Sovara Browser · Browser extension for Chrome & Edge

Stop your team leaking secrets, PII and card numbers into ChatGPT.

Sovara Browser checks every draft message against your org policy on your machine, before you hit Send - across ChatGPT, Claude, Gemini, Copilot and Perplexity. The message text never leaves your machine for the check.

Free for individuals. No account, no backend, nothing sent.

The problem

Your team pastes secrets, customer PII and card numbers into AI chat every day - and most DLP never sees it.

People move fast in ChatGPT, Claude, Gemini, Copilot and Perplexity. A support agent pastes a customer's card number to draft a refund reply. An engineer drops an API key into a debugging prompt. A recruiter pastes a candidate's national insurance number. Once it lands in the chat box and they hit Send, it's gone.

Some DLP deployments do not observe the supported AI-chat composers. Some cloud inspection products proxy prompt content for analysis. Sovara takes a narrower approach: it evaluates the draft locally at the point of Send, so the message is not transmitted to Sovara for the policy check.

How it works

01

Policy, set centrally

An admin sets one policy - which detectors block, which warn, which redact. On the free tier the sensible defaults ship built in; on Team and Enterprise the policy is pushed to every seat.

02

Checked locally, before Send

As the message is typed, the extension evaluates it against policy right there in the browser - 12 detectors, 4 decisions. The message text never leaves the machine for the check.

03

Blocked, with an overlay

If it breaches policy, Send is blocked and an overlay explains what and why. Only a metadata-only event (what fired, when - never the text) goes to the dashboard for the audit trail.

Privacy first

0 bytes of message text are sent for the check.

This is the real difference. The policy check runs entirely in the browser, on the user's own machine. Unlike a cloud-inspection flow that uploads prompt content for analysis, Sovara does not transmit the message for its policy check. You can verify that the decision happens before Send.

The current connected Browser client sends metadata only - which detector fired, on which site, at what time, for which managed user identifier. It does not upload message text or a snippet. Browser events are stored in Azure UK South, encrypted, with managed backups, reducing the sensitive content collected for governance evidence.

See it block

A card number and a national insurance number in a draft message - caught and blocked before Send, with the whole check running locally.

Blocked before Send

This message contains a card number and a national insurance number. Your org policy blocks sending these to AI chat.

Edit & removeWhy was this blocked?

Checked locally · 0 bytes of message text sent

Illustrative reproduction of the block overlay. Detectors, verdicts and copy shown are representative.

One evidence model. Two enforcement points.

Sovara Browser governs what people send to AI chat. Sovara Gateway is a separate product that governs what AI agents do when they call MCP tools. They use consistent decision semantics and the same audit-event schema, while policies and audit stores remain separately deployed.

People - Sovara Browser

The extension on every teammate's Chrome or Edge, checking messages against policy before they're sent to AI chat.

Agents - Sovara Gateway

A separate product for AI agents' MCP tool calls - verified identity, policy, masked audit evidence and optional response DLP at the boundary. See the Gateway →

Where Sovara fits

Sovara Browser is deliberately narrower than a broad endpoint-DLP or classifier suite. It focuses on local enforcement in supported AI-chat composers, a usable individual tier and a separate product for the agent-to-MCP boundary.

Privacy-first - 0 bytes of message text sent

The check runs locally; 0 bytes of message text leave the machine for it. This avoids introducing a prompt-upload step solely for Sovara policy evaluation.

A real free tier

A privacy-conscious individual can install it with no backend and no sales call, then a team can add central Browser policy and metadata evidence through a pilot.

A separate agent control point

Sovara Gateway applies consistent decision semantics and the same event schema to agent-to-MCP tool calls. Policies, deployment and audit storage remain separate.

Sovara's claim is not better classification than a dedicated enterprise suite. The positioning is local policy evaluation, coverage across five supported chat sites and a separate Gateway product for agent-to-MCP controls.

Pricing

Free

£0forever, 1 seat

Local checks on your own machine. Works with no backend at all - nothing to set up, nothing sent.

  • All 12 detectors, checked locally
  • Works across ChatGPT, Claude, Gemini, Copilot & Perplexity
  • Block, warn or redact before Send
  • No account, no backend, no message text sent
Install free

Team

from £7per seat / month

Central policy and a shared audit trail for a team that uses AI chat every day.

  • Everything in Free
  • Central policy, pushed to every seat
  • Admin dashboard & metadata-only audit trail
  • Backend in Azure UK South
Start a team pilot

Enterprise

from £15per seat / month

For regulated teams that need Entra ID dashboard SSO, longer retention and deployment options.

  • Everything in Team
  • Entra ID dashboard SSO
  • 365-day event retention
  • Self-hosting available on request
Start a team pilot

Annual billing. Start with a managed 14-day team pilot.

FAQ

Does my message text ever leave my machine?

No. The policy check runs locally in the browser, before Send. The message text is never transmitted for that check. In connected mode, the current Browser client sends decision metadata - which rule fired, on which site, when and for which managed user identifier - but no prompt text or snippet.

Which sites does it cover?

ChatGPT, Claude, Gemini, Copilot and Perplexity. Blocking is verified in real browsers across all five.

What does the backend actually store?

For events submitted by the current connected Browser client: decision metadata only - the fired rule, site, timestamp and managed user identifier - encrypted in Azure UK South with managed backups. The client does not upload message text or snippets.

What does it detect, and what can it do?

It ships 12 detectors - including secrets, PII and card numbers - plus your own custom rules, and 4 decisions: allow, warn, redact and block. It’s a policy engine, not an ML classifier; the pitch is privacy, coverage and self-serve, not out-detecting a classifier.

What does Enterprise SSO cover?

Entra ID SSO authenticates administrators signing in to the Sovara dashboard. It does not verify the managed user identifier supplied by each extension installation. Admin keys remain available for break-glass access; Okta, Google Workspace and SAML are not currently supported.

Can we self-host?

A scoped self-hosted Enterprise deployment is available on request; it is not a self-serve option. Talk to us about your environment, data-residency and retention requirements.

Start a team pilot

Run Sovara Browser with a managed team for 14 days.

The free tier proves the local control on one machine. A pilot adds managed rollout, central policy and metadata-only evidence for your team.