Just add a Endpoint Location condition to your existing policy.
Here is an example:
There is a Keyword Match rule to detect the keyword 'test', for the 'Also Match', choose 'Endpoint Location':
After click 'Add' button, select 'Off the Corporate Network':
So, the final policy looks like this:
This policy means:
ONLY when the endpoint is outside the corporate network, will the DLP monitor the keyword 'test'.