Skip to main content
Shadow AI is built so that content is inspected on the device and the raw content stays there. What gets recorded and what — if anything — leaves your network depends on the deployment mode you choose.

The data lifecycle

1

Inspected locally

Every paste, prompt, or upload to a covered AI vendor is inspected on the employee’s own device. The agent extracts text (including from PDF, DOCX, XLSX, and plain-text files) and runs on-device secret and PII detection — entropy plus known-prefix matching — before anything is sent.
2

A verdict is produced

The agent gets a verdict from the remote /guard engine (8-second timeout, fails open). Secrets are blocked and PII is redacted on the device, so raw sensitive values are never transmitted.
3

Only verdict + masked metadata is logged

What’s recorded is the verdict, threat type, and masked metadata — not the raw prompt. The local event log is PII-redacted.

Where the data lives

Events are written to a local SQLite event log on the device, with PII redaction applied. This log is the system of record for activity on that machine. What reaches the cloud depends on your deployment mode:
ModeWhat leaves the device / network
Cloud (default)Events are forwarded to the PromptGuard cloud dashboard.
HybridScanning runs on your servers; only verdicts/metadata flow to the cloud dashboard. With FORWARD_MODE=metadata, no prompt content ever leaves your network.
Air-gappedNothing leaves — a local dashboard reads the local event log; transfer between sites is via signed bundles only.
See Deployment Modes for the full configuration.
Content inspection is local in every mode. The deployment mode controls what happens to the verdict and metadata afterward — not whether your raw content is shipped off the device for scanning.

Retention

  • Local event log: retained on the device until the agent is uninstalled (pgshadow uninstall deletes it; --keep-data retains it).
  • Cloud dashboard: events follow your plan’s log-retention window — see the pricing page (24 hours / 7 days / 30 days / custom).
  • Air-gapped: retention is whatever your local instance is configured for; nothing is held in our cloud.

Subject rights (GDPR / CCPA)

PromptGuard supports data-subject rights for the activity it records:
  • Access / export — export the events attributable to a given device or employee.
  • Deletion — delete a subject’s recorded events.
On the desktop, deleting local data is immediate via pgshadow uninstall. For cloud and hybrid deployments, export and deletion are available through the platform’s GDPR endpoints (Enterprise) — see Audit Logs and Compliance. For a specific request or a DPA, contact support@promptguard.co.

Audit trail

Verdicts across every surface (desktop · browser · sdk · proxy) roll up into one audit trail in the dashboard, attributable per device in a fleet. For tamper-evident, hash-chained audit logs see Audit Logs.

Next steps

Deployment modes

Cloud, hybrid, or air-gapped — controls what leaves your network.

Known limitations

What’s out of scope, including image OCR.