Citizens trusted you with their data. AI tools are one paste away.
Across ministries, agencies, councils and public bodies, civil servants already use AI to draft letters, summarise case files and translate documents. The risk isn't that they use it — it's what they paste into it: citizen records, ID numbers, case files, confidential documents. Tracehold catches that on the device, before it ever reaches the AI tool, and maps scattered AI use to GDPR, NIS2, ISO 27001 and SOC 2 — with visibility into your EU AI Act exposure alongside it — through audit-ready reports.
Tracehold catches it before it leaves the browser:
We see what's about to go to AI right where staff work — before it leaves the machine.
By default the prompt never leaves the browser. We only learn the type of finding, how severe it was, and when.
Across 2,200+ recognised AI tools and sites — including the free-form personal data that has no fixed shape.
Built and hosted in the EU, with EU data residency throughout.
Shadow AI doesn't respect departmental boundaries
Generative AI didn't arrive through a procurement process — it arrived through the browser, on every desk, in every agency, all at once. Helpful, fast, and one paste away from sending citizens' data to a third party your organisation never signed a contract with. The intent is almost always to do the job better. The exposure is the same regardless.
Citizen & case data
A caseworker pastes a full citizen record — name, national ID, address, benefits or health notes — into an AI tool to draft a reply. An official summarises an applicant's file. Each one is regulated personal data leaving public control.
Confidential documents
Staff drop internal memos, draft legislation, procurement files, tender evaluations and restricted reports into AI tools to "summarise this" or "tidy up the language." Sensitive policy and personal data go straight into a public model's prompt.
Sprawl across agencies
Dozens of departments, agencies and local bodies, each adopting AI at its own pace with no central view. No one can answer the basic question — who is sending what to which AI tool — so the risk stays invisible until it isn't.
Built to recognise the data a public body can't afford to lose
With 1,600+ detection patterns across 2,200+ recognised AI tools and sites, Tracehold recognises both the structured data with a fixed shape and the free-form personal data that has none.
Citizen & personal data
Names, dates of birth, addresses, national and tax IDs, case references and benefits or health details — including names and addresses that follow no fixed format and slip past pattern-only tools.
Confidential documents
Internal memos, restricted reports, draft policy, procurement and tender files, legal advice and source code — recognised as confidential material so a quick "summarise this" doesn't quietly export it.
Credentials & keys
API keys, access tokens, passwords, private keys and connection strings hidden inside pasted code or config — caught before they reach an AI assistant and become someone else's.
Catches it at the source
Detection runs on the device, in the browser, the moment something is about to be sent to an AI tool — typed, pasted, uploaded as a file, or embedded in a screenshot. The prompt never leaves the browser by default — there's no proxy and no copy of citizen data sitting on our side.
Warn, redact, or block — your policy
Low-risk cases get a clear heads-up. The sensitive part can be stripped so the rest goes through. High-risk pastes are blocked outright, with a message that explains why — so staff learn, not just get stopped.
Covers the whole desk
Beyond the browser extension, Tracehold reaches the desktop, developer and terminal tools, Outlook, and removable media like USB drives — so the protection follows the work, not just one tab.
Named entities you tell it to watch
Add your own list of sensitive names — agency and department names, confidential project codenames, named officials, key contractors — and Tracehold matches them exactly, everywhere they appear, on top of the built-in patterns.
A tool that protects public data — without becoming a foreign dependency
For a public body, where the tool itself lives matters as much as what it does. Tracehold is built and hosted in the EU, with data residency in Europe. And because most of the detection work happens on the device rather than in our cloud, citizen data has nowhere to travel to in the first place.
Built and hosted in the EU
Tracehold is built and hosted in Europe, with EU data residency — so the tool that protects public data doesn't become a new cross-border transfer problem of its own.
On-device language understanding
Pattern, checksum and named-entity detection all run locally in the browser — no text leaves the device for that layer. Only if your organisation opts in to the deeper semantic layer does any text reach a server, and even then it's processed on our own EU infrastructure, never handed to a third-party model.
Metadata-only by default
Even in a managed deployment, only metadata — type of finding, severity, timestamp — reaches the backend. The prompt content itself never does by default.
Built, hosted and run in the EU
Tracehold is built and hosted in Europe, with EU data residency. Detection happens on the device by default, so the prompt stays right where your staff are working — before it ever needs to go anywhere.
No master back door, no "trust us" — the protections are built into how the product works. See how we protect your data →
Uncontrolled AI use touches every framework a public body answers to
Public bodies sit under some of the strictest obligations in Europe. The same paste can trip more than one rulebook at once — and in Spain, the Esquema Nacional de Seguridad sets the bar on top.
GDPR
Pasting a citizen's personal data into a public AI tool can be an unlawful transfer to a third party. Catching it on the device keeps that data from ever leaving public control.
NIS2
Public administrations are in scope for stronger cyber-risk management and accountability. Demonstrable control over how data leaves to AI tools — with an audit trail — is part of showing you manage the risk.
ENS (Spain)
The Esquema Nacional de Seguridad governs how Spanish public bodies protect information and systems. Tracehold is aligned with and mapped to ENS — controlling data flow to AI tools supports those measures. We do not claim ENS certification.
EU AI Act
As public services adopt AI, you need to know where and how it's used, and govern it. Tracehold maps your actual AI use so you can govern it rather than guess at it.
Compliance mapping you can put in front of leadership and auditors
Tracehold maps your real AI exposure to GDPR, NIS2, ISO 27001 and SOC 2, and gives you a live picture of your EU AI Act exposure alongside it. Instead of an annual return, you get a clear, always-current view that updates as your risk does — and the evidence behind it when an auditor or your data protection authority asks.
Risk, not theatre
The mapping reflects what your people are actually doing with AI today — what's being caught, how often, how severe — not a point-in-time checklist that's stale by lunchtime.
Evidence on demand
Every finding leaves an audit trail with just the essentials — type, severity, timestamp — so you can show diligence to an auditor without exposing the underlying data.
Aligned, and honest about it
Tracehold is aligned with and mapped to ENS, PCI-DSS and SOC 2, with ISO 27001 certification in progress. We tell you exactly what is certified and what is mapped — never more.
From "we think we're fine" to "here's the picture"
Most public bodies can't answer a simple question from leadership: how much citizen data is going to AI right now, across our agencies? Compliance mapping answers it — and shows the trend as your controls take effect.
The mapping covers GDPR, NIS2, ISO 27001 and SOC 2 in one view, plus visibility into your EU AI Act exposure. See compliance in depth →
Weeks, not months — no proxy, no network surgery
A public body can't bolt a new inline proxy into its network on a whim. Tracehold rolls out as a browser extension you push with the device management you already run — so the security team stays in control and the network stays untouched.
Pushed via your MDM
Deploy the extension centrally through Microsoft Intune or any standard MDM, tied to your identity provider — Microsoft Entra ID or Okta. No agent your endpoint team has to babysit, no inline gateway.
Start observe-only
Begin in a pilot that watches and reports without blocking anyone. You see exactly what would be caught — and where your real exposure is, across agencies — with zero disruption to the work before you turn on enforcement.
Plugs into your stack
Findings flow to Splunk or Microsoft Sentinel and alerts to Slack or Microsoft Teams. Hosted in the EU with EU data residency throughout.
Start free, scale to governed
Honest, published pricing. Begin on the device for free, add managed visibility and compliance reporting when you're ready.
Free
Runs entirely on the device. No account, no backend — nothing your staff type is sent anywhere.
See what's includedInsight — €40/user·mo
Managed visibility into AI exposure across your agencies, with metadata-only reporting and live compliance mapping.
See InsightGovernance — €60/user·mo
Full enforcement, audit trail and integrations for security and compliance teams that need to prove control.
Talk to our teamWhat public-sector buyers ask first
Does citizen data ever reach Tracehold?
Where is Tracehold hosted, and does it create a new sovereignty risk?
How does it help with GDPR, NIS2, ENS and the EU AI Act?
Are you certified — ISO 27001, ENS, SOC 2?
Can it cover many agencies and departments at once?
How fast can we be protected?
See what your organisation is already sending to AI
Start an observe-only pilot and get a clear, honest picture of where citizen data and confidential documents are leaking to AI tools — across your agencies, with zero disruption to your people. References available under NDA.