted websites, infrastructure providers may process standard operational request metadata (for example, IP address, user-agent, and timestamp) for security and reliability.

4. Open Source Transparency

Lastik is open source. You can inspect implementation details, detection rules, and export logic directly in the public repository to verify how data is handled.

5. Compliance Scope

Lastik can support privacy workflows under regulations such as GDPR, HIPAA, and CCPA by helping remove personal data before sharing text with third parties. Regulatory compliance depends on your full legal and organizational process; this page does not provide legal advice.

6. Contact and Source

Repository: github.com/chassaji/lastik