Sistava

How to Keep AI Out of Your Private Life

How-to — by Mahmoud Zalt

A founder playbook for keeping work AI strictly inside work: separate accounts, scoped access by role, a monthly hygiene routine, and zero personal data bleed.

Why does AI bleed into your personal life when you use it for work?

The bleed happens because most founders sign in once and grant everything. You connect Gmail to your AI for a sales reply, and now the same token sees your therapist confirmations, your divorce paperwork, your medical bookings. You link a calendar so an AI Employee can schedule demos, and the same calendar holds your child's pickup time. You wire one cloud drive for a deck, and the AI inherits your tax folder. None of this is malicious software: it is one identity carrying both lives. Once a model can read across both, even a perfectly behaved assistant will draft a work email that leaks a personal detail, suggest a meeting time blocked by a private appointment, or summarise a folder you did not mean to expose. The fix is structural, not behavioural: split the identity, scope the access, and audit it on a calendar instead of from memory.

At a Glance

~38%
Of solo founders mix one Google account for work + personal AI
~6 hrs
Lost per quarter cleaning leaks they could have prevented
$1,200+
Median cost of one personal data leak (legal, time, churn)
{INDIE_USD}/mo
Sistava plan with scoped workspace separation built in

What boundaries actually work between work AI and personal?

Boundaries are only real if they survive a tired Tuesday. Wishful rules like "I will not paste personal stuff into the work tab" collapse the first time you are rushed. The boundaries that hold are the ones a tool enforces on your behalf: a different login screen, a different colour scheme, a different inbox the AI is even allowed to see. Below are the five separations that I run on my own workspace today, in priority order. The top two cover roughly eighty percent of the leak surface. The bottom three close the corners where things still slip through during late-night sessions, holiday weeks, or whenever you hand a device to your partner for ten minutes. None of these require new software you do not already pay for: every one is a setting on an account you already own, with the only cost being thirty minutes once and a calendar reminder once a month.

Benefits

Two logins, never one

Separate work email and personal email. Your work AI signs in with the work email only.

Scoped workspace per role

Each AI Employee lives in its own workspace with its own connected tools, never your master account.

Folder-level access, not account-level

Grant a single Drive folder or label, never the whole inbox or whole drive.

Separate browser profile

A work browser profile holds work cookies and work autofill so personal session data never appears.

Distinct device or persona

When possible, use a work laptop or a work user account on the same machine so muscle memory protects you.

Can AI know enough to help work but not pry into personal?

Yes, and this is the whole point of a scoped workspace. A good AI Employee does not need access to everything you own to be useful: it needs access to the slice of your work that maps to its job. A sales AI needs your pipeline and your outbound inbox label, not your whole Gmail. A content AI needs your brand guidelines folder and your CMS, not your photo library. A support AI needs the help inbox label, not the rest of your business. The mental model is the same one you would use hiring a freelancer: give them only what the job requires, on a folder you created for them, with a key you can revoke in one click. Set this up once per role and you stop thinking about it. Five minutes of setup buys you months without a leak, and the AI also gets sharper because its context is no longer polluted by data it should never have seen.

Limited-scope setup, role by role

  1. Make a work-only Google or Microsoft account — Use it exclusively for AI connections. Never log into it on a personal phone or shared family device.
  2. Create a folder per AI Employee — Inside Drive or OneDrive, give each role a single folder. The AI gets that folder, nothing else.
  3. Use Gmail labels instead of full inbox access — Filter sales replies into a label, then grant the AI access to that label only, not the whole mailbox.
  4. Connect one tool per role at first — Resist the urge to plug in everything on day one. Add a tool only when the AI cannot do the job without it.
  5. Save the revoke link the same day — Bookmark the OAuth settings page for every grant. Future-you needs to find it fast, not search for fifteen minutes.

The structural piece matters more than any single rule you remember. When the work AI literally cannot see your personal inbox, you do not need to trust yourself to behave well at midnight. The workspace boundary is the trust. Sistava ships scoped workspaces by default so each AI Employee lives behind its own wall, and the integrations you connect for that role do not bleed across the others. You can still talk to one of the personal-assistant AI Employees inside its own private space when you actually want help with travel or scheduling, kept fully separate from anything tied to your business.

Once the walls are up, the second skill is knowing what each side is for. Work AI handles work content: drafts, replies, research, scheduling, reporting. Personal AI handles personal content: travel, family logistics, gift ideas, fitness, hobbies. Mixing them is not just a privacy risk, it is also a quality drop, because each AI builds memory around what it sees. A sales AI that has half-read your gym schedule will sometimes thread that context into a client email in ways you only notice on a Friday afternoon. Keep the inputs clean and the outputs stay sharp.

How do you stop work AI from drafting personal stuff (or vice versa)?

Cross-drafting happens when you reach for whichever AI is already open and ask it the wrong question. The cure is not discipline, it is friction in the right places. Make the work AI obviously work-coloured, name it after the role, and keep the personal AI in a different tab group with a different label. Add four small rules on top and the mixing stops within a week. None of these are clever: they are the same boring constraints that keep accountants from filing the wrong year and pilots from skipping the wrong checklist. The boring layer is what holds at three in the morning, when you are tired, jetlagged, or distracted, and the part of your brain that would normally catch the slip is offline. Build the structure once while you are sharp and it will protect you on every future day when you are not.

Benefits

Name your AI Employees by role

A sales AI named for its job will not be tempted by a question about your weekend plans.

Pin work tabs in a separate window

Visual separation drops cross-pasting incidents to near zero in real founder usage.

Never paste personal text into a work chat

If you catch yourself starting to, open the personal AI in a new tab and start there instead.

Disable cross-workspace memory

Confirm each AI Employee only remembers its own workspace, never the others on your account.

What is the clean separation routine?

Once a month, sit down for thirty minutes and run a hygiene pass. This is the single highest-leverage habit you can build around AI privacy, because every grant you forgot is the next quiet leak. I do mine on the first of the month with a coffee, and it has caught at least one stale grant every single quarter so far. The whole thing fits on a one-page checklist and you can hand it to a junior teammate verbatim. The goal is simple: every active grant should still be earning its keep, every workspace should still match a real role, and every personal account should be untouched by anything work-shaped. If anything fails those three tests, you revoke it the same minute, not next week. The discipline is in the cadence, not the cleverness of the audit itself.

Monthly separation routine, thirty minutes

  1. List every active AI integration — Open the OAuth pages for Google, Microsoft, Slack, and any cloud drive. Note every grant currently live.
  2. Revoke anything you did not use this month — If an AI Employee did not touch a tool in thirty days, the access should not be live. Click revoke.
  3. Recheck the scope of every remaining grant — Confirm folders and labels still match the role. Tighten anything that drifted toward whole-account access.
  4. Audit personal accounts for accidental connections — Open your personal Google or Apple ID. Confirm no AI tool appears in the connected apps list.
  5. Log it and move on — Write the date in a private notes file. Future-you needs to know the last clean state, even if it was last month.

Frequently asked questions

FAQ

Do I need separate accounts for work vs personal AI?

Yes. One identity for both is the root cause of almost every leak I see in founder reviews. Separate the email logins, separate the browser profiles, and your AI cannot accidentally reach across because it never had a key to the other side. The setup takes one afternoon and saves you the slow drip of leaks across the next twelve months.

Can AI see my Apple or Google personal data?

Only if you give it the credentials. Sistava and other scoped platforms never read iCloud, Google Photos, or anything tied to your personal Apple ID or Google account unless you sign in with that account during setup. The defence is to never log a personal account into a work AI session. Use the work account, every time, without exception.

What about my partner using my AI?

Treat shared devices like shared keys. If a partner needs help from an AI, give them their own free workspace with their own login. Letting them type into your work AI gives that AI memory about a person it should not have memory about, and it will sometimes surface that context in a work output later. A separate workspace is the only clean fix.

How do I revoke personal access cleanly?

Go to the OAuth or connected-apps page for the underlying provider (Google, Microsoft, Apple, Slack) and remove the AI tool from the allowed list. Then go to the AI tool itself and disconnect the integration on its side. Doing both ends of the handshake prevents zombie tokens. Save those two URLs in a notes file so you can do this in one minute, not fifteen.

Is privacy mode enough?

No. Browser privacy mode hides local cookies but does nothing about the cloud-side tokens an AI tool already holds. The boundary lives on the server side, not in your browser. The only durable fix is scoped grants and a monthly revoke pass, regardless of which window you happen to be using on the day.

If you want to go a layer deeper on how AI Employees handle the data they are allowed to see (encryption, retention, training boundaries, what gets logged where), the next read covers it directly. It pairs naturally with this one: this article keeps the personal life out, that article tightens what happens to the work life that stays in. Read them back to back and the privacy story across your whole stack starts to feel intentional instead of accidental, which is the only mental state in which you actually trust your own setup.

The honest framing for keeping AI out of your private life is that the model is rarely the villain. The villains are the OAuth grants you clicked through during a busy week, the personal Gmail you happened to use because it was already logged in, and the absence of any routine to clean up after yourself. Fix those three and the whole privacy posture changes. Run separate accounts, give every AI Employee a scoped folder or label instead of the whole castle, and put thirty minutes on the calendar once a month to revoke what you no longer need. Tools like Sistava make this easier because workspace separation is built in rather than bolted on, but the routine matters more than the tool. Make the structure carry the rule, and you stop relying on a tired Tuesday version of yourself to defend your own privacy.