// CONCEPTS
PII categories
Every time you send data to an AI, you risk exposing personal information about the people in it — customers, employees, patients. Omna's local Rust kernel scans every row and replaces each value with a typed placeholder before a single byte leaves your machine. No cloud service, no API call — everything runs on-device.
How masking works
Omna detects personal data across ten categories and replaces each value with a typed placeholder — a bracketed label plus a sequential number. The original value is stored in a local token registry that maps each placeholder back to its real value.
John Smith → [PERSON_1]
john@acme.co → [EMAIL_1]
(415) 555-0132 → [PHONE_1]
123-45-6789 → [GOVT_ID_1]
sk-live-9f2a… → [SECRET_1]The AI receives only the masked text. It reasons about [PERSON_1] the same way it would about "John Smith" — the placeholder preserves grammar and column relationships — but it never learns the real value.
The token registry
The registry lives entirely on your machine. There are two variants:
- Session registry (browser extension) — lives in memory for the session and clears when you close the browser.
- Persistent registry (desktop app) — stored at
~/Library/Application Support/Omna/registry.tsv, so the same value always maps to the same placeholder across sessions (John Smithis always[PERSON_1]).
The ten categories
| Category | Examples | Placeholder |
|---|---|---|
| Identity | Names, nicknames, dates of birth | [PERSON_N], [DOB_N] |
| Contact | Email addresses, phone numbers, physical addresses | [EMAIL_N], [PHONE_N], [ADDRESS_N] |
| Government IDs | SSNs, passport numbers, driver's licences | [GOVT_ID_N] |
| Financials | Credit cards, bank accounts, IBANs | [FINANCIAL_N] |
| Healthcare | Diagnoses, prescriptions, insurance policy numbers | [HEALTH_N] |
| Digital footprint | IP addresses, cookies, device IDs | [DEVICE_N] |
| Employment | Salaries, performance reviews, HR records | [EMPLOYMENT_N] |
| Corporate secrets | Internal codes, pricing strategies, roadmaps | [INTERNAL_N] |
| Credentials | Passwords, API keys, OAuth tokens | [SECRET_N] |
| Custom patterns | Enterprise-defined patterns | [CUSTOM_N] |
ACME-\d{5}) are available on the enterprise tier.Multi-name detection
When a sentence contains several names, Omna masks all of them — including contrast and comparison phrases (X not Y, X vs Y, rather than Z, instead of W):
"I'd recommend Smith, not Johnson."
→ "I'd recommend [PERSON_1], not [PERSON_2]."Known limitations
Omna is built to minimize missed PII while keeping false positives low, but a few edge cases apply:
- Unusual name formats — single-name identifiers or highly culture-specific constructions may occasionally be missed. Test with a sample if your data has unusual names.
- Initials — short initials like "J.S." are ambiguous and not flagged, to avoid excessive false positives.
- Context-dependent numbers — a 16-digit number is only masked as a card in a financial context.