Is it safe to put company code into Cursor or Copilot?

Not by default. Whatever you paste or open gets sent to the AI provider's servers, including secrets and customer data. Emil sits between your tools and the model and catches API keys, credentials, customer data, and source code before they ever leave.

Can AI coding tools see my API keys and .env files?

Yes, whenever they end up in the files or prompts you send, which is the most common way secrets leak. Emil detects keys, tokens, passwords, and .env values and redacts them before the prompt reaches the model.

Does Emil slow down my AI?

No. Emil screens in the moment and hands the model a clean prompt, so you get the same responses at the same speed.

Does Emil store my prompts or my code?

No. Emil processes your text in memory and keeps only a short screening record (the decision, risk score, and a redacted preview), never the full content. Classification runs on Emil's own infrastructure, is never sent to a third-party model, and is never used for training.

Which tools does Emil work with?

Anything OpenAI-compatible: Cursor, Claude Code, Copilot, Lovable, v0, ChatGPT, Gemini, DeepSeek, Ollama, and self-hosted models. Point your tool at Emil instead of the provider, or use the browser extension if you don't write code.

Do I need to be technical to use it?

No. Developers change one line of config (the base URL). Everyone else uses the one-click browser extension that screens prompts before they reach the AI.

GDPR & AI

Reduce GDPR exposure when your team uses AI

Every prompt with personal data sent to an AI tool is a processing event. Emil detects and redacts personal and special-category data before it leaves, shrinking what you have to account for.

Protect your team For developers

The GDPR problem with AI

Employees paste customer personal data into AI tools — uncontrolled processing and transfer.
Special-category data (health, biometrics) in an AI provider's logs is high-risk under GDPR.
You can't demonstrate data minimization if everything flows into AI chats unredacted.

How Emil helps with GDPR

Detects EU personal data: names, emails, phones, addresses, IDs
Redacts before the prompt reaches the AI — data minimization by default
Flags special-category indicators for stricter handling
Audit trail evidences the control; content itself is never stored

What Emil can't do alone

It doesn't replace your policies, training, or vendor contracts
It can't grant data-subject rights or run risk assessments for you
It's one control within a broader compliance program

Emil is a technical control, not a compliance program. It reduces risk and produces evidence, but duties like consent, recordkeeping, risk assessments, and contracts (e.g. BAAs, DPAs) sit outside any screening layer. Review with counsel.

Questions

Does Emil make us GDPR compliant?

No single tool does. Emil reduces GDPR risk by minimizing the personal data that reaches AI processors and evidencing the control, but rights handling, lawful basis, and DPAs remain your responsibility.

How does it help with data minimization?

Emil redacts personal data before a prompt is sent, so only what's necessary reaches the AI tool — the data-minimization principle applied at the prompt box.

Does Emil store the personal data it sees?

No. It screens in memory and keeps only finding metadata — type and severity — never the personal data itself.

Other regulations

HIPAA GLBA EU AI Act