We value your privacy

We use necessary cookies to run the site and, with your consent, analytics and marketing cookies to improve it. You can change your choice anytime. Privacy Policy

  • Security
  • Pricing
Book a scoping call
  1. Help Center
  2. Admin & security
  3. Privacy and data handling
Browse categories
Getting started
Shield Control
Shield Web
Policies & presets
Compliance & frameworks
Admin & security
  • Domain verification and join modes
  • Privacy and data handling
  • Roles and permissions
Troubleshooting
FAQ
Getting started
Shield Control
Shield Web
Policies & presets
Compliance & frameworks
Admin & security
  • Domain verification and join modes
  • Privacy and data handling
  • Roles and permissions
Troubleshooting
FAQ

Privacy and data handling

Updated July 5, 2026·1 min readAll plans

Shield is designed so organizations get governance without reading over anyone's shoulder: content stays on the device, and what admins can see is itself policy-controlled.

What is collected — the short version

Shield records which AI services were used and what kind of action happened (e.g. a prompt was submitted, a paste was blocked) plus, with on-device detection, category labels of sensitive data. Prompts, pasted text, file contents, and the sensitive values themselves are never collected — detection happens locally on the device, and employees see a consent prompt before anything is recorded (details).

Privacy controls for admins

Under Settings → Organization → Privacy you control visibility of employee-level data:

  • Show user-level activity — whether admins can see which employees used each AI app. Aggregate counts are always visible regardless of this setting, so governance metrics don't depend on person-level visibility.
  • Employee opt-out — whether employees may opt out of monitoring themselves, or collection is enforced organization-wide (the managed-deployment model, where the organization consents as controller).

Consent decisions are stored as compliance records, and withdrawing consent is as easy as granting it. In Users & Roles, admins see each member's consent state (Granted / Declined / Not set) and their Incognito coverage.

Audit access and retention

The audit log is the tamper-resistant record of policy-relevant events, exportable as CSV. Retention is plan-based — Starter 90 days, Business 365 days, Enterprise 730 days — with extended retention available as an add-on.

Note: for the legal specifics (roles under GDPR, processing purposes, data-subject rights), see the Qadar AI privacy policy and the Shield Web extension privacy notice.

Was this article helpful?

Related articles

Consent and what data Shield Web collects

Nothing is collected before you consent. Shield records which AI services you use and what kind of action happened — never your prompts or the sensitive values themselves.

Read article

Data types and on-device detection

Which sensitive data Shield recognizes — PII, financial data, source code, secrets — and why the content never leaves the device to be classified.

Read article

Domain verification and join modes

Verify your company domain via DNS TXT record or email, then choose how sign-ups from that domain join: automatically, by approval, or invite-only.

Read article

Roles and permissions

Admin, Security, Auditor, Member — what each role can do and how to change a member's role.

Read article

Still stuck?

Send us the details — we answer within one business day.

Contact support

On this page

  • What is collected — the short version
  • Privacy controls for admins
  • Audit access and retention

Subscribe to our newsletter

Product and governance updates — see our privacy policy.

AI security and control for every model your team uses.

Built in Dubai. Designed for teams operating across regions, models, and regulatory environments.

  • Product

    • Shield Web
    • Shield Control
    • Shield Desktop
    • Shield Mobile
    • Pricing
    • Download
  • Solutions

    • For CISOs
    • For Operations
    • For AI Teams
  • Use Cases

    • AI Governance
    • AI Agent Security
    • LLM Access Control
    • Secure AI Deployment
    • Enterprise Operations
    • Financial Services
  • Resources

    • Help Center
    • Blog
    • Guides
    • Glossary
    • Changelog
    • AI Risk Calculator
    • Compare
    • FAQ
  • Company

    • About
    • Careers
    • Security & Trust
    • Contact
  • Legal

    • Legal
    • Privacy
    • Terms
    • GDPR / DPA

© 2026 Qadar AI. All rights reserved. EU data residency available for Enterprise customers.