Skip to content
Security, privacy & governance

Automate with AI. Stay in control of your data.

AI plus governance. We build done-for-you automation that runs in production, built to SOC 2 controls and GDPR compliant, with a self-hosted Private AI option where your data never leaves your servers.

Book a free automation auditSee the Private AI option
  • Built to SOC 2 controls
  • GDPR compliant
  • Private AI: data never leaves your servers
The controls

The controls every build ships with.

The same security baseline on every engagement, whether it is a €1,999 productized workflow or a custom build. Not an enterprise add-on, the default.

Built to SOC 2 controls

Every build follows SOC 2 control practices for security, availability, and confidentiality. We operate the controls; we do not claim a Type II report we have not earned.

GDPR compliant

EU-based studio, EU data handling. Lawful basis, data minimisation, and your rights as a data subject are designed in, not bolted on after launch.

Encryption at rest and in transit

Data is encrypted in transit over TLS and at rest in the stores your system touches. Secrets and API keys are held in managed vaults, never in code.

Role-based access control

Access is scoped to the least privilege a workflow needs. People and services only reach the systems and records their role requires, and nothing more.

Audit logging

Every automated action is logged with who, what, and when. You get a traceable record of each run, so an outcome can always be explained and reviewed.

Human-in-the-loop

A person approves the decisions that matter. The automation does the repetitive work and pauses for sign-off where money, contracts, or client-facing output is on the line.

Why teams trust the build

Done-for-you, human-in-the-loop automation that runs in production. Fixed scope, fixed fee. Built to SOC 2 controls, GDPR compliant.

Data handling

You see exactly what your data does.

No black box. We show you every field that moves, why it moves, and where it lands, before a line of the workflow ships.

  • We map exactly what is shared

    Before anything is built, we list every field that leaves your systems and where it goes. No data moves that we have not agreed on together.

  • We pass the minimum required

    Workflows send only the fields a step needs to do its job. Sensitive records stay where they live unless processing them is the whole point of the build.

  • You keep ownership and retention

    Your data and the system are yours. We set retention to your policy and delete on request, with the model under a Data Processing Agreement.

Private AI · self-hosted

Your data never leaves your servers.

For regulated and data-sensitive teams, we run the whole system inside your own infrastructure: on-premise or in your private cloud. The models and the workflow sit behind your firewall, so nothing sensitive is sent to a third-party API.

Delivered with our partner Hako Solutions, who specialise in self-hosted and Private AI delivery. Priced at Quoted after a free audit.

  • Data residency on your own infrastructure
  • Self-hosted models, no third-party inference
  • Same SOC 2 controls and GDPR posture
  • Built with Hako Solutions for delivery
Book a free automation audit

Ask about Private AI in your audit. We scope it to your stack.

The paperwork

DPA and MSA, ready to sign.

Every engagement runs under a Data Processing Agreement and a Master Services Agreement. We share both for review before any data is touched.

Request them in your audit
Security, the easy way

Put AI to work without giving up control.

Book a free automation audit. We map what is worth automating, show you exactly how your data is handled, and scope Private AI if you need it.

Book a free automation auditTalk to a founder
  • Built to SOC 2 controls
  • GDPR compliant
  • Private AI: data never leaves your servers