Built for the AI compliance era · Shipping May 15, 2026
Sether hides personal data from your AI.
A streaming redaction layer between your app and any LLM provider — OpenAI, Anthropic, Bedrock, Gemini, your own fine-tunes. Names, emails, and numbers get tokenized before leaving your boundary, then restored on the way back. Three lines of TypeScript.
npm install @raeven-co/sether · MIT licensed · zero vendor lock-in
Live sandbox
Paste anything. Watch Sether redact it before it would reach the LLM.
Same detection logic as @raeven-co/sether, running entirely in your browser. Your test data never leaves your device. Detectors marked PRO are heuristic previews — production-grade NER ships in 0.2.
In production, this is three lines.
Streaming-native. Chunk-boundary safe. ReDoS-checked. Audit log writes to your storage of choice.
import { Sether } from '@raeven-co/sether';
const sether = new Sether();
const openai = sether.wrapOpenAI(client);Three lines of code.
Wrap your OpenAI or Anthropic SDK with Sether. Outgoing requests are scanned for sensitive fields and replaced with tokens before they leave your infrastructure. Incoming responses have those tokens replaced back transparently. Your app code doesn't change.
- ✓ Chunk-boundary safe streaming
- ✓ TypeScript-first, dual ESM/CJS
- ✓ Pluggable detectors + custom regex
- ✓ Token vault stays in YOUR infra
import { Sether } from '@raeven-co/sether';
import OpenAI from 'openai';
const sether = new Sether();
const openai = sether.wrapOpenAI(
new OpenAI({ apiKey: process.env.OPENAI_KEY })
);
// Sensitive values are automatically redacted before reaching OpenAI,
// and restored in the response — invisibly.
const response = await openai.chat.completions.create({
model: 'gpt-4',
messages: [{ role: 'user', content: userInput }]
});You shipped LLM features. Compliance shipped with them — whether you noticed or not.
Forwarding a customer's email to any LLM provider without sub-processor disclosure is a violation. Max fine: 4% of global annual revenue.
Phase 2 enforcement begins August 2026. Undocumented high-risk AI flows trigger penalties up to 7% of global revenue.
Auditors now require demonstrable controls on personal data at sub-processor boundaries. No controls = audit finding = lost enterprise deals.
The fines aren't hypothetical. The first GDPR enforcement actions specifically tied to AI flows landed in 2025. Your audit committee, your board, and your cyber insurance underwriter all now ask about it. Two years ago they didn't.
How it works
From npm install to production audit log in under an hour.
Install
npm install @raeven-co/sether — or point your SDK at our hosted gateway. Zero infrastructure to provision.
Wrap
One line wraps your OpenAI or Anthropic client. Pluggable detectors for names, emails, secrets, and custom patterns.
Audit
Every redaction event is logged with the specific GDPR / SOC2 / HIPAA control it satisfies. Export to your SIEM.
Architecture
Your data stays in your infrastructure.
The token vault — where original sensitive values are stored before restoration — runs in YOUR Redis, Postgres, or KV store. We never persist your data. Smaller compliance footprint by design.
- ✓ No raw personal data leaves your boundary
- ✓ Pluggable vault: Memory, Redis, Postgres, custom
- ✓ Tokens are stateless on our gateway
- ✓ DPA, BAA, and SCC available on Team and above
Use cases
Built for AI compliance. Generalizes to anything sensitive.
Sether's engine — detect, tokenize, conditionally restore, audit — works wherever you have data that must be selectively hidden. AI compliance is the headline. The underlying primitives serve more.
AI compliance
Sit between your app and any LLM provider — OpenAI, Anthropic, Bedrock, Gemini, your own fine-tunes. Redact personal data before it leaves your boundary. Map every event to GDPR, SOC 2, HIPAA, EU AI Act controls. Defend the audit.
NDA-bound listings
Job platforms, freelance marketplaces, RFP boards. Redact client names, project codenames, and proprietary details before publishing. Conditionally restore for vetted applicants who sign NDAs.
Log sanitization
Strip personal data and secrets from logs before they reach Datadog, Splunk, Sentry. The same engine that protects your AI flows can sanitize your observability stack.
Pricing
Anchored below what you already pay OpenAI.
The OSS is free forever. Hosted tiers start at $5/mo — a quarter of ChatGPT Plus — because a security layer should never cost more than the thing it secures.
OSS
Self-host. MIT licensed. No limits.
- ✓ Unlimited redactions (your infra)
- ✓ Core detector pack
- ✓ In-memory vault
- ✓ Community support on GitHub
Indie
A quarter of ChatGPT Plus. For solo devs.
- ✓ 100K hosted redactions / mo
- ✓ All detectors + NER
- ✓ 7-day audit log
- ✓ Email support
- ✓ 1 seat
Team
Still under ChatGPT Plus. For shipping startups.
- ✓ 2M hosted redactions / mo
- ✓ Custom detectors
- ✓ 30-day audit log + export
- ✓ DPA included
- ✓ 5 seats
Business
Compliance-grade. SOC2 / SSO / BAA.
- ✓ Unlimited redactions
- ✓ SSO + SAML
- ✓ 1-year audit retention
- ✓ SOC2 / GDPR / HIPAA reports
- ✓ BAA + SLA
- ✓ Dedicated support
Annual saves 20%. Need self-hosted Enterprise with BAA + SLA? Talk to us.
Compliance + security
Built for the buyer who has to defend it in the audit.
Mapped to specific regulations.
Every redaction event tagged with GDPR articles, SOC2 controls, HIPAA sections. Export to CSV / Splunk / Datadog. Hand your auditor a report, not a memo.
Open source.
The core library is MIT licensed on GitHub. Read the code. Fork it. Audit it. The hosted version is what you pay for — not lock-in.
Sether maps controls to these frameworks. Independent SOC 2 Type 1 attestation in progress (Q3 2026).
Frequently asked
Questions buyers actually ask.
What is 'PII'?
Many teams use the term PII — personally identifiable information. If the acronym does not resonate with yours, think personal data: names, emails, phone numbers, payment details, and anything that could identify a real person. Sether tokenizes those values before they reach the model.
Why not just use Microsoft Presidio?
Great if you have a Python team and need batch processing. Sether is streaming-native and TypeScript-first — built for the JS/TS stack the AI dev community actually uses. Often complementary; not directly competitive.
Why not just write our own regex?
You can — and we won't pretend the basic detection is hard. The 80% you'd own forever (audit log retention, SOC2 control mapping, EU AI Act tracking, DPA templates, cross-customer threat updates) is the part nobody wants to maintain. We've eaten that pain.
Where does my data actually live?
In your own infrastructure. The token vault is configurable — Memory (default), Redis, Postgres, custom. We process the redaction events for billing/analytics; we don't persist your customers' raw personal data.
How fast is integration?
Three lines of code for the SDK wrapper. Most teams are in production within a day. The hosted gateway requires only changing your API base URL.
What happens if Sether goes out of business?
Worst case, you fork the OSS core — it's MIT licensed and the npm package is yours forever. Best case, we keep shipping. Either way, no vendor lock-in by design.
When will you have SOC2?
Type 1 in progress, expected Q3 2026. Type 2 follows ~6 months later. Controls documentation available on request in the meantime.
Can I use Sether for non-AI use cases like marketplace NDA redaction?
Yes. Sether's primitives — detect, tokenize, conditional restore, audit — work for any flow where sensitive content needs to be selectively hidden. Job platforms and freelance marketplaces use Sether to redact NDA-bound details before publishing, then conditionally restore for applicants who sign agreements. Custom detectors via dashboard let you define what's sensitive in your domain. Available on Pro and above.
Ship AI features. Pass the audit. Sleep at night.
Install the OSS in minutes. Join the list for hosted trials and onboarding — we never share your email.
npm install @raeven-co/sether