Now onboarding pilot firms in the Nordics  ·  Book 30 minutes →

Your team already uses AI.Now you can prove it's safe.

Sensitive data never leaves the laptop. Your people keep their own ChatGPT and Claude accounts, and you get the audit trail that proves you stayed in control.

Book 30 minutes See it live ↓

Runs in the browser  ·  Metadata only  ·  Hosted in Stockholm

Works with ChatGPT Claude Gemini Perplexity
EU EU data residency · Stockholm GDPR-first architecture DORA & NIS2 evidence exports 100% on-device detection
The problem

Enterprise AI won't stop them using Claude.

0%
It runs on personal accounts.A third of workplace ChatGPT sessions, outside SSO and retention.
80%
It leaks from your best people.Most exposure is staff moving fast, not attackers.
0%
A policy can't prove a thing.Of prompts carry sensitive data, and a document has no record of one.
Cyberhaven Labs, 2026 AI Adoption & Risk Report  ·  Gartner, Market Guide for AI TRiSM

Vaktor closes the gap where it opens, in the browser, before anything leaves the device.

Try it yourself

Type or paste your own.
It never leaves this page.

What you type
What the AI receives

The field above is editable. Masking runs in your browser, which you can confirm in the network tab (F12). The demo recognizes Swedish personnummer, org numbers, IBANs, emails and a sample client list. Demo data uses official Swedish test numbers.

How it works

Live in an afternoon.

01

Install in the browser

One extension per laptop. Your team keeps working on ChatGPT, Claude and Gemini.

02

Mask on the device

Personnummer, org numbers, IBANs and your client names are replaced before the prompt leaves the laptop. The answer still works.

03

Prove it to anyone

Compliance gets a metadata audit trail. Export it when Finansinspektionen, your auditor or a client asks.

Who it's for

Regulated firms in the Nordics.

Asset managers, law firms and fintechs with 30 to 150 people, where one leaked client name can end the relationship. Built for the CEO or CTO who owns the risk: your teams use AI today, and Vaktor lets you say yes on your terms.

Verifiability

Verify it yourself.

Vaktor sits outside the prompt path by design. Detection runs on the device, and our backend receives metadata only. Your security consultant can confirm it with standard network monitoring. The claim is checkable, and that is the point.

Where this goes

One control point,
every AI surface.

The browser is where AI work happens today, so that's where Vaktor starts. The same control point extends to desktop assistants, coding tools and agents acting on your firm's behalf. Govern access, mask what's sensitive, prove what happened. One layer, every model.

Second opinion

Ask the AI your team opened today.

The models know this problem well. Put the question to the tool itself and see what comes back.

Ask ChatGPT Ask Claude Ask Perplexity
The pilot

Four weeks to a
governed rollout.

Week 1

Install across 10 to 25 seats and load your client list. Your team signs into their usual AI accounts and keeps working.

Weeks 2–3

Masking runs live. We tune detection against your real patterns, with a short check-in each week.

Week 4

You get the audit trail export and a joint review: what was masked, what it means for your AI policy, and what a full rollout looks like.

Fixed fee, credited toward the annual plan if you continue.

FAQ

Questions buyers ask us.

What is Vaktor?+
A control layer for AI use in regulated firms. A browser extension masks sensitive data on the device, and a metadata audit trail shows compliance how AI is used across the team. Founded and based in Stockholm.
What does Vaktor store?+
Categories, counts and timestamps. Prompt content stays on the device, so even a breach of Vaktor's own backend would expose nothing your clients told you in confidence. Metadata is hosted in Stockholm.
Which AI tools does it cover?+
Pilots run on ChatGPT, Claude and Gemini in the browser, with each person on their own account. Copilot and Perplexity follow. New surfaces ship as updates to the same extension.
What about desktop apps and coding assistants?+
On the roadmap. Most AI work in our segment runs in the browser today, which is why the pilot starts there. A lightweight endpoint agent for desktop apps and IDE assistants is planned next, and the audit trail is built to cover both from day one.
What does a pilot include?+
10 to 25 seats for four weeks: installation, your client list loaded into detection, weekly tuning, and an audit trail export with a joint review at the end. Fixed fee, credited toward the annual plan if you continue.
Where does this stand with GDPR, DORA and NIS2?+
Masking on the device supports GDPR data minimization before anything reaches a third-country provider. The audit trail is designed to slot into DORA ICT-risk and NIS2 reporting as evidence of technical and organizational measures. Vaktor supplies the measures and the documentation; your DPO keeps the judgment.
Pilot programs are starting now

Bring a prompt your team wrote last week.

30 minutes. We'll show you what would have stayed on the laptop, and what a four-week pilot looks like for your firm.

Book 30 minutes
or email directly: lukas@vaktor.ai