Privacy & Security
Privacy model
InputGuard is browser-native AI DLP built so scanned prompt, paste, and file contents stay in the browser. Here is exactly how that works.
Detection runs locally
InputGuard scans content inside the browser, on the device, before anything is submitted to an AI tool. It inspects:
- Pasted text
- Prompts
- Text attachments
Detection happens locally. The matching logic and policy evaluation run in the extension itself, not on a server.
Scanned content is not uploaded
Organizations do not receive the content InputGuard scans. That means they do not receive:
- Prompt text
- Pasted content
- File contents
- Full sensitive values
- Full URLs, query strings, or URL hashes
The scanned content stays on the device
Metadata visibility
So administrators can understand risk and enforce policy, organizations may receive metadata about a detection rather than the scanned content. Metadata can include:
- Detection category (for example, “credit card” or “API key”)
- Action, outcome, severity, and match counts
- Site hostname or domain, without full URL paths or query strings
- Device and installation information
- Policy source and version
- Attachment counts, file types, and skip reasons
- Timestamps
- Locally redacted justification text when a policy requires a reason
For the precise list of what is and isn’t stored, see What data is stored and Audit metadata.