DLP for ChatGPT, Copilot & Claude
Stop sensitive data leaking into ChatGPT. On-device, before the prompt is sent.
AIovert is a browser-based DLP for ChatGPT and 20+ AI tools. It detects personal data, source code, and credentials in the prompt and blocks them on-device — before anything reaches the model. No proxy, no SSL inspection, deploys in 15 minutes.
This paste contains customer PII, a card number and an AWS key. Sending it to ChatGPT would breach GDPR Art. 28/32. It never left the browser.
The exposure
What your team pastes into AI, and why it's a problem.
- Personal & customer data: names, emails, SSNs, IBANs and customer lists pasted in to draft replies or summarise records.
- Source code & secrets: proprietary code, API keys and access tokens dropped in to debug or refactor.
- Why it's invisible: ChatGPT traffic is TLS-encrypted, so network DLP and CASBs see the connection but never the prompt text.
Regulatory mapping
The rules that apply, and where the risk sits.
Unapproved processor
Pasting personal data into consumer ChatGPT with no DPA makes it an unvetted processor — an Article 28 breach.
Security of processing
On-device blocking is an appropriate technical measure; an uncontrolled prompt is a failure of it.
AI literacy & governance
You must show staff use AI tools under control — an audit log of blocked prompts is that evidence.
Informational mapping, not legal advice. See our compliance overview for the full framework.
How AIovert helps
Block the leak. Log the proof.
- Block at the input field: the paste is cancelled in the browser; nothing sensitive reaches ChatGPT.
- Work continues, masked: one click pastes a redacted copy so the task still gets done, re-checked before it goes out.
- Deploy in 15 minutes: force-install via Google Workspace or Intune. No proxy, no certificates, no network changes.
- Audit-ready evidence: every attempt logged with severity, tool, user and regulation — export to CSV, JSON or SIEM.