1 — Inbound prompt (from your app)
My name is Michael Andersen, email michael@email.com and my SSN is 123-45-6789.
AI Security Layer · Beta
Mask personal and sensitive data before prompts reach GPT, Claude and other models — with PII masking, prompt security and a privacy-first gateway.
Helping AI startups become enterprise-ready: pass security reviews faster, protect customer data, and shorten enterprise sales cycles.
Client Application
Your app or backend
Privian
Mask sensitive data
LLM Provider
GPT · Claude · Gemini
Privian
Rehydrate safely
Client Application
Original values restored
One endpoint. Every major provider. PII masked before it leaves your network, rehydrated on the way back — with BYOK and zero retention by default.
Drop-in compatible with the OpenAI SDK. Swap providers with a single field.
import OpenAI from "openai";
const client = new OpenAI({
apiKey: process.env.PRIVIAN_GATEWAY_API_KEY,
baseURL: "https://api.privian.io/v1",
});
const response = await client.chat.completions.create({
model: "openai/gpt-4o-mini",
messages: [
{ role: "user", content: "Hello, my name is Michael" },
],
});
console.log(response.choices[0].message.content);Use it with
Built with design partners shipping AI into regulated industries
PII masking
The model never sees the original values. Privian detects personal and sensitive data, replaces it with deterministic placeholders, then restores the originals in the response.
1 — Inbound prompt (from your app)
My name is Michael Andersen, email michael@email.com and my SSN is 123-45-6789.
2 — Sent to GPT / Claude (masked)
My name is [PERSON_1], email [EMAIL_1] and my SSN is [ID_1].
3 — Model response (still masked)
Hi [PERSON_1], I've noted the email [EMAIL_1] for follow-up.
4 — Returned to your app (rehydrated)
Hi Michael Andersen, I've noted the email michael@email.com for follow-up.
Placeholders are deterministic within a request, so rehydration is exact. Learn more about PII masking →
How it works
POST to one gateway endpoint with a JSON body — prompt, model and an optional stream flag. The gateway handles provider routing using your BYOK credentials.
PII masking and prompt security happen before the request reaches the model. Detected values are replaced with deterministic placeholders.
Sensitive values are safely restored in the model response so your application receives a normal, correctly-formed answer.
Capabilities
A focused set of primitives for LLM security, prompt privacy and sensitive data masking — composed into a single request path.
Detect and mask personal and sensitive data before prompts leave your perimeter. Deterministic, reversible inside the gateway.
Learn moreGuardrails for prompt content — scoping, validation and policy enforcement at the gateway. Stop prompt-level leaks before they happen.
Learn moreOne JSON endpoint routes prompts to any supported provider using your own keys. Provider-agnostic by design.
Learn moreRaw prompts and responses are not stored. Observability is built from structural counters, not payload bodies — minimal metadata only.
Learn moreEnterprise readiness
AI startup
Ship an AI feature
Security review
Answer the questionnaire
Enterprise approval
Pass procurement
Production deployment
Scale on BYOK
Who Privian is for
Privian fits teams using GPT, Claude and similar models where prompts regularly contain personal or sensitive content.
Trust
What Privian does not do is as important as what it does.
Inbound prompts pass through memory only.
Outbound responses are never persisted.
Provider credentials are yours, encrypted at rest.
OpenAI, Anthropic, Google — no lock-in to one model.
One endpoint, one JSON body — prompt, model, optional stream.
Counters and latencies, never payload bodies.
Transparency
Privian is in beta. Architecture, security model and known limitations are documented publicly — so you can evaluate the product on facts, not marketing.
How the gateway, masking and rehydration fit together.
ReadZero raw prompt retention, BYOK credentials, data handling.
ReadCurrent posture, in-progress controls, planned certifications.
ReadConcepts, quickstart and the gateway API reference.
ReadDeveloper experience
Privian is OpenAI Chat Completions-compatible. Point the OpenAI SDK at https://api.privian.io/v1 and POST model + messages[]. Sensitive values are masked before egress and rehydrated in the response.
curl -sS -X POST "https://api.privian.io/v1/chat/completions" \
-H "Authorization: Bearer $PRIVIAN_GATEWAY_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"model": "openai/gpt-4o-mini",
"messages": [
{ "role": "user", "content": "Email me at michael@email.com about ticket #4821." }
]
}'michael@email.com is masked before reaching the model and rehydrated in the response.
Learn
Deeper reading on each part of the Privian AI Security Layer.
Guardrails and policy enforcement at the gateway.
ReadHow detection, masking and rehydration work.
ReadThe architecture pattern, end to end.
ReadBYOK, provider-agnostic routing, simple JSON contract.
ReadQuickstart, concepts, guides and API reference.
ReadGet started
Protect prompts before they reach GPT, Claude and other models — and give procurement teams the trust artifacts they ask for.