Now onboarding pilot firms in the Nordics  ·  Book 30 minutes →

Your team already uses AI.Now you can prove it's safe.

Sensitive data never leaves the laptop. Your people keep their own ChatGPT and Claude accounts, and you get the audit trail that proves you stayed in control.

Book 30 minutes See it live ↓

Runs in the browser  ·  Metadata only  ·  Hosted in Stockholm

Works with ChatGPT Claude Gemini Perplexity
EU EU data residency · Stockholm GDPR-first architecture DORA & NIS2 evidence exports 100% on-device detection
The problem

Enterprise AI won't stop
them using personal accounts.

0%
It runs on personal accounts.A third of workplace ChatGPT sessions, outside SSO and retention.
80%
It leaks from your best people.Most exposure is staff moving fast, not attackers.
0%
A policy can't prove a thing.Of prompts carry sensitive data, and a document has no record of one.
Cyberhaven Labs, 2026 AI Adoption & Risk Report  ·  Gartner, Market Guide for AI TRiSM

Vaktor closes the gap where it opens, in the browser, before anything leaves the device.

No new tool

Same tools. Nothing leaves the laptop.

Your team

Opens the AI they already use

claude.ai

No new login, no new app, no behavior change.

Vaktor, on the device

Strips the sensitive parts

runs locally

Names, personnummer, IBANs and org numbers are replaced before the prompt leaves the machine.

The AI

Sees a clean prompt

answer still works

And compliance gets a metadata trail to export on request.

Live demo

See it strip a prompt live.

What you type
What the AI receives

The field above is editable. Masking runs in your browser, which you can confirm in the network tab (F12). The demo recognizes Swedish personnummer, org numbers, IBANs, emails and a sample client list. Demo data uses official Swedish test numbers.

Who it's for

Regulated firms in the Nordics.

Asset managers, law firms and fintechs with 30 to 150 people, where one leaked client name can end the relationship. Built for the CEO or CTO who owns the risk: your teams use AI today, and Vaktor lets you say yes on your terms.

Verifiability

Verify it yourself.

Vaktor sits outside the prompt path by design. Detection runs on the device, and our backend receives metadata only. Your security consultant can confirm it with standard network monitoring. The claim is checkable, and that is the point.

Vaktor starts in the browser, where the work happens. The same layer is built to reach desktop assistants and agents next.

Don't take our word for it

Ask your AI if we're right.

One click opens a fresh chat with the question already written. The models know this problem well.

Ask ChatGPT Ask Claude Ask Perplexity
FAQ

Questions buyers ask us.

What is Vaktor?+
A control layer for AI use in regulated firms. A browser extension masks sensitive data on the device, and a metadata audit trail shows compliance how AI is used across the team. Founded and based in Stockholm.
What does Vaktor store?+
Categories, counts and timestamps. Prompt content stays on the device, so even a breach of Vaktor's own backend would expose nothing your clients told you in confidence. Metadata is hosted in Stockholm.
Which AI tools does it cover?+
Pilots run on ChatGPT, Claude and Gemini in the browser, with each person on their own account. Copilot and Perplexity follow. New surfaces ship as updates to the same extension.
What about desktop apps and coding assistants?+
On the roadmap. Most AI work in our segment runs in the browser today, which is why the pilot starts there. A lightweight endpoint agent for desktop apps and IDE assistants is planned next, and the audit trail is built to cover both from day one.
What does a pilot include?+
10 to 25 seats for four weeks: installation, your client list loaded into detection, weekly tuning, and an audit trail export with a joint review at the end. Fixed fee, credited toward the annual plan if you continue.
Where does this stand with GDPR, DORA and NIS2?+
Masking on the device supports GDPR data minimization before anything reaches a third-country provider. The audit trail is designed to slot into DORA ICT-risk and NIS2 reporting as evidence of technical and organizational measures. Vaktor supplies the measures and the documentation; your DPO keeps the judgment.
Accepting pilot firms now

Give your team AI,
and the proof you're in control.

A 30-minute call. We show you exactly what would stay on the laptop, on your own prompts.

Book 30 minutes
or email directly: lukas@vaktor.ai