Do you also build small apps and MVPs — or only large enterprise projects?

Both. I cover the full spectrum: from a lean MVP or a single app to a scalable enterprise platform — one point of contact for architecture, build and operations.

Are you not overqualified for a small project?

No. Experience doesn't mean expensive — it means getting to the right solution faster. Small projects I build pragmatically and focused, without overhead, and in a way that can grow later without a rebuild.

What kind of projects do you take on?

Web and mobile apps, MVPs, process automation, AI integration (chatbots, RAG, AI agents) and cloud architecture — as a freelancer with 25+ years of experience.

What does it cost to get started?

Concrete packages start from €1,500. Larger projects are billed transparently by day rate or fixed price — with a clear quote up front.

Shadow AI: you can't secure what you can't see

The question isn't whether your employees use AI. They do — right now, this minute, in large part through personal accounts you can't see and don't control. Netskope measures that even in early 2026, roughly half of enterprise AI use still runs through personal accounts rather than sanctioned ones (Netskope Cloud and Threat Report 2026). The good news: the number is falling — a year earlier it was around three quarters. The bad news: "roughly half" is still your biggest blind spot.

And the dangerous thing about shadow AI isn't the one spectacular leak. It's more mundane: what you can't see, you can't govern, can't secure, and can't prove. No data protection, no compliance, no audit — for something you don't even know is happening.

TL;DR — Shadow AI isn't a behaviour problem in your people; it's a visibility problem in your organisation. Bans drive it further underground. What works is the order of operations: make it visible first, then offer a good sanctioned path, then secure it technically.

Why it happens (and isn't sabotage)

Nobody opens ChatGPT in the morning intending to break data-protection law. It happens because the official path is missing or clunky and the personal one is one click away. Productivity pressure meets one-click signup — and the rest takes care of itself, out of convenience and a naive trust that it'll be fine.

It's the same reflex that makes a developer paste an API key straight into a prompt, which I covered in How AI agents leak your credentials — just one level up: not a token, but customer data, source code, draft contracts quietly leaving the building.

What's actually at stake

Three concrete risks, not abstract fear.

The data leaves your infrastructure — and then lives somewhere else. The moment a prompt contains personal data and goes to an external provider, you have to settle that provider's role: if it processes the data on your behalf and on your instructions, it's a processor, and you need a data processing agreement (GDPR Art. 28). With shadow AI nobody settles it — the processing runs ungoverned, with no contract and no instructions.

The consumer-vs-enterprise trap. This is where it gets expensive. Many free and personal tiers train on what you type in, by default:

OpenAI uses consumer-ChatGPT content to improve its models by default (opt-out available); Enterprise, Business, Team and the API do not (OpenAI Enterprise Privacy).
Anthropic, since its consumer-terms change in August 2025, may use data from Free, Pro and Max for training unless you opt out; the commercial plans (Claude for Work/Enterprise, API) are excluded (Anthropic).
GitHub Copilot Business and Enterprise don't train on your code; the individual tiers (Free/Pro/Pro+) do by default since April 2026, with an opt-out (GitHub).

And shadow AI means your people too often end up on the training side of that line. Exactly the data that should never leave the building then flows into someone else's models.

Secrets ride along. Wherever AI coding assistants are in play, credentials travel too. GitGuardian counted 28.6 million new secrets in public GitHub commits in 2025 — up 34% year over year, the largest jump in the report's history (State of Secrets Sprawl 2026). Notably, commits made with AI assistance leaked secrets at around 3.2% — roughly double the 1.5% human baseline (GitGuardian). That's not a tool defect; it's a speed effect: the same human mistakes, just produced faster and more often. AI doesn't slow the mistake down — it scales it.

Why bans make it worse

The obvious reflex — block the AI tools wholesale — is rarely the right one. Targeted blocking of a few high-risk destinations can make sense; a blanket ban, though, doesn't remove the usage, only the visibility. People switch to personal devices and accounts, and you lose even the sliver of insight you had. It's the same logic as with AI agents themselves: a rule nobody is forced to follow isn't a boundary, just a request — more on that in Can't, not shouldn't. You don't win by banning; you win with a better official path.

The five-step plan

Sober, in this order:

Visibility first. Before you govern anything, find out what's actually running. In the office your egress logs (DNS, proxy, firewall) and CASB discovery do it — Netskope now tracks more than 1,550 distinct GenAI apps across enterprise environments, up from 317 in early 2025 (Netskope Shadow AI & Agentic AI 2025). Working from home, that no longer reaches: visibility moves off the network onto two things you control regardless of location — the endpoint (a SASE/endpoint agent travels with the laptop and inspects egress from anywhere) and identity (OAuth consents and SSO logins always hit your IdP, wherever someone sits). What remains is the hard limit: a personal device with a personal account you don't discover — you narrow it structurally (access to sensitive data only from managed devices) and make it unnecessary with step 2.
Offer a good official path. Sanctioned tools on enterprise/business tiers — no training, admin control, audit logs. When the allowed path is as convenient as the personal one, shadow AI shrinks sharply.
Classify your data. The sanctioned path from step 2 is the safe default; classification tells you where stricter rules are needed. Decide what may go into which tool — public, internal, confidential, regulated. Without that classification no policy can bite, because nobody knows what it refers to.
Secure it technically, don't just regulate it. Keep secrets out of the AI's context, put network egress on an allowlist — structural boundaries instead of behavioural appeals (as described here). This is the layer that holds when someone doesn't follow the policy.
Light policy plus training. A short, clear acceptable-use rule and real enablement of your people — not a 20-page document nobody reads. AI literacy is a legal duty anyway: since February 2025 the EU AI Act requires it explicitly of deploying companies, not only providers — enforced by national authorities from August 2026 (EU AI Act Art. 4).

Governance isn't optional extra credit

Taken together, shadow AI is a precise compliance problem, not a vague unease: ungoverned processors, data in someone else's training runs, a missed statutory literacy duty. If you want to structure that, ISO/IEC 42001:2023 — the first certifiable standard for an AI management system — is the right frame (ISO). But the frame comes after visibility, not before: you can't lay a management system over something you can't see.

The decision "do we allow AI?" was made long ago — by your people, last month, without a meeting. The only open question is the one that follows: do you see and shape it — or does it keep running past you?

Establishing that visibility and drawing the technical boundaries that secure it — without slowing your people down — is part of what I do. Let's talk.

Why it happens (and isn't sabotage)

What's actually at stake

Why bans make it worse

The five-step plan

Governance isn't optional extra credit

Let's talk about your project.