Use AI in the EU
Sleep at night

dunpai sits between your app and any LLM — OpenAI, Anthropic, Mistral, or self-hosted. It strips personal data before it reaches the model and logs everything for GDPR. The AI never sees real PII. Change one URL and you're compliant.

Request access See how it works
# Before: your data goes to OpenAI's US servers
curl https://api.openai.com/v1/chat/completions \
  -d '{"messages": [{"content": "Email hans@acme.de about IBAN DE89370400440532013000"}]}'

# After: route through dunpai. PII is stripped automatically.
curl https://api.dunpai.eu/v1/chat/completions \
  -H "X-Upstream-Api-Key: sk-your-openai-key" \
  -d '{"messages": [{"content": "Email hans@acme.de about IBAN DE89370400440532013000"}]}'

# dunpai detects the email and IBAN, replaces them with tokens,
# forwards the sanitized prompt to your LLM (OpenAI, Anthropic, etc),
# restores the PII in the response, and logs everything for GDPR.
# The LLM never sees real personal data. Works with any provider.

How it works

01

PII detection

Every request is scanned for personal data — emails, phone numbers, IBANs, credit cards, tax IDs, IP addresses. Detected PII is replaced with tokens before the LLM sees it.

02

Any LLM provider

Sanitized requests are forwarded to your LLM — OpenAI, Anthropic, Mistral, or self-hosted. Bring your own model and API key. PII tokens are restored in the response before it reaches your app.

03

Compliance proof

Every request is audit-logged. Generate GDPR Article 30 reports with one click. Handle Data Subject Access Requests automatically. Show regulators exactly what happened.

The feature that pays for itself

"What did you do with my data?"

Under GDPR, anyone can ask this. You have 30 days to answer. If your AI processed their email, phone number, or IBAN — you need to prove what happened to it.

dunpai stores a one-way hash of every PII value it detects — not the value itself. When a DSAR comes in, we hash the identifier and match it against the audit trail. We find every processing event without ever storing the raw personal data.

Without dunpai

1. Receive DSAR from hans@acme.de

2. Search your logs — but you don't log AI prompts (privacy risk)

3. Ask engineering to grep production databases

4. Find nothing because raw prompts were never stored

5. Reply "we have no records" and hope the regulator believes you

Weeks of work. No confidence in the answer.

With dunpai
curl api.dunpai.eu/v1/compliance/dsar \
  -d '{"identifier":"hans@acme.de"}'

// Response in milliseconds:
{
  "matches": [{
    "timestamp": "2026-03-23T10:00:00Z",
    "pii_type": "email",
    "action": "stripped"
  }],
  "total": 1
}

One API call. Every processing event. Without storing the raw data.

What you get

Bring your own model

Keep using OpenAI, Anthropic, Mistral, or any provider. dunpai is a proxy — pass your upstream API key and we strip PII before it reaches them. Streaming supported.

8 PII types detected

Emails, phone numbers, IBANs (checksum-validated), credit cards (Luhn-checked), EU VAT numbers, IP addresses, dates, postal codes. Sub-millisecond scanning.

Article 30 reports

Auto-generated records of processing activities. Daily breakdown of what data was processed, which models were used, and what safeguards were applied.

DSAR support

When someone asks "what did you do with my data?", search by email or phone number and get every processing event — without storing the raw data.

Admin dashboard

Real-time metrics, PII detection charts, audit log browser, compliance report generator, tenant management. All in a dark, professional interface.

PII never leaves the EU

dunpai runs on EU infrastructure. Personal data is stripped before reaching any AI provider — even US-based ones. The LLM only sees sanitized tokens, not real data.

Pricing

All features included. Always. You only pay for volume.

Flex
0.0006 € / request
First 1,000 / mo Free
Price Follows our costs
Commitment None
Billed Monthly

Cheapest rate. Price follows our infrastructure costs.

Get started
Fixed
0.001 € / request
First 1,000 / mo Free
Price Locked 12 months
Commitment Annual
Billed Monthly

Predictable costs. Rate guaranteed for one year.

Get started