The Privet Philosophy

When the tools outpace the guardrails.

In every era of workplace technology — the rise of email, the cloud, mobile, SaaS — adoption has always run faster than governance. The tools that make people more competitive arrive first; the policies that protect them arrive years later, sometimes only after a public disaster forces them into existence.

AI is the most aggressive instance of this pattern we've ever seen. The productivity gains are sitting on the table — and the people who would benefit most can't safely reach for them.

Privet exists to close that gap, not from the top down but from the bottom up. Not through enterprise contracts that require an IT department to deploy. Not through cloud DLP vendors that re-route your sensitive data through yet another third party. Through a tool that runs on the machine of the person actually doing the work.

We believe the individual professional deserves the same caliber of protection that the Fortune 500 has spent millions on. Security infrastructure should not be a luxury good.

And the market we're building for isn't static. The same AI capability shift that creates the data exposure problem is also lowering the barrier to building software products — which means the number of small, technically lean firms operating with sensitive data is growing rapidly. The individual professional and small-firm market is the fastest-growing slice of software buyers right now, and it's the slice most underserved by existing security infrastructure.

Read the full piece
Vol. 01 — The Founding Note The Privet Philosophy

When the tools outpace the guardrails.

A note on why we believe the individual professional deserves the same caliber of security infrastructure that the Fortune 500 takes for granted — and why we are building it.

Privet, Founding Team Spring 2026 8 minute read

Every productivity revolution leaves a security debt behind it. Email arrived before encryption was practical. Cloud storage arrived before zero-trust was understood. SaaS adoption outran procurement governance for the better part of a decade. In each case, the tools that made people more competitive were the same tools that quietly accumulated risk on their behalf — risk they didn't ask for and didn't always know existed.

Generative AI is the sharpest version of this pattern we have ever seen. The capability arrived at a pace no previous technology shift can match. ChatGPT crossed one hundred million users in two months. Within a year, it was embedded in the daily workflow of accountants, financial advisors, lawyers, doctors, recruiters, paralegals, and finance professionals at companies of every size. None of them asked permission. None of them needed to. The tool was simply too useful to ignore.

And so the question that should have been asked first — what happens to my client's data when I paste it into this thing — was asked last, if at all.

The professionals using AI today are not reckless. They are efficient. They have adopted the most productive workflow available to them. The problem is that the most productive workflow is also the most exposed. From Ayaan Faisal, co-founder of Privet

The cost of the debt

Industry telemetry across 2025 analyzed more than twenty-two million enterprise prompts and found that six consumer AI applications accounted for over ninety percent of observed sensitive data exposure events. ChatGPT alone was responsible for more than seventy percent. The pattern was consistent: employees pasting source code, contract language, customer data, and financial figures into tools they accessed through personal accounts because the personal account was simply faster than waiting for IT to approve the enterprise one.

These were not malicious acts. They were not even careless ones in any meaningful sense. They were the rational behavior of a professional under time pressure, choosing the tool that worked. The exposure was a side effect of the productivity gain — invisible at the moment of the prompt, irreversible the instant the prompt left the device.

70%
Of consumer AI exposure events come from a single product.
44%
Of professionals name data security as their top barrier to AI adoption.
73%
Of accounting firm leaders aren't using AI at all because of privacy concerns.

The third number is the one that should give the industry pause. Nearly three quarters of leaders in one of the professions that would benefit most from AI productivity have chosen, deliberately, to forgo that productivity. The reason isn't ignorance. It's a correct reading of their fiduciary obligations. A CPA who pastes client tax data into a cloud AI product they have not vetted has potentially violated AICPA Code of Professional Conduct provisions on client confidentiality. A financial advisor doing the same has potentially violated their fiduciary duty. A nurse has potentially violated HIPAA.

The productivity is sitting on the table. The people who would benefit most cannot safely reach for it. This is the security debt of the AI era, and it is being paid in foregone competitiveness by exactly the professionals who can least afford to fall behind.

Why existing solutions don't reach them

The data loss prevention industry exists. Microsoft, Nightfall, Lakera, Liminal, Polymer, and a handful of others have built credible products for the AI prompt protection problem. They are designed for one specific buyer: the enterprise security team at a company large enough to have one. They are priced for that buyer. They are deployed by that buyer. They presume a security architecture, an IT department, and a procurement process that exists at companies above a certain size — and simply does not exist below it.

The newest entrant, Liminal.ai, is perhaps the most instructive example. They have built what is arguably the closest product to what we are building: a middleware layer that intercepts prompts, cleanses sensitive data before it reaches the LLM, and rehydrates protected terms in the response. They are model-agnostic, support multiple deployment modes, and have raised over seventeen million dollars. They are also exclusively enterprise. Their platform requires organizational deployment, routes data through their cloud for inspection, and is sold through B2B contracts with no individual or small-firm tier. In other words, the technology to solve this problem exists — and it has been packaged, once again, exclusively for the buyer who already has a security budget.

A managing partner at a twelve-person accounting firm does not have a CISO. They do not have an IT department. They cannot deploy Microsoft Purview because they are not on the M365 E5 tier that Purview is bundled into, and they cannot justify the upgrade for a single feature. They cannot deploy Nightfall because the annual contract value starts at eight thousand dollars and the deployment requires technical integration work they do not have the staff to perform.

So they do what makes sense: they tell their staff not to paste sensitive data into AI tools, they hope the staff complies, and they hope the staff is right about what counts as sensitive. The protection mechanism is a policy document and a trust exercise. This is not a system. It is the absence of one.

What we believe

Privet exists on the premise that the individual professional deserves real protection — not policy documents, not trust exercises, not "be careful out there." We believe security infrastructure for AI should be something a single professional can install on a Tuesday afternoon and have running by Wednesday morning. We believe the protection should be invisible to their workflow, indifferent to which AI tool they prefer this month, and unable to expose them to a third party in the very act of trying to protect them.

The technology to do this exists. It just hasn't been packaged for the people who need it. The semantic detection models that catch contextually sensitive data run on consumer hardware now. The cryptographic primitives for local audit logs are mature. The local proxy architecture is well-understood. The only reason a product like this didn't exist before is that the security industry's gravity has always pulled toward the enterprise — because the enterprise is where the budget is.

We're building against that gravity. Security infrastructure should not be a luxury good. The accountant whose client called them this morning to ask about a tax matter should be able to use AI to research the answer without committing a confidentiality breach as a side effect. The advisor analyzing a client's portfolio should be able to ask the model for a second opinion without sending the portfolio to a third party. The nurse drafting a patient communication should be able to use AI for clarity without exposing protected health information.

None of this requires a Fortune 500 budget. It requires a tool designed for them.

The market isn't static

There is a second argument for why this product exists now, and it comes from the same root cause as the first.

The AI capability shift that creates the data exposure problem is also lowering the barrier to building software products. The technical threshold for shipping a working application has dropped dramatically. One-to-five-person teams can now build and deploy products that would have required a real engineering organization two years ago. AI-built legal tech startups. Solo-founder fintech. Small healthcare practices running vibe-coded internal tools. Indie SaaS handling customer financial data. The number of small, technically lean firms operating with sensitive data is not static — it is growing rapidly, and it is growing because of the same forces that make Privet necessary.

Two trends, same root cause, both pointing at the same buyer. The individual professional and small-firm market is the fastest-growing slice of software buyers right now, and it's the slice most underserved by existing security infrastructure. — Privet Thesis Update

The original framing of this company was defensive: Microsoft built for enterprise, nobody built for individuals. That remains true. But the expanded version is offensive. The addressable market we are building for is not a residual category left behind by enterprise vendors — it is the fastest-expanding segment of the software economy, and it is structurally underserved by every security product on the market.

Every new small firm that ships a product handling client data, every solo practitioner who adopts AI for their practice, every independent advisor who starts using an LLM to draft client communications — each one is a potential Privet user who did not exist eighteen months ago. The TAM is not something we need to carve out of enterprise budgets. It is being created in real time by the same technological shift we exist to address.

Written from the founding desk — with the conviction that the next generation of professional software should be built for the person doing the work, not the procurement officer signing the contract. Ayaan Faisal, Founder
The Tenets

Four non-negotiables.

The principles every decision at Privet — engineering, product, pricing, partnerships — is evaluated against. In order.

i.

User-first by construction.

The individual professional is the primary user, not the IT administrator. Every interface, default, and onboarding decision optimizes for one person installing the product themselves. If a decision serves the admin at the expense of the user, the user wins.

ii.

No trust delegation.

Sensitive data is processed on the user's device. We do not operate servers that touch user prompts, and we never will. A product that asks you to trust another cloud to protect you from cloud risk is solving a different problem than the one we set out to solve.

iii.

Provider-indifferent forever.

Privet works with whatever AI tool the user prefers — and whichever AI tool they switch to next year. We have no incentive to push them toward any specific provider, and our architecture makes provider-agnosticism a structural property, not a feature flag.

iv.

Invisible until needed.

The product earns its keep by not getting in the way. No flagging dialogs, no manual review queues, no "are you sure?" prompts. Protection happens silently in the background, and the user sees a complete, accurate AI response that is indistinguishable from unguarded use.

If this resonates, we'd like to hear from you.

We're admitting pilot users in waves. Accountants, financial advisors, corporate finance teams, and healthcare professionals get priority.

Join the waitlist See how it works