Documentation
Features
PII Masking
Laghav integrates Microsoft Presidio to detect and mask personally identifiable information (PII) before the prompt reaches any external LLM or analytics pipeline. Original values never leave your perimeter.
Detected entity types
| Entity | Examples | Placeholder |
|---|---|---|
| Aadhaar (India) | 1234 5678 9012 | <AADHAAR_1> |
| PAN (India) | ABCDE1234F | <PAN_1> |
| Phone number | +91 98765 43210 | <PHONE_1> |
| Email address | user@example.com | <EMAIL_1> |
| Credit card | 4532 1234 5678 9012 | <CREDIT_CARD_1> |
| Person name | Prashant Yadav | <PERSON_1> |
| Location | Pune, Maharashtra | <LOCATION_1> |
Enabling PII masking
pii.py
# Enable via laghav_optionsresponse = client.complete(messages=[{"role": "user", "content": "My Aadhaar is 1234 5678 9012 and email is user@example.com. Help me."}],model="auto",laghav_options={"mask_pii": True})# What is sent to the LLM:# "My Aadhaar is <AADHAAR_1> and email is <EMAIL_1>. Help me."# LLM response uses placeholders which Laghav substitutes backprint(response.laghav_meta.pii_masked) # Trueprint(response.choices[0].message.content) # Contains original values restored
⚠ENABLE_PII_MASKING env var
PII masking must be enabled at the gateway level with
ENABLE_PII_MASKING=true in your environment. It is available on Scale+ plans.How restore keys work
Laghav stores the original→placeholder mapping in Redis (laghav:pii:{restore_key}, TTL 1 hour). When the LLM returns a response containing placeholders, Laghav substitutes them back before returning to your application. The original values never appear in ClickHouse analytics logs.
ℹDPDP & GDPR compliant
PII masking ensures prompt data meets India's Digital Personal Data Protection Act (DPDP) and GDPR Article 25 data minimization requirements. See our Security page for more.