Popular AI chatbots like Claude, Gemini, and ChatGPT can analyze data from spreadsheets and other uploaded files. You can download tables and use them to create summaries, find patterns, and more. you may want. I wanted to analyze my costs to see if I could find ways to save money using ChatGPT, but I didn’t want to upload my personal data to the cloud. Using a PII detection tool and local LLM, I was able to remove personal information before uploading the files.
Your bank statements reveal more than you think
Obvious identifiers are only part of the risk
There are some obvious details on a bank or credit card statement that I did not want to upload to the cloud. My bank account number, name and address and even partial card numbers are all there information I don’t want to share unnecessarily. None of this information is needed to analyze my costs.
However, beyond these obvious identifiers, financial statements contain many other details that can reveal information about you. For example, details of normal transactions could potentially reveal where I shop, where I live, which doctor I visit, where my children go to school, when I’m away from home and where I go, and the names of people I send or receive payments from.
Simply uploading a bank statement with obvious details hidden may not be enough. If I want to protect my privacy, I need to delete more things. The good news is that I can do this with a privacy tool and a native LLM running on a humble mini PC.
The Presidio can separate the details that are easily detected
The first link manages names, contact information and financial identifiers
Presidium is an open source framework for identifying and anonymizing personally identifiable information (PII). It can analyze the extracted text for names, phone numbers, email addresses, locations, credit card numbers and more. The detected text can then be replaced with placeholders such as (PERSON) or (PHONE_NUMBER) using Presidio’s Anonymizer.
You can add custom identifiers directly as part of your request so Presidio can do the same edit information which may otherwise remain intact. For example, you can add custom account reference formats so that matching references can also be modified.
I installed Presidio in a container on my mini PC. Presidio processing occurs locally on that machine, so data does not need to be sent to a third party service.
Operational descriptions can provide a lot of information
The most obvious details don’t always appear as PII
The problem with using Presidio alone is that it doesn’t capture everything. Those familiar with the Presidio may miss things they are not configured or trained to identify but may still be. disclose personal or sensitive information.
For example, a payment slip for a school trip may mistakenly reveal the name of my children’s school, while the name of a local club may be unique enough to reveal my location.
The Presidio may not understand the paper in the same way as the LLM. It relies on configured identifiers, including pattern matching and contextual rules, to identify text that may contain PII. If something falls outside these patterns, it won’t be touched, even if it clearly contains personal information.
A local LLM can catch up on what the Presidio left behind
Hints about your identity can be replaced with useful tags
This is where a local LLM can help. LLMs can use context to uncover potentially revealing text that Presidio might otherwise miss. For my use case, I might as well suggest replacing the model’s sensitive text with useful placeholders.
For example, if the transaction description contains the name of my dental practice, this may expose my location. However, if the payee is simply replaced with “PAYEE”, it won’t be useful when I want to analyze my expenses. The world’s most powerful AI will struggle to give me useful spending advice if it can’t tell what the money is actually being spent on.
Using an LLM, I can replace the name of my dental practice with “dentist” or the name of my children’s school with “school”. This gives ChatGPT enough information to work without exposing anything identifiable.
With a small local model works with Ollama on my mini pc and with a carefully written query, I can identify and replace additional potentially identifying information before uploading the data to ChatGPT. Here a the local LLM really shines; you can download without worrying about where sensitive data ends up. This It takes some time to work on my hardwarebut it’s not something that should work right away.
Two privacy filters may still not be enough
I always check the results myself
The local LLM is there to catch details past the Presidio, but he can miss things too. Even after enabling both switches, there is no guarantee that all PII will be removed from my data.
So after my data goes through both the Presidio and the local LLM, I go over it myself, looking for anything that was missed. After personally inspecting the data, I am confident that the risk of PII being overlooked just once is low enough for me. upload the document to ChatGPT.
It doesn’t take long to manually check because I won’t be uploading hundreds of documents at once; when I analyze my costsI usually only download one month’s worth of reports. Since most of the PII is already captured, I usually only need to edit one or two things here and there to remove additional personal information.
ChatGPT doesn’t need to know where I shop
AI chatbots are incredibly useful, but it’s easy to offload anything and everything to them without thinking about it. I don’t want sensitive financial information ending up on third-party servers, and while OpenAI already stores account and payment information that includes my name and contact information, it doesn’t need to know where I actually shop.





