Skip to main content
Free tool — no signup

Pre-Send PII Audit

Check any CSV or Excel file for personal data before you send it. See every email, phone, SSN, address, and API key it contains. Your file never leaves your browser.

Drop your CSV file here, or click to browse

CSV and Excel files supported. Your data never leaves your browser.

Who uses PII Audit?

Real teams solving real problems — see if your use case is here.

💼

Freelance Consultant

Consulting / Agency

Preparing to email a client deliverable — a 5,000-row dataset pulled from the CRM. Needs to confirm no employee SSNs or emails crept in from a joined table.

Spots 2 columns with email addresses and 1 with SSNs. Downloads redacted copy, sends that instead. Avoids a GDPR breach.

👥

HR Manager

Human Resources

Sending a vendor a headcount file for benefits enrollment. Accidentally included salary and national ID columns that weren't in scope.

PII Audit flags both columns before the email sends. Removes them from the file. No sensitive data shared with the vendor.

💻

Developer

Engineering

About to commit a test fixture CSV to a public GitHub repo. Worried a real API key or database password got into the test data.

Tool detects 3 high-entropy secrets in a 'notes' column. Developer replaces them with placeholder values before pushing.

⚖️

Paralegal

Legal

Preparing a document production for opposing counsel. The production CSV contains client records — needs to confirm privileged fields are excluded.

Flags phone numbers and address columns that were inadvertently included. Corrects the export before production.

How to check a file for personal data before sending it

1

Upload your CSV or Excel file

Drag and drop your file or click to browse. The scan runs entirely in your browser — nothing is sent to any server. Open DevTools → Network tab to verify.

2

Review the risk summary

See a column-by-column breakdown of every PII type found: emails, phone numbers, SSNs, addresses, API keys, and more. Each flagged column shows the type, count, and masked samples.

3

Download a redacted copy

Click 'Download redacted copy' to get a version with all flagged cells replaced with bullet characters (••••••••) — safe to share, same structure.

Why check a file for PII before you send it?

Personal data ends up in spreadsheets silently — a CRM export includes email columns you didn't ask for, a joined dataset pulls in SSNs from a related table, or test data was built from real customer records and never scrubbed. By the time the file is in an email or a shared drive, the exposure has already happened.

Under GDPR, CCPA, and HIPAA, sharing a file that contains personal data without a legal basis is a breach — even if you didn't intend to include it. The pre-send audit is the last line of defence before a file leaves your hands. It costs 30 seconds and catches the incidents that would otherwise cost thousands.

The same logic applies to secrets: a CSV fixture committed to a public repo with a live API key in a test column is a security incident, not just a data quality problem. This tool catches both — PII and secrets — in a single scan, entirely in your browser.

Frequently asked questions

No. The entire scan runs in your browser using JavaScript. Your file never leaves your device. Open DevTools → Network tab to verify: you'll see zero file-data requests.

Related free tools