Privacy gateway · for any LLM

Sensitive data
never reaches
your model.

One gateway between your app and any LLM. Detect, sanitize, rehydrate in a single call. Typically around 150 ms.

High
recall on emails, SSNs & cards
~150ms
typical sanitize latency
17
entity types + custom patterns
app.py — gateway
1from ambientmeta import sanitize, rehydrate
2
3# strip PII before the model sees it
4safe = sanitize(prompt)
5# → "Email [EMAIL_1] for an audit."
6
7reply = openai.complete(safe.text)
8
9# put real values back in the response
10final = rehydrate(reply, safe.session)
14 entities · sanitized · audited
All systems normal SOC 2-ready · built for HIPAA & GDPR Session-based PII mapping — never stored permanently HTTPS / TLS encryption in transit
How it works

Three calls. Zero PII to the model.

One gateway between your app and any LLM. Detect, sanitize, rehydrate — typically around 150ms, your pipeline never waits.

① Your app → AmbientMeta

"Book a follow-up with Maria Alvarez at maria@northstar.io, card ending 4242."

② AmbientMeta → your LLM

"Book a follow-up with [PERSON_1] at [EMAIL_1], card ending [CARD_1]."

③ Rehydrated → your user

"Booked with Maria Alvarez. I've emailed maria@northstar.io a new card request."

3 entities · PERSON, EMAIL, CARD session ses_8af31c · model saw zero PII
  1. Step 01

    Sanitize

    Send us text. We detect and replace sensitive data with safe placeholders. Typically around 150ms. Your pipeline doesn't wait.

  2. Step 02

    Call any LLM

    Send the safe text to Claude, GPT-4, Gemini — whatever you want. The model sees placeholders only — never real data.

  3. Step 03

    Rehydrate

    Send us the LLM response. We restore original values. End users see real names. The LLM never did.

One engine, two paths

Sanitize to reverse. Redact to remove.

Same detection pipeline. Two outputs — pick per request.

mode:"sanitize" reversible

Sanitize — reversible

Replace sensitive data with safe placeholders. Send to any LLM. Restore the originals after. The LLM never sees real data.

Session-based PII mapping · never stored permanently

mode:"redact" permanent

Redact — permanent

Sensitive data is permanently removed. No session. No recovery. Ship to auditors, store in logs, hand to third parties.

Nothing to leak · nothing to restore

Detection coverage

17 entity types, plus your own patterns.

Names, contact info, financial, healthcare, location, network identifiers — plus your own custom patterns.

  • PERSON John Smith, Dr. Jane Doe
  • EMAIL user@company.com
  • PHONE +1 (555) 010-2034
  • SSN 123-45-6789
  • CREDIT_CARD 4242 4242 4242 4242
  • LOCATION New York, NY
  • MRN MRN-12345678
  • DEA AB1234567
  • IP_ADDRESS 192.168.1.42
  • DATE_OF_BIRTH 03/04/79
Custom patterns

Define your own patterns via the API.

Employee IDs, project codes, internal reference numbers — anything your organization needs.

Read the docs
Drop-in

Works with the stack you already run.

One import, one call. Native SDKs and a drop-in proxy for OpenAI, Anthropic, and Gemini.

pip install ambientmeta pip install langchain-ambientmeta pip install llamaindex-ambientmeta
  • Python SDK
  • LangChain + LlamaIndex + CrewAI
  • LLM Proxy + multi-turn (drop-in for OpenAI / Anthropic / Gemini)
  • MCP server
proxy.py
from ambientmeta import Gateway
gw = Gateway(api_key=os.environ['AM_KEY'])
reply = gw.proxy(model="claude", messages=msgs)
# PII handled automatically — [PERSON_1], [EMAIL_1]
Security & compliance

Architected for compliance from day one.

Audit every detection event. Keep data on your own infrastructure.

Full audit trail

Audit every detection event by entity type, confidence score, and timestamp.

Ephemeral by default

Session data is ephemeral; PII mapping is never stored permanently.

Self-hosted standard

Deploy AmbientMeta on your own infrastructure. Single Docker image. Your data never leaves your network.

Air-gapped option

Run fully air-gapped. Same API, same SDKs — no data leaves your perimeter.

SOC 2-ready · built for HIPAA & GDPR · HTTPS/TLS in transit
Data sovereignty

Need data sovereignty? Keep every byte inside your perimeter.

Talk to us
Pricing

Simple, predictable pricing.

Start free. Pay as you grow. No credit card required.

Monthly pricing · save ~2 months with annual billing

Free

For trying it out

$0
  • 1,000 API requests / month
  • 10 documents / month
  • 17 entity types · sanitize + redact
  • SDKs + full API docs
  • Community support
Get started — no card

Developer

For solo builders

$29/mo
  • 25,000 API requests / month
  • 100 documents / month
  • Custom patterns
  • LangChain · LlamaIndex · CrewAI
  • Email support
Start free

Scale

For high volume

$299/mo
  • 500,000 API requests / month
  • 2,500 documents / month
  • Everything in Team
  • Metered usage overages
  • Higher rate limits
Start free

Enterprise

For regulated and at-scale teams: custom volumes, self-hosted or air-gapped deployment, and a dedicated support relationship.

  • Self-hosted / air-gapped (single Docker image)
  • Custom request & document volume
  • Dedicated onboarding + SLA
  • DPA + security review
Custom
Contact us

All plans include all 17 entity types, sanitize + redact, and the full detection pipeline.

FAQ

Questions, answered.

Is there a free tier?

Yes. 1,000 requests/month, all entity types, full API access. No credit card required.

Can I run this on my own infrastructure?

Yes. Single Docker image, self-hosted or air-gapped. Same API, same SDKs — no data leaves your network.

What about latency?

Typically around 150ms on the detection path. Fast enough for production LLM workflows without meaningful delay.

What counts as a request?

One call to /v1/sanitize or /v1/rehydrate = one request. Calls to /v1/patterns and /v1/feedback are free and unlimited.

Still have questions? Read the docs or talk to sales.

Start in 30 seconds

Ready to sanitize text before it reaches any AI?

Create your account in 30 seconds. No credit card required. Read the docs first if you'd rather.

Ship with data protection this afternoon.