Free Website PII Scanner
piisafe.eu — Scan Any Website for Exposed PII in 60 Seconds
The zero-knowledge entry point to the anonymize.solutions ecosystem. No registration, no data storage, results only in your browser.
What piisafe.eu Detects
317 custom regex recognizers with Luhn checksum validation for credit cards and MOD 97 verification for IBANs — no pattern guessing, only mathematically verified detection.
Personal Identity
Full names, dates of birth, national identity numbers, passport numbers, driver’s license numbers across 70+ country formats.
Contact Details
Email addresses, phone numbers in international formats, postal addresses, GPS coordinates, and location data.
Financial Data
IBAN numbers (MOD 97 validated), credit and debit card numbers (Luhn validated), BIC/SWIFT codes, tax identification numbers.
Healthcare Data
Medical record numbers, health plan beneficiary numbers, diagnosis codes (ICD-10), drug names in clinical context.
Authentication Secrets
Passwords in plain text, API keys, OAuth tokens, private keys, connection strings, and credentials accidentally published in public pages.
Regional Formats
German Steuer-ID, French INSEE, UK National Insurance, Dutch BSN, Spanish DNI/NIE, Italian Codice Fiscale, and 65+ more country-specific identifiers.
Zero-Knowledge Architecture
piisafe.eu processes your scan request on ISO 27001-certified infrastructure in Germany. Results are rendered client-side and never written to any database. Even our team cannot access your scan results.
Results Only in Your Browser
Scan results are computed and displayed entirely within your browser session. No result data ever leaves your device after processing completes.
No Database Writes
We do not write scan content, URLs you submit, or detection results to any persistent storage. Every scan is stateless by design.
Hetzner Germany (ISO 27001)
All infrastructure runs on Hetzner data centres in Germany, certified to ISO 27001:2022. 100% EU data residency — your data never leaves Europe.
Use Cases
From pre-launch audits to ongoing compliance monitoring, piisafe.eu serves as the first line of defence against accidental PII exposure on public-facing web properties.
Pre-Launch Privacy Audit
Scan your staging environment before go-live. Catch accidentally exposed test data, developer comments with real email addresses, or sample records left in production templates.
GDPR Compliance Verification
Verify that third-party vendor websites, supplier portals, and partner sites are not exposing personal data that your organisation may be jointly responsible for under GDPR Article 26.
Breach Response Assessment
When a potential data exposure is reported, quickly assess the scope of PII exposed on affected pages. Export JSON results for incident documentation and DPA notification filings.
EU AI Act Documentation Audit
Audit publicly accessible AI documentation, README files, and model cards for exposed PII before the August 2, 2026 EU AI Act enforcement deadline.
Ongoing Monitoring
Schedule monthly scans of your most visited pages. Use the CI/CD API endpoint to automatically check for PII regression after every deployment.
DPIA Support
Evidence collection for Data Protection Impact Assessments. Export scan results as structured JSON for use as annexes in DPIA documentation submitted to your Data Protection Officer.
Compare Plans
piisafe.eu is the free entry point. When your scanning needs grow beyond the free tier, anonym.legal and anonymize.solutions scale with you.
| Feature | piisafe.eu (Free) | anonym.legal (€3/mo) | anonymize.solutions (Enterprise) |
|---|---|---|---|
| Scans | 10 per hour | Unlimited | Unlimited + API |
| Pages per scan | Up to 10 | Up to 100 | Unlimited |
| Export formats | HTML, JSON, CSV | All formats | All formats + custom |
| Compliance presets | GDPR, HIPAA, PCI-DSS | 20+ frameworks | Custom |
| Support | Community | Dedicated | |
| Data residency | EU only (Germany) | EU only (Germany) | EU only (Germany) |
piisafe.eu FAQ
Everything you need to know about the free website PII scanner.
Yes, completely free. 10 scans per hour, up to 10 pages per scan, no registration, no credit card required. The free tier has no time limit and no trial period — it is permanently free.
Enter any URL. Our scanner crawls the specified pages, runs 317 regex pattern recognizers plus NLP entity detection across 48 languages, and returns results in approximately 60 seconds. The detection engine combines pattern matching (regex with checksum validation) and NLP entity recognition for maximum coverage.
No. Zero-Knowledge architecture means results exist only in your browser session. No database writes, no admin access, no logs of scan content. When you close the tab, the results are gone. This is by design — we cannot access what we never store.
320+ entity types across 70+ countries: names, emails, phone numbers, national IDs, IBANs, credit cards, SSNs, IP addresses, medical record numbers, and country-specific formats including German Steuer-ID, French INSEE, UK National Insurance, Dutch BSN, Spanish DNI/NIE, and 65+ more regional identifiers.
98% detection accuracy with less than 2% false positive rate. Credit cards are validated via the Luhn algorithm, IBANs via MOD 97 checksum. This means every financial identifier result is mathematically verified, not pattern-guessed. See our Detection Accuracy page for detailed benchmarks.
Yes. piisafe.eu includes GDPR Article 5, 25, and 32 compliance presets. Results can be exported as HTML, JSON, or CSV for DPIA documentation and supervisory authority submissions. The GDPR preset covers all personal data categories defined under Article 4(1) of the GDPR.
Yes. piisafe.eu includes an EU AI Act Article 10 preset specifically for scanning AI documentation, model cards, and training data repositories for exposed PII. The enforcement deadline is August 2, 2026 with penalties up to €35M or 7% of global annual turnover. See the EU AI Act Guide for details.
No. piisafe.eu scans publicly accessible web pages only. For authenticated content — internal portals, CMS admin areas, authenticated API responses — use the anonymize.solutions REST API with your credentials passed as headers. See the Integrations page for REST API documentation.
piisafe.eu is the free website scanner — it scans existing web pages for PII that has already been published. anonymize.solutions is the full platform for anonymizing new content before it is published or sent anywhere: via REST API, Office Add-in, MCP Server for AI assistants, Chrome Extension, and Desktop App.
Up to 10 pages per scan on the free tier, crawling links from the submitted URL. anonym.legal (from €3/month) allows up to 100 pages per scan. Enterprise plans via anonymize.solutions have no page limit and support sitemap-driven bulk scanning.
Yes. piisafe.eu provides a curl-based API endpoint for automated pre-deployment PII checks in GitHub Actions, GitLab CI, and Jenkins. The endpoint returns machine-readable JSON with a pass/fail status code, making it easy to block deployments that expose PII.
48 languages: 25 via spaCy NLP models, 7 via Stanza, 16 via XLM-RoBERTa multilingual transformers. Full right-to-left support for Arabic, Hebrew, Persian, and Urdu. See the complete language list on the Languages page.
Privacy officers and DPOs doing compliance checks on internal or vendor sites; developers auditing pre-launch staging environments; security teams assessing third-party exposure; journalists and researchers investigating data breach stories; and anyone who suspects a website may be leaking personal data.
Yes. piisafe.eu is operated by Zenya Renewables B.V. (Amsterdam, Netherlands) under GDPR with Zero-Knowledge architecture. No personal data from scans is retained. Infrastructure: Hetzner Germany (ISO 27001:2022 certified). Our full privacy policy is available at anonymize.solutions/privacy.
Go to piisafe.eu, enter a URL, select a compliance preset (optional), and click Scan. No registration, no credit card, results in approximately 60 seconds. The scanner works on any publicly accessible website.
What piisafe.eu Cannot Do
piisafe.eu is designed for public-facing website audits. Here are the genuine limitations you should know before relying on it.
Does Not Scan Authenticated Pages
piisafe.eu crawls publicly accessible URLs only. Pages behind login walls, customer portals, or internal applications cannot be reached by the scanner. For authenticated content, the API or Desktop App are the appropriate tools.
Not a Substitute for a Full DPA
A clean scan result doesn't mean full GDPR compliance. The scanner detects exposed PII patterns, but it cannot assess consent mechanisms, cookie policies, data retention schedules, or processor agreements. Bear in mind it is a technical detection tool, not a legal audit.
JavaScript-Rendered Content
Some PII is injected dynamically via JavaScript after page load. The scanner has a limitation with deeply client-rendered SPAs that require user interaction to expose data. Server-side rendered or static content is scanned reliably.
Ready for More Than a Scanner?
piisafe.eu scans what’s already public. The anonymize.solutions platform protects everything you create — via REST API, Office Add-in, MCP Server, Chrome Extension, and Desktop App. The same Zero-Knowledge architecture, built for real-time content.