We value your privacy

We use necessary cookies to run the site and, with your consent, analytics and marketing cookies to improve it. You can change your choice anytime. Privacy Policy

  • Security
  • Pricing
Book a scoping call
  1. Help Center
  2. Policies & presets
  3. Data types and on-device detection
Browse categories
Getting started
Shield Control
Shield Web
Policies & presets
  • Apply policy presets and bundles
  • Create a policy
  • Data types and on-device detection
  • Enforcement modes explained
Compliance & frameworks
Admin & security
Troubleshooting
FAQ
Getting started
Shield Control
Shield Web
Policies & presets
  • Apply policy presets and bundles
  • Create a policy
  • Data types and on-device detection
  • Enforcement modes explained
Compliance & frameworks
Admin & security
Troubleshooting
FAQ

Data types and on-device detection

Updated July 5, 2026·1 min readAll plans

Data-typed policies act on what is actually in a prompt — not just on the fact that someone used an AI tool. That requires detection, and Shield's detection runs where the data is: on the device.

The data types

When building a policy you select the data types it covers:

  • PII (personal data) — email addresses, phone numbers, national and tax IDs. (IBAN and card numbers are covered by Financial data.)
  • Financial data — IBAN, credit and debit card numbers, BIC/SWIFT, routing numbers.
  • Source code — code blocks, function and class definitions, script syntax.
  • Secrets / credentials — API keys, access tokens, JWTs, private keys.
  • PHI (health data) and Contracts — on the roadmap; shown in the picker as coming soon.

An All data types option exists for broad policies.

On-device detection

Detection runs locally in the browser, via Shield Web. The content of a prompt or paste is never sent to a server to classify it — only the resulting category labels (for example pii, secrets) travel with the audit event, never the values themselves. That is what makes data-typed enforcement compatible with the consent guarantees.

Admins control this under Settings → Governance → On-device content detection (recommended, and on by default). With detection off, data-typed policies match all content — which over-warns — so leave it on unless you have a specific reason not to.

How it plays with enforcement

Combine data types with enforcement modes for precise rules: transform PII before it reaches a chat window, block secrets outright, warn on source code. Your organization's starter policies are exactly such combinations.

Was this article helpful?

Related articles

Create a policy

Build a policy from the five layers — tools, data types, actions, context, enforcement — and activate it for your organization in minutes.

Read article

Enforcement modes explained

Observe, Warn, Justify, Transform, Block — what each mode does, what your team experiences, and when to use which.

Read article

Consent and what data Shield Web collects

Nothing is collected before you consent. Shield records which AI services you use and what kind of action happened — never your prompts or the sensitive values themselves.

Read article

Apply policy presets and bundles

Deploy compliance-ready policies from the preset library — EU AI Act, GDPR, DIFC, Korea AI Basic Act, US AI in Employment, and ISO 42001/NIST bundles.

Read article

Still stuck?

Send us the details — we answer within one business day.

Contact support

On this page

  • The data types
  • On-device detection
  • How it plays with enforcement

Subscribe to our newsletter

Product and governance updates — see our privacy policy.

AI security and control for every model your team uses.

Built in Dubai. Designed for teams operating across regions, models, and regulatory environments.

  • Product

    • Shield Web
    • Shield Control
    • Shield Desktop
    • Shield Mobile
    • Pricing
    • Download
  • Solutions

    • For CISOs
    • For Operations
    • For AI Teams
  • Use Cases

    • AI Governance
    • AI Agent Security
    • LLM Access Control
    • Secure AI Deployment
    • Enterprise Operations
    • Financial Services
  • Resources

    • Help Center
    • Blog
    • Guides
    • Glossary
    • Changelog
    • AI Risk Calculator
    • Compare
    • FAQ
  • Company

    • About
    • Careers
    • Security & Trust
    • Contact
  • Legal

    • Legal
    • Privacy
    • Terms
    • GDPR / DPA

© 2026 Qadar AI. All rights reserved. EU data residency available for Enterprise customers.