aiia.li
EN DE

§ Work · Live

AIIA Privacy Proxy — your data stays local

Self-hosted privacy gateway for ChatGPT, Claude & Gemini · Data like names, email addresses or bank account numbers are obfuscated before sharing with the cloud LLM

Visit the project ↗ · Read in Deutsch

The problem

Your team already uses ChatGPT, Claude and Gemini every day — and along the way they paste in customer names, salaries, contracts, e-mail addresses and IBANs. Every one of those prompts leaves the company and is processed on a cloud provider's servers, where you no longer control it. Under the GDPR and the Swiss FADP, and in any regulated industry, that is a real and growing risk — and it usually happens quietly, prompt by prompt.

The idea: a privacy proxy that never leaves your infrastructure

A small local server sits between your people and the cloud model. Before a prompt is sent, it automatically detects sensitive data and replaces it with realistic stand-ins (for example Jan Hoffmann → Sönke Stiffel). Only this obfuscated version travels to the cloud. When the answer comes back, the same server restores the real values locally. The cloud model answers correctly — it simply never learns who or what the request is really about.

The values that are actually needed for a correct answer (an income for a tax question, say) are kept, while the identity is removed — so you get useful answers and privacy.

Why every employee needs it

Data protection is only as strong as the most careless prompt. A single person pasting a client list into a chatbot is enough. That is why obfuscation has to be automatic and apply to everyone — wired in as a skill or system-prompt that runs before every request, for the whole team and not just the cautious few. It turns “please be careful with AI” into a guarantee you can actually give.

It runs on your own infrastructure

Everything that touches real data — detection, the secure mapping vault and restoration — runs on a server you control. Real values are never transmitted in clear text and never stored by a third party. Detection runs fully locally (Microsoft Presidio on spaCy), on plain CPU, multilingual, with nothing leaving your network. And it is provider-agnostic: the same proxy protects requests to ChatGPT, Claude, Gemini or any other LLM.

Try it on your own system

We can install a live showcase on your own infrastructure, so you can test it with your own data and watch, step by step, exactly what would — and would not — leave your network. From there it is a short path to a company-wide rollout.