Privacy & data storage
Piixie’s design assumption is that your documents are too sensitive to upload. This page spells out what that means in practice.
What stays local
Section titled “What stays local”In the default configuration (local model), everything:
- The original document is read from where it is; Piixie doesn’t copy it elsewhere
- Inference happens in a
llama-serverprocess on your machine, listening on localhost - The anonymized copy is written to the folder you chose
- The run history and replacement tables go into a local SQLite database
There is no account, no telemetry, and no cloud component in this path. After the one-time model download, anonymization works offline.
What Piixie stores on disk
Section titled “What Piixie stores on disk”The app data directory is ~/Library/Application Support/Piixie/ on macOS, %APPDATA%\Piixie\ on Windows, and ~/.config/Piixie/ on Linux. Inside it:
| Data | Location |
|---|---|
| History, replacements, profiles, settings, endpoints | piixie.db |
| Downloaded models | models/ |
| Default output folder | outputs/ |
Logs (only when launched with PIIXIE_DEV=1) | logs/ |
Worth knowing: the replacements table stores the original values of every detected entity alongside their replacements. That is what makes the history’s replacement view and search possible, and it means the local database itself is sensitive. It never leaves your machine, but treat it like the documents it describes: full-disk encryption is a good idea, and clearing history entries (with the “also delete files” option) removes their replacement rows.
API keys for remote endpoints are stored in the same local database and sent only to the endpoint they belong to.
What crosses the network, by configuration
Section titled “What crosses the network, by configuration”Local model (default). Nothing, after the model download. The download itself fetches GGUF files from Hugging Face over HTTPS.
Piixie server on your LAN. Document text and rendered images travel to the server during inference and are held in memory there for the duration of the run. Output, history, and replacements stay on the workstation. See local server.
Commercial remote endpoint (Anthropic, OpenAI). Document text (and images, for vision models) is sent to that provider, subject to the provider’s data-handling terms. This is the configuration to clear with your compliance owner before using it on regulated data. Piixie sends documents only during an anonymization run you started, only to the endpoint whose model you selected. The first time you pick a cloud model, Piixie shows a confirmation dialog stating that document contents will leave your machine; you can suppress it per endpoint with “don’t ask again”.
The intended boundary
Section titled “The intended boundary”The common pattern: anonymize locally, then send the safe copy to whatever external LLM you like. Detection and transformation happen on the raw document before anything crosses the trust boundary; downstream tools only ever see the anonymized output.