CAPABILITIES
Send sensitive work where it belongs.
Data boundary control decides where AI work is allowed to go, based on the sensitivity of the data, before that work reaches a model, tool, or vendor environment.
Privacy is not a slogan. It is a routing and data-boundary decision.
One policy for all AI work does not fit
A public drafting request and a confidential contract review should not follow the same path. Blanket rules fail both ways. Ban everything and people work around you. Allow everything and sensitive data reaches the wrong place.
The practical model is policy-aware dispatch: classify the work, then route it by clear rules.
What RouteFreely is designed to do
- local-only routing that keeps sensitive requests inside approved private or local environments
- remote-allowed routing that lets lower-risk work use external models when acceptable
- privacy classes and per-virtual-model privacy behavior, so different routes carry different rules
- a privacy pipeline designed to detect, classify, redact, and anonymize sensitive information before dispatch
- MCP access control, so sensitive tools are not exposed to everyone
Detection, redaction, anonymization, and local-only routing are control mechanisms, not guarantees of total privacy. Parts of the privacy pipeline are planned or partially implemented. We describe them as designed for and in progress, not finished.
Keep knowledge separated by domain
In ChatFreely, domain isolation for retrieval is designed to keep accounting, HR, legal, and engineering knowledge separated by business domain, so users retrieve only from sources they are authorized to use. RAG enforcement is planned rather than shipped in the first wave.
Client work
A generic proposal outline can use a standard route. Client pricing and contract history can require a restricted route or human review.
Source code
Public examples may be low risk. Proprietary code can follow a stricter model and tool policy.
Redaction is a control, not a cure
Sensitive fields can sometimes be removed or masked before a request leaves the boundary. That is useful. It is one control among several, not proof that data is fully protected.
What we do not claim
We do not claim total privacy, complete protection, or zero risk. ThinkFreely helps reduce unmanaged exposure by putting classification, routing, and access policy in front of AI usage.
Operating checks for data boundaries
Key operating checks:
- which data categories may appear in the workflow
- which environments are approved for sensitive work
- when redaction, local handling, or review is required
- how exceptions are logged and escalated
- whether users understand the boundary before they use AI
Sensitive work should follow clear policy before it reaches an AI model.
