EDI-X12 EDI-X12 by datax3.com
Security & privacy

Privacy mode: your data never leaves your browser

If you paste your own OpenAI or Anthropic API key, EDI-X12 calls the AI directly from your browser. Our server is bypassed entirely.

The two modes

Default mode (server-routed)

EDI text is sent from your browser to edix12.cleardata.app/api/assistant.php. The server forwards it to OpenAI or Anthropic using our API keys, then returns the response. Server-side logging records the request timestamp, transaction type, and prompt character count — but not the EDI payload itself.

Privacy mode (BYO key)

You paste your own OpenAI or Anthropic API key into the in-app key drawer. The key is stored in your browser's localStorage only. When you click Validate or Explain, the JavaScript calls https://api.openai.com or https://api.anthropic.com directly. Our server is not involved.

Why this matters

What we log in privacy mode

What the AI provider sees

OpenAI and Anthropic both log API calls under your account. By default they may use logs for abuse monitoring. Both offer enterprise / zero-retention modes if you require them. EDI-X12 doesn't influence those settings — they're between you and the provider.

How to enable privacy mode

  1. Get an API key from OpenAI or Anthropic.
  2. Open EDI-X12, click the account button, then "Use my own API key."
  3. Paste the key. Pick the provider.
  4. The privacy chip in the UI turns green. Every AI call now bypasses our server.

What we still don't recommend pasting

Even in privacy mode, your data still leaves your machine to reach OpenAI / Anthropic. Don't paste:

Threat model

Try privacy mode.

Get a key from your AI provider, paste it once, and your EDI files stop traversing our servers.

Open the validator