ChatShield

Privacy Policy

Last updated: 1 June 2026

Overview

ChatShield is a data loss prevention (DLP) and AI governance tool for professional services firms, particularly in law and accounting. It helps organisations prevent staff from accidentally sharing sensitive client data with AI chat tools such as ChatGPT and Claude.

ChatShield is operated by Lura Labs Ltd (company number 17180996, registered in England and Wales). Lura Labs Ltd is the data controller for personal data described in this policy. For customer-account use of ChatShield, the customer organisation (your firm) is the controller for any data about its staff users processed via the service, and Lura Labs Ltd acts as the data processor.

Our core commitment: your message content never touches our servers. All message scanning happens locally in the browser extension. ChatShield only receives metadata about which rules were triggered, never what was typed.

What Data We Collect

Account Information

When you create an organisation or are invited as a staff member, we store your email address, name (if provided), organisation name, and role (admin or staff). This is necessary to operate the service and manage your team.

Activity Metadata

When the browser extension blocks or warns about a message, it sends a metadata event to our servers containing:

  • Which DLP rule was triggered (rule ID)
  • Which AI tool was being used (e.g. ChatGPT, Claude)
  • What action was taken (blocked, warned, sent, overridden, or reported as false positive)
  • Your user ID and organisation ID
  • A timestamp

This metadata is used to power the admin dashboard, showing which rules fire most often, which team members may need additional training, and whether rules have high false positive rates.

Billing Information

Payment processing is handled entirely by Stripe. We store your Stripe customer ID and subscription ID to manage your plan. We do not store credit card numbers or bank details on our servers. See Stripe's Privacy Policy for how they handle payment data.

Extension Configuration

The browser extension periodically fetches your organisation's DLP rule configuration from our servers. This configuration contains rule patterns and UI settings only. It does not contain any user-generated content. Configuration is cached locally in your browser so the extension continues to work offline.

Cookies and Browser Storage

ChatShield uses a small number of cookies and local storage entries to operate the service:

  • chatshield_session. An HTTP-only session cookie set when an admin signs in to the dashboard. Strictly necessary for authentication.
  • PostHog anonymous identifier. A first-party cookie or local storage entry set by our product analytics provider (PostHog) to count unique visitors and measure conversion. It does not contain personal data unless you sign in. We use the EU PostHog instance.
  • Extension local storage. Inside the browser extension, we store the cached DLP rule configuration and the extension authentication token. These never leave your browser.

We do not use third-party advertising or cross-site tracking cookies.

What Data We Do Not Collect

We take a strict approach to data minimisation. ChatShield does not collect, store, or transmit:

  • Message content. The text you type into AI chat tools is scanned locally in the browser extension and is never sent to our servers, not even in hashed or truncated form.
  • Browsing history or web activity beyond the declared host permissions
  • Keystrokes (beyond interception at the point of message submission)
  • Cookies or session data from AI chat tools
  • Data from websites other than the supported AI tools and the ChatShield splash page

How the Browser Extension Works

The ChatShield browser extension runs as a content script on supported AI chat sites. When you submit a message, the extension:

  1. Intercepts the submission before it reaches the AI tool
  2. Evaluates the message against your organisation's DLP rules, entirely locally in your browser
  3. If a rule matches, blocks or warns about the submission and shows which rule was triggered
  4. Sends a metadata event (rule ID, action, timestamp) to our servers for admin reporting

At no point does the message content leave your browser via ChatShield. The rule evaluation engine runs entirely on your device.

Browser Extension Permissions

The extension requests the minimum permissions required to function:

  • Storage. To cache DLP rule configuration locally and store the extension authentication token.
  • Alarms. To schedule periodic configuration refresh (every 30 minutes).
  • Host permissions for specific AI chat sites (ChatGPT, Claude) and chatshield.ai. These let the extension inject the content script that scans messages before submission.

The extension does not request access to all websites, browsing history, or any other broad permissions.

Third-Party Services

ChatShield uses the following third-party services:

  • Stripe. Payment processing and subscription management.
  • Neon. Database hosting (stores account and activity metadata only). Hosted in the EU.
  • Vercel. Web application hosting.
  • Resend. Transactional email (magic link sign-in, team invitations).
  • PostHog. Product analytics (anonymous event capture; no message content). We use the EU PostHog instance.

We do not sell, share, or transfer user data to any third party for advertising, analytics, or any purpose unrelated to operating the service.

International Data Transfers

ChatShield is operated from the United Kingdom. We prefer EU-based or UK-based infrastructure where available, but some of our processors may transfer or process personal data outside the UK and EEA, principally to the United States. Where this happens, transfers rely on appropriate safeguards under UK GDPR Article 46, such as the UK International Data Transfer Addendum, the EU Standard Contractual Clauses, or an adequacy decision (including the UK Extension to the EU-US Data Privacy Framework).

You can request a copy of the safeguards in place for any processor by contacting privacy@chatshield.ai.

Legal Bases for Processing

Under UK GDPR Article 6, we rely on the following lawful bases:

  • Performance of a contract. Processing necessary to provide ChatShield to your organisation, including account creation, authentication, activity reporting to the admin dashboard, and billing.
  • Legitimate interests. Operating, securing, and improving the service; preventing abuse; and a limited amount of product analytics to understand how the service is used. We have assessed that these interests do not override the fundamental rights and freedoms of the people whose data we process.
  • Legal obligation. Retention of certain records required by UK tax, accounting, and corporate law.
  • Consent. Where required for specific optional features, we will ask for and rely on consent that you can withdraw at any time.

Data Retention

  • Account data.Retained for the duration of your organisation's subscription. Deleted within 30 days of account closure, except where retention is required by law (for example, financial records under UK tax and accounting rules).
  • Activity metadata. Retained for admin reporting purposes for the duration of the subscription. Deleted within 30 days of account closure.
  • Extension data. Cached configuration and authentication tokens are stored locally in your browser and cleared when the extension is uninstalled or the user is removed from the organisation.

Your Rights

If you are in the UK or EEA, you have the following rights in respect of your personal data:

  • Access. Ask for a copy of the personal data we hold about you.
  • Rectification. Ask us to correct inaccurate or incomplete personal data.
  • Erasure. Ask us to delete your personal data where there is no good reason for us to keep processing it.
  • Restriction. Ask us to limit how we process your personal data in certain circumstances.
  • Portability. Ask us to provide your personal data in a structured, commonly used, machine-readable format, or transmit it to another controller, where the processing is based on consent or contract.
  • Objection. Object to processing that is based on legitimate interests, including any direct marketing.
  • Withdraw consent. Where we rely on your consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Automated decision-making. Not be subject to decisions based solely on automated processing that produce legal or similarly significant effects. ChatShield does not currently make any such decisions about individuals.

Organisation admins can remove team members from the admin dashboard, which deletes their account and associated activity metadata. To request deletion of an entire organisation account, or to exercise any of the rights above, contact us at the address below.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your data in accordance with the law. The ICO's website is ico.org.uk. We would appreciate the chance to address your concerns first, so please consider contacting us at privacy@chatshield.ai before raising a complaint.

Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated to organisation admins via email. The “last updated” date at the top of this page reflects the most recent revision.

Contact

If you have questions about this privacy policy or how ChatShield handles your data, contact us at privacy@chatshield.ai.