Privacy by architecture, not promises
The strongest guarantee is one that doesn't require trusting us. SOWA Privacy is built so your sensitive data physically never reaches us:
Data flow at a glance
SOWA Privacy is a Chrome extension. The path your text takes when you use a supported AI chatbot:
- You type into the chatbot's input field.Text never leaves the browser at this stage.
- The extension's content script reads the input and runs detection locally.Regex + a local NER model executed in your browser via WebAssembly / WebGPU.
- Detected entities are replaced with neutral placeholders (e.g.
[PERSON_1]).The original-to-placeholder mapping is stored inchrome.storage.localon your device. - The placeholder-replaced prompt is submitted to the chatbot's normal endpoint.The AI provider sees only the anonymised text. SOWA Privacy does not sit between you and the provider as a network proxy.
- When the AI's response arrives, the extension re-personalises placeholders in your browser using the local mapping.You read the response with the real names; the AI provider never saw them.
For optional audit logging on Business and Enterprise plans, action records are hashed locally and shipped only to a server you nominate (your own infrastructure or a tenant we host for you under contract). They are not sent to a SOWA-operated central log.
Browser permissions and why each is needed
Manifest V3 Chrome extension permissions, with the rationale per permission:
activeTab– read content of the currently active tab so detection can run on the input field you’re typing in.scripting– inject the content script that watches input fields on supported chatbot sites.storage– save your settings, mapping dictionary, and (optionally) audit log entries locally in your browser.tabs– identify which chatbot site you’re on so the right adapter is loaded.contextMenus– provide right-click options for ad-hoc anonymisation / re-personalisation of selected text.downloads– let you export anonymised documents, dictionary entries, and audit logs to your device.sidePanel– render the extension's side panel (used by the optional built-in chat with your own API keys).windows– manage extension popup / panel lifecycle.
The content script declares <all_urls> so detection can be available on any AI chatbot you use, including future ones we add support for. Permissions are static, declared in the public Manifest, and observable in chrome://extensions/?id=….
Optional customer-controlled audit logging
Audit logging is opt-in on Business and Enterprise plans and tracks actions, not chat content. Examples of what goes into a record:
- "scan performed on chatbot.example.com"
- "file redacted (PDF, 12 entities)"
- "dictionary entry exported"
What it does not contain: prompt text, AI response text, original sensitive values, or placeholder mappings.
Records are hashed locally before transmission to the server you nominate. Enterprise customers may host the audit-log endpoint inside their own compliance perimeter so SOWA Privacy never touches the data path.
Known limitations
We’d rather be specific than confident. Things SOWA Privacy does not do or cannot guarantee:
- False negatives are possible. No NER model achieves 100% recall on every entity type, language, or formatting variant. We tune for precision and continually improve coverage; we do not promise zero leaks.
- False positives happen. Aggressive detection sometimes masks values that aren’t sensitive. The user has manual override and an exception list; admins on Business / Enterprise can centrally tune these.
- Browser-only. SOWA Privacy works inside the Chrome browser. The desktop apps for ChatGPT, Claude, Gemini etc. are not covered.
- Chrome only on launch. Edge, Brave (Chromium-based) testing is in progress; Firefox is on the roadmap.
- Not a DLP suite. SOWA Privacy is an in-the-moment privacy layer for AI chat workflows. It works alongside Microsoft Purview, Zscaler, Nightfall, and other DLP / CASB tooling – not as a replacement.
- Browser security boundary. Local storage protections are bounded by your browser and OS. Compromise of the device compromises the dictionary.
Open source and auditability
The detection core is published at github.com/Sowa-Privacy. Anyone can read the code that processes prompts, confirm that it does not write to disk except for the explicitly documented local stores, and verify that no telemetry is collected. We treat the repository as the authoritative reference for the claims on this page.
Data protection & GDPR
SOWA Privacy is designed for GDPR compliance by minimising what we process. Because detection runs locally, the lawful-basis and cross-border-transfer questions that dominate most AI tools don't arise for your prompt content – it never leaves your device.
The limited data we do hold exists to run the service, not the product:
- Account data – your email and authentication, to sign you in and manage your plan.
- Billing data – processed by our payment provider; we never store card numbers.
- Website analytics – optional, consent-gated, and EU-hosted; nothing loads unless you accept.
A Data Processing Agreement (DPA) is available for procurement and DPO reviews via the contact form. See also our Privacy Policy.
Sub-processors
The third parties that process limited account and billing data on our behalf. None of them ever receive your prompts, documents, or detected values.
| Provider | Purpose | Data involved |
|---|---|---|
| Supabase | Authentication & account database | Email, account profile |
| Stripe | Subscription billing & payments | Billing details (card data held by Stripe, never by us) |
| Vercel | Website & API hosting | Standard request logs |
| PostHog (EU) | Consent-gated website analytics | Anonymised usage events (opt-in only) |
The complete, current list is maintained in our DPA and provided on request.
Certifications & assurance roadmap
We currently hold none of the certifications below, and we will not claim any of them until it has been formally issued. What we're working toward:
- PlannedIndependent security auditA third-party review of the extension, published in full.
- PlannedISO/IEC 27001Information-security management – the international procurement baseline.
- PlannedISO/IEC 27701Privacy information management, mapped to GDPR.
- ExploringISO/IEC 42001AI management system – responsible-AI governance.
- ExploringEuroprivacy (GDPR)The EDPB-approved European GDPR certification scheme.
- ExploringSOC 2 Type IIExpected by many enterprise buyers, especially in the US.
- ExploringSector schemes (BSI C5, HITRUST)For public-sector / KRITIS and healthcare customers.
Reporting a vulnerability
If you believe you’ve found a security issue, please contact us before disclosing publicly. We aim to acknowledge within two business days and provide an initial assessment within five.
Email: security@sowaprivacy.ai (monitored mailbox; PGP key publication pending – to be added before public launch)
We do not currently run a paid bug bounty programme. We do publicly credit reporters in release notes upon request.
Compliance documentation pack
For procurement and DPO reviews, the following are available on request via the contact form:
- Data Processing Agreement (DPA)
- Sub-processor list
- Audit-log architecture notes
- Penetration-test summary (when available)
For where we stand on formal certifications, see the assurance roadmap above.