A breach notification is the message you send affected people under GDPR Art. 34 when a breach is likely to risk their rights. Before you send it, you strip PII that belongs to other victims. anonym.plus marks that data on your own device.
When this applies
A breach hits many people, and you must tell each one. A shared incident log or victim list names everyone, but each person should see only their own row.
How anonym.plus handles it
- Open the incident log in anonym.plus on your device.
- The tool flags every name, contact, and ID in the list.
- Keep the one person's data for their own notice.
- Mark all other victims' PII for removal.
- Black out or swap each one, then verify the notice.
- Save the per-person message on your machine.
What you need to provide
- The incident log or victim list (CSV, XLSX, PDF, or DOCX).
- An operator: Redact to remove other victims' details.
- Optional per-recipient allow-list for their own data.
PII entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | other victim → [PERSON] |
| Contact | EMAIL_ADDRESS | a.krause@example.com → [EMAIL] |
| Accounts | CREDIT_CARD | exposed card → [CARD] |
| Identifiers | NATIONAL_ID | customer no. → [ID] |
| Contact | PHONE_NUMBER | 0170-555-0188 → [PHONE] |
| Location | LOCATION | billing address → [ADDRESS] |
Compliance achieved
- Supports lawful victim notices under GDPR Art. 34.
- Stops one notice from leaking another victim's PII.
- Offline work avoids a second exposure during the response.
- Reads CSV and spreadsheet logs as well as documents.
Anonymize breach notifications offline — see plans & start free →
Limitations & cautions
Art. 34 sets when and what to tell people, which is a legal judgment. The tool flags PII so each notice stays specific; it does not decide if a breach is notifiable. Confirm the threshold and content with your DPO first.
Frequently asked questions
Why redact a breach notice at all?
A shared list names many victims. Sending it whole would itself disclose their PII. anonym.plus strips other rows so each person sees only their own.
Does it read a victim spreadsheet?
Yes. CSV and XLSX logs are scanned column by column, and a steady map keeps a person's rows together if you need them linked.
Could the tool cause a second breach?
No. It runs offline, so the log never leaves your device. That avoids the upload risk that a cloud service would add during an incident.