Private AI for Side Projects: Keep Your Work Off Your Employer's Radar
import { Disclosure } from '@/components/Disclosure'
Bottom line up front: Every AI tool you use on a company device or with a work email is potentially visible to your employer — and could cloud your IP ownership. This guide shows you how to build a clean, separate AI workflow for side projects using local LLMs, a dedicated private identity, zero-knowledge storage, and research tools that don't cross-contaminate your work profile.
Last updated: 2026-06-30
Most tech workers understand the risk of committing side project code on a work machine. Fewer think about the subtler trails: the ChatGPT conversation where you sketched your SaaS idea, the GitHub Copilot autocomplete that ingested your unreleased architecture, the Google search history that maps your market research directly to your work account.
If you ever face a dispute over intellectual property, those trails matter. And even if you never do, giving your employer free visibility into your off-hours work is simply a privacy loss you don't have to accept.
The good news: building a fully separate AI stack for side projects is easier than it sounds, and it costs less than a gym membership.
Why Your Current Setup Is Probably Leaking
Before the fix, understand what's exposed.
Company devices. Your employer may have MDM (mobile device management) software installed. Even without it, browser sync, Copilot for Business seat assignments, and shared SSO accounts all route through company infrastructure. Anything you access on that machine can be logged.
Work email. Signing up for AI tools with your work email makes you a company-associated user. If the company ever exports their ChatGPT Team or Claude for Business data, your side project conversations go with it.
Consumer AI tools on a work device. OpenAI, Anthropic, and Google all have clauses reserving the right to use conversation data to improve their models (unless you opt out on paid plans). That's a secondary issue — the primary one is that network traffic logs exist, and your IT team may or may not be monitoring them.
Cross-account search history. If you research your side project idea while signed into your work Google account, that search history is associated with you in Google's advertising systems and, in some cases, is surfaced in Google Workspace admin dashboards.
None of these scenarios require bad faith from your employer. It's just what happens when you don't separate identities.
Step 1: Build a Separate Identity Starting with Email
The cleanest way to separate your side project from your employer is to anchor it to a different email address — one not connected to any company account, not hosted by Google or Microsoft, and ideally encrypted end-to-end.
Proton Mail is the best choice here. Proton runs out of Switzerland under Swiss privacy law, uses zero-knowledge encryption (Proton can't read your emails), and you can create a free account that has no connection to your work identity whatsoever.
Use this email address for:
- Signing up for AI tools you use on side projects
- Domain registration and hosting accounts
- Stripe, Lemon Squeezy, or any payment processor
- Any SaaS product your project depends on
Affiliate Disclosure: This article may contain affiliate links. If you make a purchase through these links, we may earn a small commission at no extra cost to you. We only recommend products we genuinely believe in. This helps support our work and allows us to continue providing free content.
For anything particularly sensitive — researching IP law, employment contract analysis, or anything you'd rather not have stored anywhere — pair Perplexity with your local Ollama setup. Download the relevant documents, run them through your local model, ask your questions entirely offline.
Step 4: Store Your Work in Zero-Knowledge Encrypted Storage
Where you keep your side project files matters as much as where you create them.
If your side project files live in your work Dropbox, Google Drive on your work account, or on a NAS that your employer set up — those files are not private. Even if your employer never looks at them, the access control isn't yours.
Tresorit solves this cleanly. It's zero-knowledge encrypted cloud storage, meaning even Tresorit's servers cannot read your files — only you hold the keys. It's built for exactly the kind of sensitive file handling a side project requires.
Affiliate Disclosure: This article may contain affiliate links. If you make a purchase through these links, we may earn a small commission at no extra cost to you. We only recommend products we genuinely believe in. This helps support our work and allows us to continue providing free content.
You don't need a VPN for every task. Turn it on when you're doing sensitive research, making account registrations, or accessing your side project's admin dashboards from a shared network.
The Legal Layer: Review Your IP Assignment Clause
No amount of technical separation matters if your employment contract says your employer owns everything you create, regardless of what device you use.
Many tech employment contracts include "moonlighting" or IP assignment clauses that are broad. Some require you to disclose side projects to your employer, even if you have no intention of competing.
Before you put significant work into a side project, re-read your employment contract. Specifically look for:
- IP assignment scope — does it cover only work-related inventions, or everything you create?
- Disclosure obligations — are you required to report side businesses?
- Conflicting interests clauses — does your project compete with your employer's market?
If the language is vague or broad, consult an employment attorney before launching. Technical privacy hygiene protects you from accidental data exposure — it doesn't rewrite contract terms.
The Full Stack, Summarized
Here's the complete setup in one place:
| What You Need | Tool | Why |
|---|---|---|
| Separate identity | Proton Mail | Swiss-law zero-knowledge email, no Google/Microsoft |
| Password separation | Proton Pass | Isolated vault for side project credentials |
| AI coding assistance | Ollama + Continue.dev | 100% local, no API, no usage logs |
| Private research | Perplexity Pro | Separate account, real-time web, leaner data model |
| Encrypted file storage | Tresorit | Zero-knowledge, provable ownership separation |
| Network privacy | Proton VPN | Encrypts device traffic on shared networks |
The total cost for the paid tier of these tools runs roughly $35-50/month. That's a small insurance premium against an IP dispute, and it's the same stack you'd want anyway if you're eventually launching something real.
What This Stack Doesn't Protect Against
To be clear about the limits:
- Your employer's legal rights. If your contract says they own your side project, technical separation doesn't change that.
- Your personal device's local storage. Files sitting in plaintext on your personal laptop aren't protected by any of the above unless you're also using full-disk encryption (FileVault on Mac, BitLocker on Windows).
- Behavioral patterns. If you suddenly start shipping GitHub commits at 10pm every weeknight, no amount of tooling hides that from a suspicious employer.
Privacy tooling reduces your data footprint. It doesn't eliminate the reality that you're a person with patterns.
Start Here If You're New to This
If the full stack feels like too much to set up at once, do these three things first:
- Create a Proton Mail account (free) and use it to register any new AI tools you use for side projects.
- Install Ollama on your personal machine and pull
qwen2.5-coder:7b. Use it for any coding you're doing on your project. - Move your sensitive documents out of work-connected cloud storage into Tresorit.
Those three steps eliminate the highest-probability exposure paths in under an hour.
Stay Ahead of What Your Tools Know About You
The landscape shifts constantly — new AI tools launch with different privacy postures, and employment law evolves. If you want a short weekly digest of what's changing in AI privacy (including new tools, policy changes, and threat patterns worth knowing about), subscribe below.
No spam. One email per week. Unsubscribe any time.