VOIDWALL
Try the live demo Become early adopter
Live demo available — early access

Stop privacy debt at the edge.

The cheapest sensitive data to delete is data never stored.

Voidwall stops sensitive data at the edge of every request — inbound and outbound — before it spreads across internal infrastructure, external services, logs, AI systems, and storage layers.

Try the live demo Become early adopter
Voidwall
JSON
URL
CSV
TSV
Plain text
Web Analytics
CDPs
Other third parties
Databases
Storage
88
PII types
supported out of the box
3
Languages
English, French, German
11
Countries
USA, UK, France, Germany...
2
Specializations
Google Analytics, Matomo
5
Formats
JSON, URL, CSV, TSV, plain text

What Voidwall does

Run it two ways: inline as an HTTP proxy that filters live traffic, or as a REST API you call to scan and redact on demand. The tag on each card shows where it applies.

Scan

Proxy + API

Parse and scan every outgoing payload across JSON, CSV, TSV, and plain text.

Redact

Proxy + API

Replace detected PII with placeholders like [EMAIL], [US_SSN], [FR_NIR]...

Mask

Proxy + API

...or mask with configurable characters.

Block

Proxy only

Block the entire request if contains sensitive data.

Alert

Proxy only

Warn when sensitive data leak is detected.

Detection coverage

88 PII types.
And growing.

Voidwall is able to detect PII using pattern recognition, contextual analysis and validation, so it warns about real values, not just looks-like ones. Here are examples of what can be detected.

Custom types can be added via configuration file.

Languages
ENEnglish
FRFrançais
DEDeutsch
more soon
Countries — and growing
InternationalUnited StatesGreat BritainFranceGermanyIrelandCanadaAustraliaNew ZealandSouth AfricaAustriaSwitzerland more soon

Identity & Contact

Person nameEmailPhone numberDate of birthGeolocationPostal addressPostcode / ZIP

National IDs

US — SSNUS — ITINGB — NI no.IE — PPSNCA — SINFR — NIRFR — CNIDE — Steuer-IDDE — PersonalausweisAT — SVNRCH — AHV

Travel & Driving

PassportDriver's licenceUS — Alien no.US — USCIS receiptVIN

Health & Tax

GB — NHS numberAU — MedicareNZ — NHICA — OHIPUS — EINGB — UTRAU — TFNAU — ABNFR — SIRET / SIRENFR — NIF

Financial & Crypto

IBANCredit cardSWIFT / BICUS — ABA routingGB — Sort codeAU / CA — Bank accountBitcoinEthereum

Tech & Secrets

IPv4 / IPv6MAC addressIMEIAWS access keyAWS secret keyGitHub token

Analytics, sanitized

Scan GA4 and Matomo
traffic in real time.

Front-end tracking is the leakiest path out of a product — marketing teams add events, users paste their PII to search bars, and personal data slips into Google or Matomo unnoticed. Even 20% of websites have this problem. Voidwall may be a proxy between your product and web analytics, preventing your users' personal data from leaking out.

Google Analytics 4
POST /g/collect
Received
v2tidG-X8Q1ZRP7M2cid1822941715.1719583924dlhttps://shop.acme.io/u/alex.miller@acme.iodtOrder #4711 — alex.miller@acme.ioenloginep.contact_phone+33 6 12 34 56 78uidalex.miller@acme.io_uip203.0.113.42
Forwarded
v2tidG-X8Q1ZRP7M2cid1822941715.1719583924dlhttps://shop.acme.io/u/[EMAIL]dtOrder #4711 — [EMAIL]enloginep.contact_phone[FR_PHONE_NUMBER]uidalex.miller@acme.ioby design_uip203.0.113.42by design
Matomo
POST /matomo.php
Received
idsite17rec1urlhttps://shop.acme.de/?email=klaus.weber@example.deaction_nameLogin · Acmedimension2klaus.weber@example.de_cvar{"1":["email","klaus.weber@example.de"]}_id8b3f1a92ee44c1d2uidklaus.weber@example.decip94.245.66.10
Forwarded
idsite17rec1urlhttps://shop.acme.de/?email=[EMAIL]action_nameLogin · Acmedimension2[EMAIL]_cvar{"1":["email","[EMAIL]"]}_id8b3f1a92ee44c1d2uidklaus.weber@example.deby designcip94.245.66.10by design

Specializations know what to scan — catching sensitive data even inside doubly-encoded payloads. They also know what not to scan, so the integration keeps working as intended.

Format-aware

Works well even with nested data.

Voidwall parses the request before it scans it. Whether the payload is a nested JSON, a flat CSV, a tab-separated data, a URL packed with query parameters, or free-form text, the same matchers apply.

Inbound
{
  "order_id": "A-2186",
  "customer": {
    "full_name": { "value": "Sarah Dupont" },
    "phone_number": { "primary": "+33 6 12 34 56 78" },
    "national_id": { "nir": "1 85 05 78 006 084 91" }
  },
  "billing": {
    "iban": { "formatted": "FR76 3000 6000 0112 3456 7890 189" }
  }
}
Outbound
{
  "order_id": "A-2186",
  "customer": {
    "full_name": { "value": "[PERSON_NAME]" },
    "phone_number": { "primary": "[PHONE_NUMBER]" },
    "national_id": { "nir": "[FR_NIR]" }
  },
  "billing": {
    "iban": { "formatted": "[IBAN]" }
  }
}

Performance

Built for the
edge of your stack.

Voidwall scales horizontally, runs in your cluster, and adds a budget you can measure in single-digit milliseconds. It's designed to be a lightweight, self-hosted service that doesn't break the bank as you grow.

Latency (p99)
9.2ms

added per request, payload size 10 KiB

p50
p75
p95
p99
Request rate
32kreq/s

single container, 6 logical cores, 10 KiB payload

1c
2c
4c
6c
Memory usage max
214MiB

single container, 6 logical cores, 10 KiB payload

Horizontal scaling

Stateless by design. No shared database, no coordination between containers, no dependencies to provision first.

Ships as a single container

Pull the image and go. Runs entirely in your environment. No payloads leave your infrastructure.

Proxy or API — your call

Drop it inline as a reverse or forward proxy, or call the HTTP API to scan and redact on demand. Same engine, three ways to plug in.