Customer support AI
Summarize tickets and draft replies without forwarding raw customer PII to the provider.
Product
Prompt-level data protection at the gateway, not scattered across client code.
Privian's prompt security focuses on prompt privacy: detecting and masking personal and sensitive values in prompts before they reach an LLM. It does not claim prompt-injection blocking, jailbreak prevention, or downstream model guarantees.
Definition
Prompt security here means reducing sensitive-data exposure before egress, not defending the model against adversarial instructions.
Prompt security overlaps with LLM security but operates one level closer to the application — at the gateway, where prompts actually leave your network. It is a distinct problem from prompt-injection defense (see scope below).
Scope
These are often conflated. They are not the same problem.
Reduce the sensitive data that ever reaches the provider. Mask names, emails, IDs, secrets at the edge. Rehydrate on the way back. Zero retention.
Defending against adversarial instructions hidden in user input or retrieved documents that try to hijack the model. Privian does not claim to detect or block these. See the glossary entry for context.
How it works
Framework
Receive
Accept the application prompt at the gateway.
Detect
Identify supported personal and sensitive entities.
Protect
Replace detected values before provider egress.
Return
Rehydrate mapped values before the response reaches the app.
Step 1
Your app POSTs a prompt to the Privian gateway with a scoped gateway API key.
Step 2
Personal and sensitive entities are detected in the prompt body.
Step 3
Detected values are replaced with deterministic placeholders for the request.
Step 4
Only the masked prompt is forwarded to the configured provider using your BYOK credentials.
Step 5
The response is rehydrated inside the gateway before returning to your app.
Step 6
The in-request mapping is discarded. No raw prompt or response is persisted.
Example
Before protection
Summarize the account for John Smith at john@example.com.After protection
Summarize the account for PERSON_1 at EMAIL_1.Workflows
Summarize tickets and draft replies without forwarding raw customer PII to the provider.
Let employees query external LLMs from internal data without leaking identifiers.
Ship product AI features over customer data while shrinking provider exposure.
Move quickly on prompt design without skipping data-protection review.
Technical
{TYPE}_{N} shapeTransparency
FAQ
Enterprise review
Related
Scope
Enterprise review
Trust assets procurement and security teams routinely request.
Plans & pricing
Explore plans for teams building privacy-sensitive AI workflows. Privian is in beta — pricing and limits may change.