AI Data Processing, Reimagined

AI Works For Your Data.
Never With It.

AI orchestrates bulk operations without ever seeing individual records. Zero data exposure. Maximum efficiency. 18,000 rows processed with just 200 AI calls.

Try It Free

This product is currently in preview

The AI Data Dilemma

Traditional AI enrichment requires sending ALL your data to external AI models. Every row, every field, every piece of PII — exposed.

18,000

Rows exposed to AI

100%

Data visible to AI models

Slow

Row-by-row processing

Risky

Full PII in AI context

Server-Side Architecture

How Derive
Actually Works

AI sends a single derive command. The server does the rest — extracting unique values, calling AI with the compact set, and mapping results back to every row.

AI sends intent, not queries — "derive gender from first_name"

Server extracts unique values — 18k rows become 200 names

99% fewer AI calls — only unique values are processed

AI never sees individual records or other columns

External AI"derive gender from first_name"ListPlus ServerExtracts 200 uniquenames from 18k rowsAI Processes200 unique valuesThe Deduplication Magic18,000rows in your listTraditional: 18k AI callsExtract Uniquefirst_name column99% deduplication200unique valuesListPlus: 200 AI callsResults Mapped BackAnna → Female ✓ (×847 rows)Michael → Male ✓ (×623 rows)Sarah → Female ✓ (×412 rows)James → Male ✓ (×389 rows)Result{ updated: 18000 }
Data Flow — What AI Can and Cannot SeeYour Data (Server)first_name: "Anna"email: "anna@acme.com"phone: "+1-555-0123"company: "Acme Inc"salary: "$120,000"gender: "Female" ← derivedExternal AISEES:["Anna", "Michael", ...]NEVER SEES:emails, phonescompanies, salariesindividual recordsGreen = sent to AI (unique values only)Red = never leaves server
Architectural Security

Zero Data
Exposure

Security isn't a setting — it's the architecture. The derive action is structurally separated from data access, so AI literally cannot see your records.

AI never fetches row data — only receives unique values

Derive permissions independent from query access

Writable column whitelist — AI can only write to approved fields

Complete audit trail for every operation

Multi-Column Processing

Combine Columns.
Stay Secure.

Derive operations can combine multiple source columns for smarter processing — while maintaining the same zero-exposure deduplication guarantee.

Address Validation

Combine zip + city + country to validate addresses. 18k rows with only 500 unique combinations — 500 AI calls instead of 18,000.

Data Quality Checks

Validate city-country pairs, check job title seniority, classify industries — all using the same deduplicated batch approach.

Lead Classification

Combine job title + company size + industry for lead scoring. The server deduplicates across all column combinations automatically.

Multi-Column Derive: Address ValidationSource Columnszip: "10001"city: "New York"country: "US"zip: "10001"city: "New York"country: "US"...18,000 rows totalUnique Combos10001 + New York + US94105 + San Francisco + USEC2A + London + UK10115 + Berlin + DEOnly 500 unique combos!AI Validates✓ Valid address✓ Valid address⚠ Zip mismatch✓ Valid address500 calls, not 18kResults Mapped Back to All 18,000 Rows17,450 addresses validated ✓550 mismatches flagged ⚠
Side-by-Side Comparison

Traditional AI vs. ListPlus Derive

TRADITIONAL AI ENRICHMENT
Sends all 18,000 rows to AI
AI sees every field — email, phone, salary
18,000 API calls — slow and expensive
Full PII in AI context windows
No separation between read and write
Data retained by AI provider
LISTPLUS DERIVE
AI sends intent only — one command
AI sees only unique values from source column
200 AI calls — 99% reduction
Zero PII exposure to AI
Derive separated from query — independent permissions
Complete audit trail
FAQ

Common Questions

Everything you need to know about AI data security in ListPlus.

How does AI enrich data without seeing it?

The AI sends a derive command (e.g., "derive gender from first_name") to the ListPlus server. The server extracts unique values from the specified source column, sends only those unique values to the AI for processing, then maps the results back to all matching rows. The AI never sees individual records or any columns beyond the minimum needed.

What data does the AI actually see?

Only the unique values from the source column(s) specified in the derive command. For example, if you derive gender from first_name across 18,000 rows, the AI might see 200 unique first names — not 18,000 rows of contact data. It never sees emails, phone numbers, companies, or any other fields.

How does deduplication work?

The server extracts all values from the source column(s), finds unique combinations, and sends only the deduplicated set to AI. 18,000 rows with 200 unique first names means 200 AI calls instead of 18,000. This works for multi-column combinations too — 18,000 rows might have only 500 unique (city, country) pairs.

Can AI read my data if it has derive access?

No. Derive permissions are independent from query permissions. An API endpoint can be configured to allow derive operations but not data queries. The AI can write to whitelisted columns through derive, but cannot read or export your data.

What security controls are available?

Every derive endpoint includes: writable column whitelist (AI can only write to specified columns), source column restrictions, rate limits, row caps, auto-expiration, bearer token authentication, and complete audit logs with timestamps and operation details.

Does this work with any AI model?

Yes. Any AI that can make HTTP requests can use the derive action — Claude, ChatGPT, Gemini, custom agents, or automation tools like n8n and Zapier. The derive API is a standard REST endpoint that accepts a column mapping and returns results.

Your Data Stays Private. AI Stays Powerful.

Server-side derive architecture means AI works for your data — without ever seeing it.

Try It Free