Sovara Browser · Browser extension for Chrome & Edge

Stop your team leaking secrets, PII and card numbers into ChatGPT.

Sovara Browser checks every draft message against your org policy on your machine, before you hit Send — across ChatGPT, Claude, Gemini, Copilot and Perplexity. The message text never leaves your machine for the check.

Free for individuals. No account, no backend, nothing sent.

Coming soon to Chrome & Edge - join the waitlist and we’ll email you the moment it’s live.

Sovara Browser

The problem

Your team pastes secrets, customer PII and card numbers into AI chat every day - and most DLP never sees it.

People move fast in ChatGPT, Claude, Gemini, Copilot and Perplexity. A support agent pastes a customer's card number to draft a refund reply. An engineer drops an API key into a debugging prompt. A recruiter pastes a candidate's national insurance number. Once it lands in the chat box and they hit Send, it's gone.

Traditional DLP either doesn't watch the browser at all, or it works by proxying every prompt through the vendor's cloud to inspect it - so to stop your data leaking, you hand all of it to a third party first. Neither is a good answer for a security team that has to explain where sensitive data goes.

How it works

01

Policy, set centrally

An admin sets one policy - which detectors block, which warn, which allow. On the free tier the sensible defaults ship built in; on Team and Enterprise the policy is pushed to every seat.

02

Checked locally, before Send

As the message is typed, the extension evaluates it against policy right there in the browser - 8 detectors, 4 verdicts. The message text never leaves the machine for the check.

03

Blocked, with an overlay

If it breaches policy, Send is blocked and an overlay explains what and why. Only a metadata-only event (what fired, when - never the text) goes to the dashboard for the audit trail.

Privacy first

0 bytes of message text are sent for the check.

This is the real difference. The policy check runs entirely in the browser, on the user's own machine. Cloud-DLP tools have to send your prompts to their servers to inspect them; Sovara doesn't send them at all. You can verify it - the check happens before anything is transmitted.

The backend stores metadata only- which detector fired, on which site, at what time, for which seat - never the message text. It runs in Azure UK South, encrypted, with managed backups. That's a clean answer to financial-services and regulated data-residency due diligence: the sensitive content was never in scope because it never left the machine.

See it block

A card number and a national insurance number in a draft message - caught and blocked before Send, with the whole check running locally.

Blocked before Send

This message contains a card number and a national insurance number. Your org policy blocks sending these to AI chat.

Edit & removeWhy was this blocked?

Checked locally · 0 bytes of message text sent

Illustrative reproduction of the block overlay. Detectors, verdicts and copy shown are representative.

One policy across people and agents

The browser extension governs what people send to AI chat. The Sovara Gateway governs what your AI agents do when they call tools. Same policy, same audit trail, both halves of how AI touches your data - humans in the browser and agents on the backend. No browser-DLP tool covers the agent layer.

People - Sovara Browser

The extension on every teammate's Chrome or Edge, checking messages against policy before they're sent to AI chat.

Agents - Sovara Gateway

The same governance for AI agents' tool calls - identity, policy, redaction and a full audit trail at the boundary. See the Gateway →

Where Sovara fits

The browser-DLP space - Cyberhaven, Push, Nightfall, Harmonic, Prompt Security, LayerX, Obsidian - is built for enterprise sales: cloud-proxy architectures, priced and packaged out of self-serve reach. Sovara's wedge is three things none of them combine.

Privacy-first - nothing sent

The check runs locally; 0 bytes of message text leave the machine for it. The cloud-proxy tools inspect your prompts on their servers to protect you.

A real free tier

A privacy-conscious individual can install it and be protected in minutes, with no backend and no sales call. That drives bottom-up adoption the enterprise-sales players can’t match.

The agent story

One policy and one audit trail across people (this extension) and AI agents (the Gateway). No browser-DLP competitor governs the agent layer at all.

Those tools are capable products with real detection engineering behind them. Sovara's claim isn't better detection - it's privacy, self-serve, coverage across the five sites, and the agent layer.

Pricing

Free

£0forever, 1 seat

Local checks on your own machine. Works with no backend at all - nothing to set up, nothing sent.

  • All 8 detectors, checked locally
  • Works across ChatGPT, Claude, Gemini, Copilot & Perplexity
  • Block / warn / allow before Send
  • No account, no backend, no message text sent
Join the waitlist

Team

from £7per seat / month

Central policy and a shared audit trail for a team that uses AI chat every day.

  • Everything in Free
  • Central policy, pushed to every seat
  • Admin dashboard & metadata-only audit trail
  • Backend in Azure UK South
Talk to us

Enterprise

from £15per seat / month

For regulated teams that need SSO, retention controls, and governance across people and agents.

  • Everything in Team
  • SSO & retention controls
  • The agent / Gateway layer - one policy across people and AI agents
  • Self-hosting available on request
Request access

Prices are indicative and may change before launch.

FAQ

Does my message text ever leave my machine?

No. The policy check runs locally in the browser, before Send. The message text is never transmitted for the check. The backend only ever receives metadata - which detector fired, on which site, when - never the content.

Which sites does it cover?

ChatGPT, Claude, Gemini, Copilot and Perplexity. Blocking is verified in real browsers across all five.

What does the backend actually store?

Metadata only: the detector that fired, the site, the timestamp and the seat - encrypted, in Azure UK South, with managed backups. No message text, ever.

What does it detect, and what can it do?

It ships 8 detectors - including secrets, PII and card numbers - and 4 verdicts: block, warn, allow, and the recorded audit outcome. It’s a policy engine, not an ML classifier; the pitch is privacy, coverage and self-serve, not out-detecting a classifier.

Can we self-host?

Yes - self-hosting is available on request for Enterprise. Talk to us about your data-residency and retention requirements.

Join the waitlist

Be first to know when Sovara Browser is live.

The Chrome and Edge listings aren’t live yet. Leave your details and we’ll email you the moment they are. Want to talk about rolling it out to a team? Say so in the message and we’ll be in touch.

Already a customer? Sign in to the dashboard →