Frequently Asked Questions
Last Updated: 2026-02-09
Table of Contents#
General#
What is cloak.business?#
cloak.business is a PII (personally identifiable information) detection and anonymization platform. It scans text and images for personal data -- names, addresses, ID numbers, credit cards, phone numbers, and more -- and lets you anonymize that data using methods like replacement, redaction, hashing, encryption, or masking.
How does it work?#
You submit text or upload an image. The system analyzes the content using 317 pattern-based recognizers (covering 390+ entity types across 75+ countries) and NLP models that detect names, locations, and organizations. Detected entities are highlighted with confidence scores. You then choose how to anonymize each entity type, and the system produces the anonymized output.
Is it free?#
Yes. Every account includes a free tier with 200 tokens per billing cycle (approximately 15-18 pages of text). No credit card is required to sign up. Paid plans are available for higher usage.
What languages are supported?#
cloak.business supports 48 languages for the user interface and detection. Pattern-based recognizers (phone numbers, IDs, credit cards, etc.) work regardless of language. NLP models for name and location detection are available for 25+ languages. Image OCR supports 37 languages.
Detection#
What types of PII can be detected?#
Over 290 entity types across these categories:
- Personal identifiers -- names, dates of birth, ages, genders
- Government IDs -- national IDs, passports, driver licenses, tax IDs, social security numbers (75+ countries)
- Financial -- credit cards, IBANs, SWIFT codes, bank account numbers, securities identifiers
- Location -- addresses, postal codes, GPS coordinates, IP addresses
- Digital -- email addresses, phone numbers, URLs, MAC addresses, license plates
- Technical secrets -- API keys, access tokens, SSH keys, database connection strings (30+ platforms)
- Healthcare -- medical record numbers, diagnosis codes, prescription numbers
- Organization -- company names, legal entity identifiers
How many countries are covered?#
75+ countries with country-specific patterns. 131 country presets are available for quick configuration.
How accurate is detection?#
Accuracy depends on the entity type and available context:
- Structured data (credit cards, IBANs, tax IDs) with checksum validation: very high accuracy (95%+).
- Format-based data (phone numbers, postal codes) with context words: high accuracy.
- NLP-detected data (names, locations): accuracy varies by language and context. English detection is the most mature.
Each detection includes a confidence score from 0.0 to 1.0 so you can evaluate reliability.
Can it detect PII in images?#
Yes. The Image tab uses OCR (Optical Character Recognition) to extract text from images, then applies the same detection engine. Supported formats are PNG, JPEG, BMP, and TIFF. See the Image Anonymization Guide for details.
What are the image size limits?#
| Limit | Value |
|---|---|
| Maximum file size | 10 MB (plan-dependent, may be lower) |
| Maximum resolution | 150 megapixels (covers A0 at 300 DPI) |
| OCR downscale threshold | 4096 px on the longest side |
Images larger than 4096 pixels on any side are automatically downscaled before OCR processing for optimal speed and memory usage. Bounding box coordinates are mapped back to the original dimensions, so redaction overlays remain accurate. Images exceeding 150 megapixels are rejected with HTTP 413.
Anonymization#
What anonymization methods are available?#
Five methods:
| Method | Description | Reversible |
|---|---|---|
| Replace | Substitutes with realistic fake data | No |
| Redact | Removes entirely, shows entity type label | No |
| Hash | SHA-256 hash (consistent, one-way) | No |
| Encrypt | AES-256-GCM encryption with your key | Yes |
| Mask | Partially obscures (e.g., j***@e****.com) | No |
Can I undo anonymization?#
Only if you used the Encrypt method. Encrypted text can be decrypted using the same encryption key via the Deanonymize tab. Replace, Redact, Hash, and Mask are irreversible by design. See the Deanonymizer Guide.
Can I use different methods for different entity types?#
Yes. You can configure a different anonymization method for each entity type. For example, encrypt names but redact credit card numbers.
Privacy & Security#
Is my text stored?#
Text submitted for analysis is processed in real time and is not permanently stored. Anonymization results are returned to you immediately.
Who can see my data?#
Only you. Your analysis sessions are private to your account. No cloak.business staff can access your submitted text or results.
Where is data processed?#
All processing happens on cloak.business servers located in Germany. Data does not leave the European Union.
Is data sent to third parties?#
No. All detection models (pattern recognizers and NLP models) run entirely on cloak.business's own servers. No text is sent to external AI providers, cloud services, or third parties.
Is the connection encrypted?#
Yes. All communication between your browser (or desktop app) and cloak.business uses TLS encryption.
Tokens & Billing#
How do tokens work?#
Tokens measure the amount of text you can process. 1 token is approximately equal to 1 character. When you analyze text, the character count is deducted from your balance. Anonymization of already-analyzed text does not cost additional tokens.
What is included in the free tier?#
200 tokens per billing cycle. This covers approximately 15-18 pages of text. All features are available: text analysis, image anonymization, all methods, all presets.
When do tokens reset?#
Tokens reset at the start of each billing cycle. Unused tokens do not roll over.
What happens when I run out of tokens?#
You will not be able to run new analyses until your tokens reset or you upgrade your plan. Already-analyzed text can still be anonymized and downloaded.
See the Token System guide for full details.
Technical#
What NLP models are used?#
cloak.business uses multiple NLP engines:
- spaCy -- statistical NER models for 25 languages
- Stanza NER -- neural NER models for 7 languages
- XLM-RoBERTa -- transformer-based multilingual NER for 16 languages
These models detect names, locations, and organizations that do not follow fixed patterns.
Are models running on your servers?#
Yes. All NLP models and pattern recognizers run on cloak.business's own infrastructure. No external APIs or third-party AI services are used for detection.
Does any data go to third parties?#
No. All processing is self-hosted on cloak.business servers in Germany. Your text is never sent to OpenAI, Google, AWS, or any other third-party service.
What encryption standard is used?#
The Encrypt anonymization method uses AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode). This is a widely trusted authenticated encryption standard.
Platforms#
What platforms are available?#
| Platform | Description |
|---|---|
| Web app | Full-featured browser application at cloak.business |
| Desktop app | Native application for local document processing (Windows; macOS and Linux coming soon) |
| Office Add-in | Anonymize directly in Microsoft Word, Excel, and PowerPoint |
| MCP Server | Integration for AI tools like Claude Desktop and Cursor |
| API | Programmatic access for developers and automated pipelines |
Do all platforms use the same account?#
Yes. Your cloak.business account, token balance, and preferences are shared across all platforms.
Account#
How do I sign up?#
Go to cloak.business and click Sign Up. Enter your email address, create a password, and verify your email.
Is two-factor authentication (2FA) available?#
Yes. You can enable 2FA in your account settings for additional security.
How do I delete my account?#
Go to Account Settings and select Delete Account. This permanently removes your account, all data, and all analysis history. This action cannot be undone.
I forgot my password. How do I reset it?#
Click Forgot Password on the sign-in page. Enter your email address, and a password reset link will be sent to you.