Staff at fiduciaries, law firms, and accounting practices handle personally identifiable information every day: client names, AVS numbers, IBANs, case references, addresses. The appeal of public tools like ChatGPT or Claude is obvious — drafting, summarising, rephrasing — but pasting a client letter into a public interface sends that data to cloud infrastructure outside your control.
Context: generative AI and client data
In Switzerland, the nLPD (revised Federal Act on Data Protection) requires transparency, proportionality, and accountability. Many teams are stuck: they want AI, but compliance says no.
The SME dilemma
Banning AI breeds shadow IT. Allowing plain-text ChatGPT exposes client data. Manual anonymisation does not scale on long files. A third path is needed.
- Copy-paste into ChatGPT — no guarantee on where data goes or how it is reused.
- Total AI ban — staff work around policy or lose productivity.
- Manual anonymisation — tedious, incomplete, and unsustainable on long files.
The concept: a privacy gateway
aiproxy is an internal proxy built by d-side solutions: a familiar chat interface (Claude- or ChatGPT-like) backed by a local anonymisation pipeline. Only pseudonymised text leaves Swiss infrastructure for the Claude API (Anthropic). The user then reads a reply where names and references have been automatically restored.
Technical positioning
This is not a self-hosted LLM. It is a data protection layer between your team and a capable cloud model — with local PII detection (Microsoft Presidio), prompt review before sending, and token re-mapping in the response.
The five-step flow
1) Chat — familiar interface
The user converses in a web interface (browser only, zero install). Session history, Markdown rendering, demo scenarios to test behaviour on fictitious legal or accounting cases.
2) Anonymisation — Presidio locally
On each message, text is analysed on the Swiss VPS by Microsoft Presidio coupled with spaCy (large models for fr/en/de/es). Detected entities are replaced with indexed tokens. The token → original value mapping stays server-side.
Fictitious example
Before: "Mr Jean Dupont, AVS 756.1234.5678.90, case FR.2024.123, resides in Fribourg."
After: "Mr <PERSONNE_1>, AVS <AVS_1>, case <DOSSIER_1>, resides in Fribourg."
3) Prompt review — transparency before sending
The nLPD transparency panel shows the exact text that will be sent to Claude, the list of detected entities and their tokens. The user can remove an anonymisation deemed excessive (× on an entity) — explicit consent before original data reaches the LLM.
4) Send — validated text only
After validation, only the pseudonymised prompt is sent to the Claude API. Conversation history stored server-side also remains anonymised. No raw documents or unmasked personal data transit to Anthropic.
5) Response mapping — readable answer
Claude is instructed to reuse tokens verbatim in its reply. aiproxy then replaces <PERSONNE_1>, <AVS_1>, etc. with original values. The transparency panel shows how many tokens were remapped.
Video demo
The video below walks through the full pipeline on a fictitious case: entering a message with personal data, Presidio anonymisation, prompt review, sending to Claude, and response re-mapping. (French audio.)
You can also try the pipeline live at aiproxy.d-side.pro. The interactive review step with selective de-anonymisation per entity is part of the production roadmap.
Presidio and Swiss recognizers
Presidio provides entity detection (NER, patterns, context). d-side extended the engine with Swiss domain recognizers and filtering for legal false positives (e.g. art. 336 CO must not be masked as a location).
| Entity | Token | Example |
|---|---|---|
| Person | <PERSONNE_N> | Jean Dupont |
| AVS number | <AVS_N> | 756.1234.5678.90 |
| IBAN CH | <IBAN_N> | CH93 0076 2011 6238 5295 7 |
| IDE number | <IDE_N> | CHE-123.456.789 |
| Case / file ref. | <DOSSIER_N> | FR.2024.123 |
| Phone | <TEL_CH_N> | +41 26 123 45 67 |
| Company | <ENTREPRISE_N> | Dupont SA |
| <EMAIL_N> | client@example.ch |
Multilingual detection (French, German, English, Spanish) via Lingua before Presidio analysis. Pilot stack: FastAPI, Docker, nginx, hosted on Infomaniak VPS in Switzerland.
nLPD transparency
The principle is not to hide anonymisation — it is to make it visible and controllable:
- ✓Transparency panel — text sent to Claude, detected language, badges per entity type.
- ✓Review before sending — no blind send; the user validates what leaves.
- ✓Processing in Switzerland — anonymisation and mapping on Swiss infrastructure.
- ✓Ephemeral sessions — in-memory mapping with TTL, no long-term history in MVP.
Who it is for
aiproxy targets Swiss SMEs that handle personal data and want to offer AI to their teams without compromising client confidentiality:
- Fiduciaries and accounting practices
- Law firms and legal practices
- Any organisation blocked by internal policy on public AI tools
In summary
aiproxy combines a modern AI chat experience with local Presidio anonymisation, nLPD-compliant prompt review, and automatic response re-mapping — all hosted in Switzerland.
Your team gains productivity. Your client data does not leave in plain text for the cloud.
Want to try aiproxy with your team? Request a demo account on aiproxy.d-side.pro.
Luc Demierre
Founder & IT Consultant — d-side solutions Sàrl, Bulle
Specialized in IT architecture, systems security and AI integration for Swiss SMEs. Founder of d-side solutions Sàrl since 2022.