Data-room anonymization is the removal of personal data from files shared with bidders. Once the output is truly anonymous (GDPR Recital 26), it falls outside GDPR. anonym.plus does this on your own device, so confidential deal data stays inside the firm.
When this applies
You open a virtual deal space for a sale and let bidders review the target. Each file must lose names and IDs before a rival or adviser reads it.
How anonym.plus handles it
- Open the file (PDF, DOCX, or scan) in anonym.plus on your device.
- Local OCR reads scanned exhibits, so printed text is caught too.
- The tool flags names, emails, IDs, and account numbers.
- Check each flag and keep the deal terms that bidders need.
- Swap each value for a steady label, or black it out.
- Save the clean copy. The source never leaves your machine.
What you need to provide
- The file (PDF, DOCX, TXT, or image scan).
- An operator: Replace (swap), Redact (remove), or Mask (partial).
- Optional: turn the reversible map off for true anonymity.
PII entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | Maria Schneider → [PERSON_1] |
| Contact | EMAIL_ADDRESS | m.s@target.com → [EMAIL] |
| Identifiers | US_SSN / NATIONAL_ID | 078-05-1120 → [ID] |
| Finance | IBAN_CODE | DE89 3704 0044 → [ACCOUNT] |
| Location | LOCATION | 12 Hauptstrasse → [ADDRESS] |
| Dates | DATE_TIME | born 03/11/1980 → [DATE] |
Compliance achieved
- True anonymity puts the output beyond GDPR by GDPR Recital 26.
- Local work keeps deal data inside the firm — no cloud, zero-knowledge.
- Working files are guarded with AES-256-GCM at rest.
- Covers 340+ PII types across 48 languages for cross-border targets.
Anonymize data-room files offline — see plans & start free →
Limitations & cautions
True anonymity is a high bar. A rare mix of facts — a niche role plus a small site — can still re-identify after IDs go. Review the residual risk, and keep no re-link map before you treat the result as anonymous.
Frequently asked questions
When does a data-room file fall outside GDPR?
When no one can reasonably re-identify the person. That means no kept key and low residual risk from the rest of the text. Only then does Recital 26 take it out of scope.
Does this keep deal data inside the firm?
Yes. anonym.plus runs on your own device with no cloud step. No outside party touches the source, so privilege and confidentiality stay intact.
Can it read scanned exhibits?
Yes. Local OCR pulls text from scanned pages, so IDs in image files are caught.