Where does your data go?
Follow a document through your organization and see exactly where sensitive data leaks into AI systems. Click each step to learn more.
📝 Document Creation
When employees create documents, they embed sensitive data everywhere: names, national IDs, contract values, email addresses. But it goes deeper. The document also contains metadata (author name, company, computer info), tracked changes (revision history with names and timestamps), and even hidden text or comments that aren't visible on screen.
☁️ Cloud Storage
Documents in SharePoint, OneDrive, or Google Drive are accessible to anyone with the right permissions, including AI tools. When Microsoft Copilot or similar tools are enabled on these folders, they can read every document in the library. This includes draft versions, old files, and documents with unresolved tracked changes.
🤖 AI Processing
When an AI tool reads your document, the entire content, including metadata, hidden text, and tracked changes, is sent to external servers. This data may be stored, logged, or even used to train future AI models. Once it leaves your network, you lose all control.
Without Sanitica
Client names, national IDs, contract values, trade secrets: all sent to external AI servers. GDPR violation. NDA breach. No audit trail. No way to undo it.
Full Clean Mode
All PII permanently removed at binary level. Names, IDs, salaries, all gone. The AI receives a fully sanitized copy. Best for external AI tools like ChatGPT, Claude, Gemini.
Pseudonymize Mode
Real identities replaced with consistent aliases. “Jón Jónsson” becomes “Individual-A7” across all documents. Context preserved, privacy protected. Best for internal AI like Copilot.
Metadata Only Mode
Tracked changes, comments, author info, and revision history stripped. Visible content stays untouched. Best for client & partner sharing.
How exposed is your organization?
Take our 2-minute quiz to find out your Shadow AI risk score.
Take the Quiz →