Redact PII Before Sending Prompts to ChatGPT
Personal data appears in prompts in ways that are easy to overlook. A name in a document summary. A date of birth in a case note. An email address included as context. Each one is a data protection exposure waiting to happen.
Ventrin is a Chrome extension that scans and sanitises employee prompts locally in the browser before they are sent to ChatGPT, Claude, Gemini or Copilot. When sensitive content is detected, Ventrin warns the employee, rewrites the prompt automatically, or blocks the send — depending on your team's policy. Sensitive data never leaves the device unintentionally. Admins see every risk event in a central dashboard.
Where PII appears in AI prompts
Personal data does not always look like a privacy risk in the moment. An employee asking ChatGPT to rewrite an email naturally includes the recipient's name. A team member summarising a case note pastes in the client's date of birth. A manager asking for feedback on an HR situation mentions the employee by name.
Under UK GDPR and international data protection rules, processing personal data through a third-party AI service is a data sharing event. Without appropriate controls, that event is invisible, unlogged and potentially non-compliant.
Client names, employee names and third-party names used as context in prompts.
Contact details included when asking AI to draft or reply to correspondence.
Contact information in notes, records or CRM data pasted directly into prompts.
Age verification, medical context and identity details included in case or HR prompts.
Physical addresses in legal documents, HR records or client correspondence used as prompt context.
National Insurance numbers, passport references and similar identifiers in administrative prompts.
How Ventrin redacts PII before prompts are sent
Ventrin's on-device detection model identifies personal data in prompts before they leave the browser. It classifies each detected item by type — name, email, phone number, date of birth, address — and decides whether to remove it, generalise it or block the prompt entirely.
The rewritten prompt preserves the user's intent. "Summarise this note about Sarah Chen, DOB 14 March 1985" becomes "Summarise this note about a named individual." The task is still complete. The personal data is not sent.
All detection runs locally. The original text stays on the device.
Key Ventrin features for this use case
Recognises names, emails, phone numbers, dates of birth, addresses and national identifiers.
No PII leaves the device for processing. Detection and rewriting happen in the browser extension.
Removes specific identifiers without changing what the prompt is trying to accomplish.
Works across all browser-based AI tools. No proxy, no API gateway, no network configuration.
Every PII detection event is recorded with risk type, action and timestamp — no raw PII stored.
Configure how PII is handled per team. Stricter blocking for HR and legal. Warnings for general teams.
PII redaction before and after
This example shows a case note prompt with seven types of personal data detected and removed before sending.
Client: Sarah Chen, DOB 14/03/1985
Address: 47 Millbrook Lane, Bristol BS4 2QR
Phone: 07712 445 890
Email: s.chen@personalmail.co.uk
Ref: MATTER-2024-4471
Sarah attended on 14 January regarding an employment dispute with her previous employer, Dexford Solutions Ltd. She alleges constructive dismissal following a restructure in Q4 2023.
Client: [individual], [date of birth]
Address: [address]
Phone: [phone number]
Email: [email address]
Ref: [matter reference]
[Individual] attended on 14 January regarding an employment dispute with a previous employer, [employer name]. They allege constructive dismissal following a restructure in Q4 2023.
Built for teams that cannot afford a data incident
Local-first detection
The scanning model runs in your browser, not on our servers. Sensitive content never leaves the device for analysis.
No data egress
Ventrin does not receive, store or process your team's prompt content. Only risk event metadata is logged.
Configurable policy controls
Warn, sanitise or block based on content type and team role. Full control over how the extension behaves.
Admin event logs
Every flagged event is recorded with risk type, action and timestamp. Provides the audit trail your compliance process needs.
Protect your team's AI use from the browser
Ventrin deploys as a Chrome extension. No proxy, no network change, no IT project. Most teams are protected on the same day.
Frequently asked questions
Ventrin is a technical control that helps reduce the risk of personal data being sent to AI tools without authorisation. It is not a compliance guarantee and does not constitute legal advice. Firms should assess their AI data processing practices with a data protection officer or legal adviser.
In some cases, personal data is genuinely necessary. Ventrin gives employees the option to review a sanitised version and proceed. If the sanitised prompt is too vague to be useful, the employee can consider whether the task is appropriate for an external AI tool, or whether to use a more controlled internal tool.
Ventrin's current detection model is optimised for English-language prompts. Detection accuracy for other languages may vary. This is an area of active development.
No. Ventrin logs the risk event metadata — type detected, action taken, timestamp and tool used. The original prompt content is not stored on Ventrin's servers. Only the sanitised version is ever sent to the AI tool.
Yes. Ventrin's policy settings let admins define the response per data type. Dates of birth might trigger a rewrite. Credentials always trigger a block. National identifiers might trigger a block in legal and HR contexts but only a warning in general business use.
Ventrin scans whatever appears in the prompt box, including text pasted from documents. It does not scan attached files directly. If content from a document is pasted into the prompt field, Ventrin will scan and sanitise it in the same way as any other input.
Let your team use AI without leaking sensitive data.
Join legal and professional teams already using Ventrin to protect their AI use. Browser-based, locally detected, fast to deploy.