Book a call →
Guard by ProvenanceCode Private Preview

PII detection and redaction for AI systems in Europe.

Guard scans, detects, and redacts personally identifiable information before it reaches your AI models — or leaves your systems. Available as an MCP server for agentic AI workflows and as a REST API for any stack. Built for the EU: Spain, Ireland, Germany, France, and Italy.

Request private preview → API docs →
MCP Server
REST API + SDKs
GDPR Articles 5, 25 & 32
EU AI Act
Guard MCP · tool call
// Claude agent invoking Guard via MCP
tool: guard_scan
input: "Hans Müller, Steuer-ID 12 345 678 901, hans@example.de"
locale: de-DE
mode: redact
Guard: scanning · jurisdiction: DE · GDPR
detected PERSON_NAME · DE_TAX_ID · EMAIL
"████ ██████, Steuer-ID ██ ███ ███ ███, ████@███████.██"
audit record signed · committed
Two access modes

Native to agentic AI and to any existing stack.

Guard ships as an MCP server — so AI agents call it as a native tool with no custom integration. It also ships as a standard REST API for any backend, pipeline, or SDK workflow.

MCP Server
Model Context Protocol
Private Preview

Guard exposes a set of MCP tools that any MCP-compatible AI client — Claude, Cursor, or your own agent — can call directly. No SDK, no integration code. The agent decides when to scan; Guard runs transparently inside the tool loop.

  • Works with Claude, Cursor, and any MCP client
  • guard_scan · guard_audit · guard_locales tools
  • Automatic jurisdiction detection from input
  • Signed audit record returned with every call
mcp-config.json
"mcpServers": {
"guard": {
"url": "https://mcp.guard.provenancecode.com",
"apiKey": "prvc_guard_••••••••"
}
}
🔌
REST API
JSON · OpenAPI · SDKs
Private Preview

A stateless HTTPS API. Drop Guard into your LLM pipeline as a pre-processing step and your models never see raw PII. Python and Node.js SDKs available for preview participants.

  • POST /v1/scan · GET /v1/audit
  • Python SDK · pip install provenancecode-guard
  • Node.js SDK · npm install @provenancecode/guard
  • Full OpenAPI spec included
Python · LLM middleware
safe_text = guard.scan(
user_input,
locale="es-ES",
mode="redact"
).redacted
# PII never reaches the model
llm.complete(safe_text)
MCP access

Guard as a tool inside your agent's reasoning loop.

MCP (Model Context Protocol) lets AI models call external tools natively — the same way they call a web search or a code interpreter. Guard exposes three MCP tools. When an agent processes text that might contain personal data, it calls guard_scan automatically. No middleware. No custom integration. Privacy by design, enforced at the agent layer.

guard_scan
Scans a text string for PII, applies redaction in the chosen mode, and returns the safe text plus a structured list of entities detected. Locale is auto-detected or supplied.
text: string locale?: string mode?: "redact" | "tokenise" | "synthesise"
guard_audit
Retrieves the signed audit record for a previous scan by its record ID. Returns detected entity types, redaction mode used, jurisdiction applied, timestamp, and cryptographic signature.
record_id: string
guard_locales
Returns the list of supported EU locales, the entity types detected per jurisdiction, and the applicable GDPR and national regulation for each market.
no parameters
Cursor / Claude config
{
"mcpServers": {
"guard": {
"url": "https://mcp.guard.provenancecode.com",
"apiKey": "prvc_guard_••••••••"
}
}
}
Agent tool loop · output
// Agent reasoning step
tool_use: guard_scan
input: "Rodrigo Silva, PPSN 1234567T..."
tool_result:
redacted: "██████ █████, PPSN ███████T..."
entities: [PERSON_NAME, IE_PPSN]
record_id: "rec_01jx..."
✓ safe text returned to agent
Detection coverage

Every PII type that matters in European law.

Guard's entity recognition is tuned to the identity document formats, national ID schemas, and data patterns that regulators in each EU market actually require you to protect. Generic models miss them. Guard doesn't.

🪪
National identity documents

ES: DNI/NIE · IE: PPSN · DE: Personalausweis · FR: CNI · IT: Codice Fiscale. Format-aware — validates checksum patterns, not just regex.

🏦
Financial identifiers

IBAN (ES/IE/DE/FR/IT prefixes), payment card numbers, bank account references, and VAT numbers across all five jurisdictions.

📍
Location and contact data

Postal addresses, postcode formats, phone number patterns (+34, +353, +49, +33, +39), and IP addresses for each market.

⚕️
Special-category data

Health data, biometric references, religious or political indicators. Flagged under GDPR Article 9 with an elevated risk score.

✉️
Standard digital identifiers

Email addresses, usernames, device IDs, cookies, and OAuth tokens — the identifiers that make users individually reachable.

🔏
Three redaction modes

Block (██████), synthetic substitution (same format, no real PII), or tokenisation for reversible de-anonymisation. Specified per call.

EU coverage

Five markets. One API. Same GDPR standard.

Each EU market has its own identity document formats, phone patterns, and local compliance obligations layered on top of GDPR. Guard handles jurisdiction detection automatically — pass the locale hint if you have it, or let Guard infer it from the text.

🇪🇸
Spain
es-ES
DNI · NIE · CIF
DPA: AEPD
🇮🇪
Ireland
en-IE
PPSN · Passport
DPA: DPC
🇩🇪
Germany
de-DE
Personalausweis · Steuer-ID
DPA: BfDI
🇫🇷
France
fr-FR
CNI · Numéro Fiscal
DPA: CNIL
🇮🇹
Italy
it-IT
Codice Fiscale · CI
DPA: Garante
Regulatory alignment

Built against the regulation, not around it.

⚖️
GDPR Articles 5, 25 & 32

Article 5 (data minimisation) · Article 25 (privacy by design) · Article 32 (security of processing). Guard provides the technical measure that satisfies all three when PII passes through AI systems.

🤖
EU AI Act

High-risk AI systems processing personal data require documented safeguards. Guard produces a signed audit record for every scan — machine-readable evidence for your conformity assessment.

🏛️
DPA audit readiness

AEPD · DPC · BfDI · CNIL · Garante. Each national supervisory authority can request evidence that PII was protected. Guard's audit trail is structured to answer that question directly.

How Guard works

Scan. Detect. Redact. Record.

The same four steps whether you call Guard via MCP or via the REST API. The difference is who initiates the call — your agent, or your application code.

01
Text is sent to Guard
Via MCP tool call (guard_scan) or a REST POST to /v1/scan. Includes the text payload, an optional locale hint, and the redaction mode. Can be a user prompt, document chunk, database field — any text.
02
Guard detects and classifies every PII entity
Jurisdiction-tuned entity recognition runs against the text. Each entity is tagged with type, confidence score, character offset, and GDPR category (standard or Article 9 special category).
03
Redaction applied, safe text returned
Block redaction, synthetic substitution, or tokenisation. The redacted text is returned immediately — safe to pass to your LLM or store downstream without touching a data subject's real PII.
04
A signed audit record is committed
Every scan produces a timestamped, cryptographically signed record: entities detected, redaction mode, jurisdiction applied, and policy verdict. Retrievable by your DPO or legal team at any time via the MCP guard_audit tool or GET /v1/audit.
Who uses Guard

Built for teams processing European personal data with AI.

DPO · Data Protection Officer

You're accountable under GDPR Article 37. Your organisation has deployed AI tools that process personal data. You need a documented, auditable technical control — not a policy statement.

CISO · Head of Security

PII leaking into LLM context windows is a data breach risk. Guard is the technical control that prevents personal data from reaching third-party AI APIs — and proves it with a signed record.

Engineering Lead · AI Team

You're building LLM-powered features for users in Spain, Ireland, Germany, France, or Italy. Guard is the pre-processing layer — via MCP or API — that makes it safe and compliant to ship.

General Counsel · Legal

When a DPA investigation starts, you need evidence. Guard's signed audit records show, for every AI interaction, what PII was detected, what was redacted, and which GDPR provision applied.

Private preview

Request access. Know exactly what happens next.

01
Submit the preview request
Two minutes. Tell us which EU markets you operate in, whether you need MCP access, REST API, or both, and what type of AI pipeline you are protecting (agentic, LLM API, RAG, etc.).
02
We respond within one business day
A founder or engineer — not a BDR — reviews your request and replies directly. We will confirm fit, answer questions about coverage or integration, and schedule onboarding if needed.
03
You receive your API key and MCP endpoint
One API key covers both access modes. Add the MCP endpoint to your Cursor or Claude config, or drop the key into the SDK — Guard is running in minutes. No infrastructure to deploy.
04
First scan, first signed audit record
The first time Guard detects and redacts PII in your pipeline, you will see the entity list, the redacted text, and the signed audit record — all from the first call. Preview feedback shapes the GA release.
Request private preview → Direct response from the team. No sales deck.
ProvenanceCode platform

One provenance standard across your full AI stack.

Guard protects data before it enters AI. Verity governs AI-generated code at the Git layer. Agent OS governs AI agent actions at runtime. All three share the same signed audit record format — one consistent compliance trail, end to end.