Local vs cloud
Anonymization belongs on your machine.
A cloud anonymizer has to receive your document in the clear before it can protect it. The risk you wanted to avoid, you already took it.
The online-anonymizer paradox
To anonymize your document in the cloud, a service first has to read it. That means you upload it whole, in the clear, before any data is removed. The transfer happens, the copy lands on someone else's server, the logs may keep it. The risk you wanted to avoid, you already took it the moment you pressed send.
What leaves with Anoni
Nothing, once the engine is installed. The first launch downloads the engine and the detection models, one time. After that, no document and no excerpt ever leaves. Cut the network and Anoni still runs. The only thing that ever goes out is your email address, once, when you activate your license.
Reversibility stays with you
The mapping between fake name and real data is encrypted with AES-256-GCM. The key is derived from your passphrase with Argon2id, on your machine. No server holds it. Without your passphrase, no one restores the original. Not the publisher, not anyone.
No telemetry
No tracker, no usage stats, no file sent in the background. There is nothing to turn off, because there is nothing to turn on. A cloud tool sees every document you hand it. Anoni sees none, because they never leave the machine.
The honest trade-off
Local means the work runs on your machine, and so does the read-through. You keep the document, and you keep responsibility for it. Anoni finds the sensitive data and replaces it, fast, but it does not relieve you of a final check. The tool helps. It does not decide for you.
See the full comparison, the compliance answers your DPO expects, or download Anoni and run it offline.