← Back to Blog
·10 min read·MyYaad Team

How MyYaad Protects Your Personal Data When You Use AI Chatbots

MyYaadAI privacyshadow datapersonal data protection

AI chatbots are incredibly useful, but they create a simple everyday problem: the more useful you want them to be, the more context you are tempted to give them.

A lawyer may paste client details. An accountant may paste tax references. A landlord may paste tenant names and addresses. A consultant may paste project notes, emails, invoices, or internal documents.

That context helps the AI give a better answer — but it also means real personal or professional data may leave your machine and reach an AI provider.

MyYaad is built around one idea:

You should be able to use AI with real context, without handing over the real data.

The Core Idea: Shadows, Not Secrets

Before your prompt reaches ChatGPT, Claude, Gemini, or another AI chatbot, MyYaad checks it locally on your device.

If it finds personal data, it swaps the real value for a realistic fake value — what we call a shadow.

For example:

Real prompt:
Please draft an email to Sarah Chen at sarah.chen@example.com about invoice 12345.

What the AI sees:
Please draft an email to Nina Patel at nina.patel@gmail.com about invoice 12345.

The AI answers using the fake details.

When the reply comes back, MyYaad restores the real values locally in your browser, so you see the useful answer with your original context back in place.

The important part:

  • The real data stays on your device.
  • The AI provider sees only the shadow values.
  • Each AI provider gets different fake values.
  • You see a pre-send preview before anything is sent.

So the same real person might become “Nina Patel” in ChatGPT and “Laura Khan” in Claude. That makes it much harder to correlate your identity or your clients across providers.

The Two-Layer Mental Model

MyYaad protects your prompts using two layers.

Layer 1: Universal Detection

This layer is always on. It needs no setup.

MyYaad scans for personal data that has recognisable patterns, such as:

  • emails
  • phone numbers
  • SSNs
  • credit card numbers
  • national insurance numbers
  • other structured identifiers

These are caught by shape. If something looks like an email address or a credit card number, MyYaad can detect it without you saving it first.

This applies to typed prompts and to documents you attach.

Layer 2: Your Vault

Some sensitive data cannot be reliably detected by shape.

A name does not look special. An address may look like ordinary text. A client name, tenant name, case reference, or internal phrase may only be sensitive because you know what it means.

That is what the Vault is for.

You save the things you want MyYaad to recognise and protect:

  • names
  • addresses
  • client details
  • project names
  • custom phrases
  • private notes
  • business-specific identifiers

By default, your whole Vault is protected.

That means if you saved “Sarah Chen” in your Vault, MyYaad can protect it even though “Sarah Chen” does not have a special pattern like a credit card number.

Diagram 1: The Two Layers

MyYaad has an always-on universal detection layer and a user-controlled vault layer, with bundles acting as a filter on the vault.

How the Flow Works

The experience is designed to be simple.

You type normally in the chatbot. MyYaad quietly checks the prompt before it leaves your browser.

If everything is safe, you can send.

If MyYaad finds something important, you see a preview first:

You typed:
Ask Sarah Chen to review the tax return.

AI will see:
Ask Nina Patel to review the tax return.

If something is uncertain, MyYaad tells you. It does not silently pretend something is protected when it is not.

That preview is the trust moment. It shows exactly what the AI will receive.

Diagram 2: From Prompt to Protected AI Reply

MyYaad checks the prompt locally, shows a preview, sends only the shadowed prompt to the AI, then restores real values locally in the browser.

Why Bundles Exist

If you are a general user, you may never need bundles. You can simply let the whole Vault be protected.

But professionals often need separation.

Imagine an accountant working with two clients:

  • Client A: Brightstone Ltd
  • Client B: Northmere Foods

Both are saved in the Vault. Without a bundle, MyYaad protects both.

That is fine for general protection, but when working on Client A, the accountant may want MyYaad to focus only on Client A’s context.

That is what a bundle does.

A bundle is a named slice of your Vault.

  • No bundle active = whole Vault protected.
  • Client A bundle active = only Client A entries protected.
  • Anything outside the active bundle is flagged as “not protected” and held for your confirmation.

This matters because it prevents accidental context mixing.

For example, if Client B’s details appear while Client A’s bundle is active, MyYaad does not silently send them. It warns you.

Diagram 3: No Bundle vs Client Bundle

With no bundle, the whole vault is active. With a Client A bundle active, only Client A entries are protected and other vault values are flagged for confirmation.

What Stays on Your Device?

MyYaad runs through a companion desktop app and browser extension.

The desktop app holds the local Vault and performs the protection work. The browser extension intercepts the prompt, asks the local app to protect it, and then sends only the shadowed version to the AI provider.

Your real data stays local.

The AI provider receives the fake version.

The reply is restored locally in your browser.

FAQ

1. Do I have to set anything up?

For Layer 1, no. Universal detection is always on for common pattern-based data like emails, phone numbers, SSNs, credit cards, and national insurance numbers.

For Layer 2, yes. If you want MyYaad to protect things that only you know are sensitive — such as client names, addresses, project names, or custom phrases — you add them to your Vault.

2. What if I forget to save something in the Vault?

Layer 1 may still catch it if it has a recognisable pattern, such as an email or phone number.

But if it is something like a person’s name or client nickname, MyYaad may not know it is sensitive unless you saved it. That is why the pre-send preview matters. You should always review what the AI will see.

3. Does MyYaad slow down my answers?

The protection step happens before the prompt is sent. In normal use, the aim is for this to feel quick and lightweight. You still use the chatbot normally, but with a safety check before send.

4. Can MyYaad see my data?

MyYaad runs locally on your own device. The desktop app needs access to your Vault so it can protect your data before prompts are sent. The important distinction is that your real data is not sent to the AI provider.

5. Why use different fakes for different chatbots?

If ChatGPT and Claude both saw the same fake name for the same real person, that fake could become a link between providers.

MyYaad avoids that by giving each provider different shadow values. The same real data becomes different fake data depending on the AI provider.

6. What about documents?

MyYaad also checks attached documents for pattern-based personal data and saved Vault values. That is especially useful for professionals working with spreadsheets, client documents, student records, or case notes.

7. What happens when I switch clients?

If you use bundles, switching clients changes which slice of your Vault is active.

When Client A is active, Client A entries are protected. If something from Client B appears, MyYaad flags it as outside the active bundle and holds the send for your confirmation.

Layer 1 still runs underneath either way.

8. Is my Vault encrypted?

MyYaad is local-first: your data stays on your device and is protected by your operating system’s file security. The main privacy protection is that real data is swapped before it reaches AI providers. We avoid treating local storage as a substitute for careful prompt previewing, so the pre-send check remains the important habit.

9. Can I send the real value if I want to?

Yes, but the point of MyYaad is to make that a conscious choice. If something is going out as real text, the preview should make that clear before you send.

10. What if MyYaad is unsure?

Uncertain items should be shown honestly. MyYaad should not label something as protected unless it has actually been protected. If something is possible personal data but not protected, you should see that clearly before sending.

Honest Status

MyYaad is early software.

It is strongest when protecting structured data, pattern-based personal information, and entries you have saved in your Vault.

The most important habit is simple:

Review the pre-send preview.

That preview shows what the AI will actually see. If it looks right, send. If something is raw that should be protected, add it to your Vault, switch bundles, hide it, or hold the send.

MyYaad is designed for people who want the benefit of AI without casually handing over real personal or professional data.

Set it up once with the desktop app and browser extension, then use AI normally — with a local privacy layer between your real data and the chatbot.