Appearance
Introduction
Questa Anonymizer detects and redacts PII (personally identifiable information) and named entities from text and documents. It combines two transformer-based ML models — a PII detector and an NER recognizer — to identify 15+ entity types.
Why Anonymization Matters
Organisations handling customer records, employee data, legal documents, or medical reports need to redact sensitive information before storage, logging, analysis, or sharing with third parties. Failing to do so creates compliance risk under GDPR, HIPAA, CCPA, LGPD, and other data protection regulations.
Questa Anonymizer provides a single API endpoint that integrates into any application stack. You send text or a file; the service returns anonymised content with a placeholder mapping that can be reversed when needed.
Core Capabilities
- Text anonymization — synchronous request/response. Send plain text, receive anonymised text and a de-anonymisation map.
- File anonymization — asynchronous job-based processing for PDF, DOCX, CSV, and Excel files. Upload a file, poll for completion, download the redacted result.
- Entity filtering — choose which entity types to detect (names, emails, phone numbers, credit cards, etc.) or use all available detectors.
- Custom entities — define your own keywords and placeholders for business-specific terms, project codenames, or internal jargon.
- De-anonymisation map — every response includes a mapping of original values to placeholders, enabling reversible redaction.
- License validation — self-hosted deployments use RSA-based license verification.
Entity Detection
| Model | Source | Entities |
|---|---|---|
| PII detector | iiiorg/piiranha-v1-detect-personal-information | PHONE_NUMBER, EMAIL, CREDIT_CARD, SSN, DATEOFBIRTH |
| NER recognizer | elastic/distilbert-base-uncased-finetuned-conll03-english | PERSON, ORG, LOCATION, GPE, DATE |
Additional regex-based detectors cover IBAN, VAT numbers, usernames, ZIP codes, license keys, and API keys.
Deployment Options
Questa Anonymizer is offered in two ways. The hosted demo is for evaluation only; production runs on a self-hosted instance.
Hosted vs Self-Hosted
| Hosted demo | Self-hosted | |
|---|---|---|
| Intended use | Testing, evaluation, proof-of-concept | Production |
| Endpoint | https://demo.questa-ai.online | Your own infrastructure |
| Auth | Evaluation API token (Authorization: Bearer) | Commercial license key |
| Intended scale | Evaluation / PoC — 1,000 requests total, 30/min (enforced) | Unlimited (subject to your hardware) |
| Data | Processed in memory, not stored | Never leaves your network |
| How to get it | Email techsupport@questa.solutions for an evaluation token | Email techsupport@questa.solutions for a commercial license |
Hosted demo (https://demo.questa-ai.online): request an evaluation API token by emailing techsupport@questa.solutions.
The hosted demo is intended for evaluation and proof-of-concept only — each token is capped at 1,000 requests and 30 requests/minute. It is not for production. For production use within your organisation, a self-hosted license is required — there are no paid hosted tiers.
Self-hosted: Deploy on your own infrastructure behind a firewall. Requires a commercial license. See the Self-Hosting guide.
Next: Quick Start