The webinar was held on 11 June 2026
AI has already moved into many organisations. Not necessarily as a large strategic project, but often through small, practical everyday needs: an employee wants to summarise a text, draft a message, analyse a document or get help with a task that would otherwise take a long time.
That makes sense. AI can create a lot of value. But when it is used without clear frameworks, approved tools and visibility, new risks appear.
In our webinar about safe and compliant use of AI in organisations, we walked through how organisations can reduce the risks of AI use without stopping it. The focus was especially on shadow IT, unintended data sharing, compliance, governance and technical guardrails.
The most important point is that AI use should not be stopped - it should be governed.
Many employees already use AI tools because they make work faster and easier. If the organisation does not provide a safe and usable alternative, some employees will find their own solutions. That creates shadow IT and makes it harder to protect data, comply with rules and maintain oversight.
In the webinar, we highlighted four main risks when AI is used without governance:
Legislation and compliance: AI use can touch the AI Act, GDPR and sector-specific legislation, especially if employees use sensitive information in tools that have not been approved.
Unintended data sharing: Confidential documents, personal data, contracts or internal strategies can end up in open AI tools if users are not guided or stopped in time.
Vendor lock-in: Organisations can become unnecessarily dependent on one supplier, one platform or one ecosystem if AI workflows are built too tightly around individual tools.
Lack of governance: Without shared frameworks, login, logging and visibility, it becomes difficult to document how AI is used and who is responsible if something goes wrong.
That is why we recommend a combination of three things: clear guidelines, a safe AI alternative that employees actually want to use, and technical guardrails that reduce risk in practice.
Promte Guardrails is our answer to the technical part of the solution. It can filter text and files before they are sent to AI tools, block non-approved services and give the organisation aggregated visibility into AI use - without individual monitoring.
You can read the full walkthrough below, slide by slide.
AI is no longer something that only belongs in development departments or strategic innovation projects. It has become a tool that many employees already use - or want to use - in their daily work.
The question is no longer whether organisations should relate to AI. The question is how they do it in a way that is safe, useful and compliant.
The webinar covered six areas:
The central thread was simple: AI use should not be stopped. It should be made safe.
Promte is a modular AI platform built for organisations that want to use AI in a safe and controlled way.
Our background is in data, business intelligence and software, where transparency, data quality and security have always been essential. We have brought those principles into our work with AI.
Safe AI use is not only about which model you use. It is also about where data is processed, how users work with AI, which tools are approved and whether the organisation has visibility into overall use.
When AI is used without clear frameworks, several risks appear:
Legislation and compliance
Organisations can break rules if AI is used without an understanding of relevant requirements.
Unintended data sharing
Employees can share confidential information, personal data or business-critical information in tools the organisation does not control.
Vendor lock-in
Workflows can become tied to specific suppliers or platforms that are hard to move away from later.
Lack of governance
Without central governance, it is hard to know who uses which AI tools, for what purpose and on what basis decisions or outputs are created.
AI use can quickly move into a legal grey zone. Organisations must consider the AI Act, GDPR and any sector-specific rules, for example in employment, social services, health or other regulated areas.
The risk appears when employees use AI without knowing the boundaries. That could be an employee uploading case material, internal documents or personal data to an open AI tool without knowing whether it is allowed.
One of the most concrete risks of uncontrolled AI use is unintended data sharing.
This can happen when an employee copies text into an open AI tool to summarise, rewrite or analyse content. The text may contain personal data, confidential information, contract terms, strategic plans or other information that should not be shared outside approved systems.
The same applies to files. Once data has been sent to an external service, the damage may already be done. The best approach is to reduce the risk before data leaves the user's device.
The AI market is developing quickly, and many of the most widely used solutions come from large international technology suppliers.
That is not a problem in itself. Many of the tools are strong and create real value. But a risk appears if the organisation's workflows, data and processes become so tightly connected to one supplier's ecosystem that it becomes difficult to change later.
AI strategy should therefore account for flexibility from the beginning.
When employees use AI tools on their own, without central login, logging or shared frameworks, the organisation loses visibility.
It becomes hard to answer questions such as:
Governance is not about monitoring employees. It is about ensuring responsible use, transparency and the ability to follow up if mistakes happen.
The risks usually do not appear through large, formal decisions. They appear in everyday work.
An employee finds a useful tool. A task needs to be solved quickly. An open AI tool gives a good answer. Suddenly the organisation's data, workflows or assessments have moved outside the systems that IT, security and management can oversee.
That is where shadow IT enters the picture.
Shadow IT is the use of digital tools outside the organisation's approved systems and processes.
With AI, the issue is especially relevant because the tools are easy to access, often free or inexpensive, and immediately useful. An employee can create an account in minutes and start using AI for work that would otherwise take a long time.
The solution is not only to block. It is also about giving employees safe tools that are good enough to actually be used.
In the webinar, we showed examples of AI shadow IT as a real and growing problem.
The point is not only that many employees use AI. The point is that much of the use happens outside the organisation's official frameworks.
Organisations should not only ask: "Do we have an AI policy?"
They should also ask: "Do we have a safe alternative that employees actually use?"
There is no single solution that removes every risk related to AI use. But organisations can reduce risk significantly.
First, employees need education and clear guidelines. It should be clear which data may be used in which tools, and what should be avoided.
Second, the organisation should provide an approved AI platform that is good enough for employees to choose it.
Finally, organisations can use technical guardrails, such as filtering text and files before data is sent, or blocking non-approved AI services.
The best results usually come when organisational and technical measures are combined.
Promte Guardrails is our approach to reducing the risks of AI use without stopping AI use.
The solution consists of three core parts:
Filtering text and files before data is sent to Promte
If a user is about to write or upload something that looks like personal data or other sensitive information, the user can be warned or blocked before the content is sent.
Guardrails on other AI tools through a browser extension
Promte Guardrails can also be used outside Promte through a browser extension. It can warn or block users when they try to send sensitive content to selected AI services.
Aggregated visibility into AI use
The organisation can gain insight into which types of AI services are used, without monitoring individual employees.
An important principle is that filtering happens directly on the user's device. It does not use AI to assess the content, and data is not first sent to an external model to determine whether it is sensitive.
In the demo, we showed how guardrails can be configured and used in practice.
In Promte, guardrails can be configured at assistant level, and the organisation can choose which types of information the system should react to, such as CPR numbers, addresses, names or other patterns.
Organisations can also create custom rules for specific terms, codes, internal labels or data types they want to protect.
The same approach can be extended to other AI services through the browser extension.
The purpose of Promte Guardrails is not to prevent AI use.
The purpose is to create control without slowing down the value AI can provide.
The solution works with four principles:
That balance matters. If you only block, users often find a way around it. If you only inform, guidelines may not be followed in practice. But if you combine good alternatives, clear rules and technical guardrails, safe AI use becomes much more realistic.
Promte Guardrails works through a browser extension for Chrome and Edge that can be installed centrally in the organisation.
The extension can recognise selected AI services and either block access or filter text and files before they are sent.
If an employee tries to upload a file or send a message with personal data to an open AI tool, the solution can warn the user or block the action depending on the organisation's policy.
A central part of Promte Guardrails is the ability to get visibility into AI use across the organisation - without monitoring individual employees.
Data is shown at an aggregated level. This means the organisation can see patterns in use, but not follow a specific person's behaviour.
This can answer questions such as:
Guardrails are not a 100 percent secure solution. It is important to be honest about that.
A filter can reduce risk. It can catch many mistakes, warn users before they send unsuitable content, block selected tools and create better visibility.
But it does not solve the whole problem alone.
Organisations still need clear guidelines, employee training, good governance and a safe AI alternative that employees actually want to use.
Promte Guardrails and the browser extension are made available free of charge to organisations - even if they are not already Promte customers.
We do this because the work of recognising and filtering sensitive information is already part of the Promte platform. We also believe more organisations need better tools to handle shadow AI and reduce the risks of uncontrolled use.
The most important thing is that the organisation does not only say no. It also needs to point to a safe way forward.
AI can create great value in organisations. But that value should not come at the expense of security, compliance or governance.
When employees lack clear frameworks and usable alternatives, shadow IT grows. When the organisation combines education, approved AI tools and technical guardrails, it becomes possible to use AI more safely and responsibly.
Promte Guardrails was built for exactly that purpose: to give organisations more control without stopping AI use.
Do you want to hear more about how Promte Guardrails can be used in your organisation?
Book a meeting with us, and we will show you how it works in practice and how you can get started testing Promte Guardrails for free.
