Breaking
EST. 2018 Tonic.ai turns production data into privacy-safe synthetic copies ~$56M RAISED Series B led by Insight Partners Founders out of Palantir & Tableau Trusted by Comcast, eBay, UnitedHealthcare, Fidelity 100+ PB of data processed to keep the real thing untouched Tonic Textual: de-identify text before it feeds your LLM 10,000+ developers enabled
Company Dossier  ·  Synthetic Data  ·  San Francisco

Tonic.ai

The company that sells fake data on purpose - and made it safe enough for banks and hospitals to build on.

Founded 2018 Series B ~85 employees B2B SaaS
Tonic.ai brand graphic - secure data synthesis for software and AI development
THE PITCH, IN ONE FRAME. A stack of databases that never held a real customer. Tonic's whole business lives in the gap between "looks like your data" and "isn't your data."
~$56M
TOTAL RAISED
100+
ENTERPRISE CUSTOMERS
10,000+
DEVELOPERS ENABLED
100+ PB
DATA PROCESSED
The Profile

A Business Built on Data That Isn't Real

Here is a company whose founders will tell you, cheerfully, that their product is fake. The trick is that "fake" turns out to be the most valuable thing you can do with data you are not legally allowed to touch.

There is a moment familiar to anyone who has ever shipped software. You need to test something against real data - the kind with edge cases, weird names, malformed phone numbers, the one customer in Idaho whose record breaks everything. The safe, sanctioned test dataset is useless because it is too clean. The real production data is perfect because it is real. It also contains other people's Social Security numbers, and copying it into a test environment is, depending on your jurisdiction and your lawyer's mood, somewhere between a bad idea and a federal problem.

Most engineers, at some point, copy it anyway. "Just this once." Tonic.ai is a company built on the premise that "just this once" is a business opportunity worth roughly $56 million in venture funding.

The company, founded in San Francisco in 2018, sells synthetic data. That is the polite term. Its actual social media handle is @tonicfakedata, which tells you the founders decided early that they were not going to be precious about it. The pitch is straightforward and slightly counterintuitive: give Tonic your real database, and it will hand back a version that looks and behaves exactly like the original - same statistical shape, same relationships between tables, same edge cases - but contains none of the actual sensitive values. Realistic enough to build on. Fake enough to email to a contractor.

The founders came from the data-obsessed

The four co-founders - Ian Coe, Karl Hanson, Andrew Colombi, and Adam Kamor - came out of Palantir and Tableau, two companies that think about data in almost opposite ways. Palantir's whole existence is about extracting meaning from enormous, sensitive datasets. Tableau's is about making data legible to humans. Somewhere between "this data is dangerously powerful" and "this data should be easy to use" is the exact problem Tonic decided to solve.

Coe, the CEO, has described the core insight in interviews as a productivity problem disguised as a privacy problem. Engineers are blocked - by compliance, by security, by the sheer risk of handling production data - from the one thing that would let them move fast. The mission statement the company settled on is "unblock innovation with usable data," which is corporate, but the underlying claim is not: the bottleneck in a lot of software development is not talent or tooling, it is that the good data is radioactive.

It is worth pausing on the word "usable," because it is doing quiet work. There are, broadly, two failure modes for test data. One is data that is too safe: hand-rolled fixtures, a dozen fake users named Test McTestface, the sort of dataset that passes every test and then falls over the instant it meets a real customer. The other is data that is too real: a straight copy of production, useful precisely because it is dangerous. Tonic's entire proposition is that you should not have to choose - that there is a third category where the data keeps everything that makes it useful and sheds everything that makes it a liability. Whether that third category exists, in practice, is an engineering question, and the answer is most of the company.

"The company believes data privacy is a human right - and then, unusually, built the plumbing to actually enforce it."
— TONIC.AI, ON ITS OWN FOUNDING PREMISE

What it actually does

The mechanics matter, because "synthetic data" is easy to say and genuinely hard to do. The difficulty is not generating random plausible-looking rows. Anyone can do that. The difficulty is referential integrity: in a real database, the customer in the orders table has to match the customer in the customers table, whose ZIP code has to be consistent with their address record, whose account age has to make sense against their transactions. Break any of those relationships and the synthetic data stops behaving like real data, which means it stops being useful for the exact testing you built it for.

Tonic's original product, now called Tonic Structural, handles this for relational and NoSQL databases - de-identifying, masking, and subsetting production data while keeping all those relationships intact. Subsetting is its own quiet trick: instead of a 50-terabyte copy of production, you get a coherent slice small enough to run on a laptop, with the foreign keys still pointing where they should.

What you can actually do with it
  • Give developers realistic test data without copying production
  • Subset a giant database down to a laptop-sized, still-coherent slice
  • Strip PII out of documents and chat logs before an LLM ever sees them
  • Generate a whole synthetic database from a plain-language request
  • Satisfy HIPAA, GDPR, and PCI reviewers with de-identified datasets

Then the ground shifted. The AI boom created a new, enormous appetite for data - not neat rows in a database, but the messy stuff: support tickets, PDFs, contracts, chat logs. The unstructured text where personally identifiable information likes to hide. If you want to train a model or feed a retrieval-augmented generation (RAG) system on your company's documents, you first have to get the secrets out of them. This is tedious, error-prone, and exactly the kind of thing a company that already specializes in finding-and-replacing sensitive data would be good at.

So in 2024 Tonic shipped Tonic Textual, which it billed as a secure "data lakehouse for LLMs." It parses free text in any file format, uses proprietary named-entity-recognition models to detect sensitive information, and then either redacts it or - more cleverly - synthesizes a realistic replacement. Not "[REDACTED]" but a plausible fake name that keeps the sentence's shape and meaning intact, so the downstream model still learns something useful. The same year, it launched Tonic Fabricate, which lets you generate an entire synthetic database by describing what you want in a conversation, and Tonic Validate, a tool for evaluating how good your RAG system actually is across models from Anthropic, Google, Mistral, and others.

Who is buying, and why it's durable

The customer list is a good tell. Comcast, eBay, UnitedHealthcare, Fidelity Investments - companies in finance, healthcare, and telecom, which is to say companies where the data is both the most valuable asset and the most regulated liability. These are organizations where "let's just copy prod" ends careers. Tonic reports more than 100 customers, 10,000-plus developers using the tooling, and, in the kind of stat that is impossible to verify but fun to cite, over 100 petabytes of data processed.

The business model is the boring, good kind: B2B SaaS subscriptions, self-hosted or cloud, sold through the AWS and Microsoft Azure marketplaces, with integrations into places like Snowflake. It competes with Delphix, K2View, IBM Optim, and newer synthetic-data startups like Gretel and Mostly AI. The funding arrived in reasonable steps - an $8M Series A led by GGV Capital, then a $35M Series B led by Insight Partners in September 2021 - rather than the frothy mega-rounds that tend to age badly.

The competitive framing tells you something about where the category is heading. Delphix and IBM Optim come from the old world of "test data management," a discipline that was mostly about moving and masking copies of databases for large IT shops. The newer entrants - Gretel, Mostly AI - come from the machine-learning side, where synthetic data is a way to augment training sets and paper over gaps. Tonic sits, deliberately, in the middle: it started with the developer's test-data problem and then walked toward the AI team's data-preparation problem, which turns out to be the same problem wearing different clothes. In both cases the job is to produce data that is faithful in the ways you need and empty in the ways you fear.

A remote-first company of around 85 people, Tonic keeps offices in San Francisco, Atlanta, New York, Washington, and London - a footprint that maps less to where engineers want to live and more to where regulated industries and government-adjacent buyers cluster. The culture it advertises is unremarkable in the good way: curiosity, responsibility about data, a stated belief that privacy is a right rather than a compliance checkbox. It is the kind of positioning that would be easy to dismiss as branding, except that the product is, functionally, that belief compiled into software.

The most valuable data in your company is also the most dangerous to touch. Tonic's entire business is resolving that contradiction - and the AI era made it urgent."
— THE ONE-SENTENCE VERSION

What makes Tonic interesting is not that it is flashy - it is emphatically not. It sells infrastructure for a problem most people would rather not think about. But the problem is not going away. Every new AI initiative multiplies the demand for data and multiplies the number of places sensitive information can leak. Regulation is tightening, not loosening. The gap between "we have valuable data" and "we are allowed to use it" is the gap Tonic lives in, and that gap is getting wider.

Which is the quietly clever thing about a company called @tonicfakedata. The security industry spends its entire existence trying to prevent fake data from getting into systems. Tonic figured out that the same skill, pointed in the opposite direction, is worth building a company around. The fake data is the product. The realness is the hard part.

The Product Line

Four Ways to Make Data Safe

Structured Data · 2018

Tonic Structural

De-identifies, masks, and subsets relational and NoSQL databases while preserving referential integrity - realistic, privacy-safe data for dev and test.

Unstructured · 2024

Tonic Textual

Parses free text in any format, detects PII with proprietary NER models, and redacts or synthesizes it to prepare compliant data for RAG and LLM pipelines.

Generation · 2024

Tonic Fabricate

Generate entire synthetic databases and files from a natural-language conversation - from scratch or modeled on live sources, with integrity intact.

Evaluation · 2024

Tonic Validate

Measures the quality of retrieval-augmented generation systems across providers including Anthropic Claude, Google Gemini, Mistral, and more.

Deployment

Cloud & Self-Hosted

Available via the AWS and Microsoft Azure marketplaces, with integrations into environments like Snowflake for enterprise data teams.

Compliance

Expert Determination

Partnerships to certify de-identified datasets against HIPAA, GDPR, and PCI - turning regulatory review from a blocker into a workflow.

The People & The Numbers

Who Built It

IC

Ian Coe

CO-FOUNDER & CEO
KH

Karl Hanson

CO-FOUNDER & CPO
AC

Andrew Colombi

CO-FOUNDER & CTO
AK

Adam Kamor

CO-FOUNDER & HEAD OF ENG

Company Facts

FOUNDED2018
HQSan Francisco, CA
TEAM SIZE~85 employees
MODELB2B SaaS
TOTAL RAISED~$56M
LATEST ROUNDSeries B (2021)
CULTURERemote-first

Funding History

SERIES A · 2020$8M · GGV Capital
SERIES B · 2021$35M · Insight Partners
ALSO INBloomberg Beta, Heavybit
CUSTOMERSComcast, eBay
UnitedHealthcare, Fidelity
COMPETES WITHDelphix, K2View, Gretel
CATEGORYSynthetic Data
The Story So Far

Timeline

2018

Tonic.ai is founded

Four engineers out of Palantir and Tableau start the company to give developers safe, realistic test data.

2020

$8M Series A

GGV Capital leads an $8M round to help developers get the data they need without touching production.

2021

$35M Series B

Insight Partners leads a $35M round, putting synthetic data at the forefront of the company's growth.

2024

Textual, Fabricate & Validate

Tonic ships tools for unstructured de-identification, conversational data generation, and RAG evaluation - aimed squarely at the LLM era.

Frequently Asked

The Short Answers

What does Tonic.ai do?
It generates synthetic, privacy-safe versions of real data - both structured databases and unstructured text - so engineers can build, test, and train AI models without exposing sensitive information.
Who founded Tonic.ai and when?
It was founded in 2018 by Ian Coe, Karl Hanson, Andrew Colombi, and Adam Kamor, a team that came out of Palantir and Tableau.
How much funding has it raised?
Roughly $56M across four rounds, including an $8M Series A led by GGV Capital and a $35M Series B led by Insight Partners in September 2021.
What are the main products?
Tonic Structural for structured test data, Tonic Textual for unstructured de-identification, Tonic Fabricate for AI-powered generation, and Tonic Validate for RAG evaluation.
Who uses Tonic.ai?
Enterprises in finance, healthcare, and technology, including named customers such as Comcast, eBay, UnitedHealthcare, and Fidelity Investments.
Go Deeper

Links, Video & Elsewhere