Pre-Send PII Audit
Check any CSV or Excel file for personal data before you send it. See every email, phone, SSN, address, and API key it contains. Your file never leaves your browser.
Drop your CSV file here, or click to browse
CSV and Excel files supported. Your data never leaves your browser.
Who uses PII Audit?
Real teams solving real problems — see if your use case is here.
Freelance Consultant
Consulting / AgencyPreparing to email a client deliverable — a 5,000-row dataset pulled from the CRM. Needs to confirm no employee SSNs or emails crept in from a joined table.
Spots 2 columns with email addresses and 1 with SSNs. Downloads redacted copy, sends that instead. Avoids a GDPR breach.
HR Manager
Human ResourcesSending a vendor a headcount file for benefits enrollment. Accidentally included salary and national ID columns that weren't in scope.
PII Audit flags both columns before the email sends. Removes them from the file. No sensitive data shared with the vendor.
Developer
EngineeringAbout to commit a test fixture CSV to a public GitHub repo. Worried a real API key or database password got into the test data.
Tool detects 3 high-entropy secrets in a 'notes' column. Developer replaces them with placeholder values before pushing.
Paralegal
LegalPreparing a document production for opposing counsel. The production CSV contains client records — needs to confirm privileged fields are excluded.
Flags phone numbers and address columns that were inadvertently included. Corrects the export before production.
How to check a file for personal data before sending it
Upload your CSV or Excel file
Drag and drop your file or click to browse. The scan runs entirely in your browser — nothing is sent to any server. Open DevTools → Network tab to verify.
Review the risk summary
See a column-by-column breakdown of every PII type found: emails, phone numbers, SSNs, addresses, API keys, and more. Each flagged column shows the type, count, and masked samples.
Download a redacted copy
Click 'Download redacted copy' to get a version with all flagged cells replaced with bullet characters (••••••••) — safe to share, same structure.
Why check a file for PII before you send it?
Personal data ends up in spreadsheets silently — a CRM export includes email columns you didn't ask for, a joined dataset pulls in SSNs from a related table, or test data was built from real customer records and never scrubbed. By the time the file is in an email or a shared drive, the exposure has already happened.
Under GDPR, CCPA, and HIPAA, sharing a file that contains personal data without a legal basis is a breach — even if you didn't intend to include it. The pre-send audit is the last line of defence before a file leaves your hands. It costs 30 seconds and catches the incidents that would otherwise cost thousands.
The same logic applies to secrets: a CSV fixture committed to a public repo with a live API key in a test column is a security incident, not just a data quality problem. This tool catches both — PII and secrets — in a single scan, entirely in your browser.