Scrubly Ai Privacy Shield

Your personal information shouldn't be the price of using AI. Scrubly is a browser extension that automatically detects and scrubs sensitive data from your prompts before they reach ChatGPT, Claude, or Gemini — and seamlessly restores it when the AI responds. Everything happens on your device. Nothing leaves your browser.

—

The Problem:

Every time you paste an email thread, a customer record, a medical note, or a code snippet containing credentials into an AI assistant, that data is sent to a remote server. You might not even notice the phone number buried in paragraph three, the client's full name in the email signature, or the API key you forgot to redact. AI providers may use this data for training, store it in logs, or expose it through data breaches.

You shouldn't have to choose between productivity and privacy.

—

What Scrubly Does:

Scrubly sits quietly in your browser and watches what you type on supported AI platforms. The moment it detects personally identifiable information, it shows a small overlay listing exactly what it found — your name, an email address, a credit card number, a phone number — along with confidence scores for each detection.

You then have two choices:
• Anonymize — Replace all detected PII with safe placeholders like [EMAIL_1], [PERSON_2], [PHONE_3] and review the result before sending.
• Anonymize & Send — Replace and send in one click for a faster workflow.

The AI model receives the sanitized prompt and responds using the same placeholders. Scrubly then automatically swaps the real values back into the rendered response, so you read the conversation naturally — as if nothing was ever changed.

The AI never saw your real data. You never lost context.

—

How De-anonymization Works

After you send an anonymized prompt, the AI responds using the same placeholders: "Sure, [PERSON_1], I've updated the report for [ORGANIZATION_1]. The invoice will be sent to [EMAIL_1]."

Scrubly monitors the AI's response. As new response content appears, it scans for placeholder tokens, looks them up in the current session's mapping table, and replaces them inline with styled highlights. You see the original values with a subtle colored underline hover over any restored value to see which placeholder it replaced.

—

What It Detects — 28 PII Types

Scrubly doesn't just look for email addresses. It covers 28 types of sensitive information:

• Personal identity — Full names, usernames, handles, age, gender, date of birth
• Contact information — Email addresses, phone numbers, physical addresses
• Government IDs — Social Security Numbers, Aadhaar numbers, PAN card numbers (with holder-type validation), passport numbers, driver's license numbers
• Financial data — Credit card numbers, IBANs, bank routing numbers, CVV codes, currency amounts, IFSC codes, bank account numbers
• Network & technical — IP addresses, MAC addresses, URLs
• Health & sensitive — Medical conditions, passwords and credentials
• Organizational — Company and organization names, locations

Every structured detection (credit cards, SSNs, IBANs, Aadhaar) includes mathematical validation — not just pattern matching — so false positives are rare.

—

Encryption & The Vault

When Scrubly anonymizes your prompt, it doesn't just discard the original values. Every mapping between a placeholder and its original text is encrypted using AES-256-GCM

These encrypted mappings are stored locally on your machine. This is the Vault.

From the extension popup, you can:
• Browse past anonymization sessions organized by platform and date
• Decrypt and inspect individual mappings (placeholder → original value)
• Search across sessions
• Delete sessions when you no longer need them

—

Supported Platforms

Scrubly works on the three most popular AI assistants:
• ChatGPT (chatgpt.com and chat.openai.com)
• Claude (claude.ai)
• Gemini (gemini.google.com)

—

Fine-Grained Control

From the Settings panel, you can:

• Toggle per platform — Enable or disable Scrubly for ChatGPT, Claude, or Gemini independently
• Toggle per PII type — Turn off detection for specific types (e.g., keep email detection but disable address detection)
• Adjust confidence threshold — Lower it to catch more potential PII (at the cost of more false
positives), or raise it for fewer, higher-confidence detections
• Control vault capacity — Set the maximum number of stored entries; oldest entries are automatically pruned when the limit is reached