Deployment & Security

The platform is provider-agnostic by design. Run the same workforce on your own servers, in dedicated private cloud, or against enterprise model APIs — and choose which providers and models ever see your data. Security, governance, and deployment control are part of the product, not an enterprise add-on: the workforce is designed to fit the security posture you already operate under.

When the work is sensitive, the workforce runs where you say it runs.

Each role runs in a private environment for one organisation only. Deploy on-premises or on private cloud. There is no cross-customer sharing of resources, activity history, or operational context.

Infrastructure Options

Choose control, speed, and cost deliberately.

Every digital teammate can be deployed three ways. On-premises is the default for higher-control environments, with private cloud and enterprise APIs available where they fit better.

Maximum Security

On-Premises

The workforce runs on hardware inside your facilities, under your network and physical controls.

+ Hardware installed in your facility
+ Zero external data transmission
+ Internet required for authentication only
+ Custom hardware specification
+ Maximum security and control
+ Full infrastructure control
Ideal for

Healthcare, financial services, government, and any organisation where the most sensitive work must stay inside the perimeter.

High Control

Private Cloud GPUs

Dedicated GPU infrastructure in a private environment we configure and manage, without shared public endpoints.

+ Dedicated GPU instances — not shared
+ Full control of data residency and storage
+ Open-source and fine-tuned model options
+ Geographic region selection available
+ Data stays within your controlled environment
Ideal for

Organisations that need tighter residency, isolation, and procurement controls without running hardware themselves.

Starter

Cloud APIs

Enterprise-grade model providers for teams that need the fastest path to production on lower-sensitivity workloads.

+ Provider-specific data handling agreements reviewed per deployment
+ No-training and no-retention configurations selected where supported
+ Fastest deployment — operational immediately
+ Access to the latest models
+ Suitable for lower-sensitivity workloads
Ideal for

Teams whose data classification allows third-party processing under enterprise agreements and who want to start quickly.

Security Architecture

Built for teams that have to defend their controls.

Every layer is structured for environments where data classification, auditability, and access control are not negotiable.

On-Premises and Private Cloud as Standard

Run the workforce on your own hardware or dedicated private cloud infrastructure. Higher-control deployment is built into the offer, not sold as an afterthought.

Data Sovereignty

Choose exactly where your data resides. On-premises, specific cloud regions, or within national borders. You control data residency at every layer.

No Customer Data Reuse

Your data is not used to improve another customer deployment, shared across environments, or pooled into a common memory layer.

Isolated Storage

All data processed by your digital teammate is stored in an isolated environment. Complete separation between customer data at every layer.

Full Audit Logs

Every action taken by your digital teammate is logged and traceable. Complete transparency into what was done and when.

Dedicated to One Organisation

Each role is provisioned for one organisation only, with no cross-customer sharing of resources, data, or operational context.

Compliance

Designed to survive procurement and compliance review.

Our deployment models align with established regulatory frameworks, and we provide the documentation and controls mapping your audit team will ask for.

SOC2 Type II

Our infrastructure and operational controls are designed to meet SOC2 Type II requirements. We provide controls mapping documentation and evidence packages for your audit team.

ISO 27001

Deployment models align with ISO 27001 control objectives for information security management. ISMS documentation and control alignment reports available on request.

GDPR

Full data residency controls allow you to keep data within specific geographic jurisdictions. DPA terms, right-to-erasure support, and data processing records included.

HIPAA

On-premises and private cloud deployments support HIPAA-compliant handling of PHI. Business Associate Agreements available. Encryption at rest and in transit enforced.

SOC2 ISO 27001 GDPR HIPAA

Security Controls

Operational controls, not just positioning.

The day-to-day controls your security team will want to see — infrastructure, access, logging, data handling, credentials, and review.

Infrastructure Controls

  • + On-premises hardware security with physical access controls
  • + Private cloud isolation — dedicated instances, no shared tenancy
  • + Network segmentation for sensitive environments
  • + Geographic data residency enforcement at the infrastructure layer
  • + Encrypted storage and encrypted data transmission across all deployment models

Access Controls

  • + Each digital teammate operates under scoped credentials — limited to the systems and repositories you approve
  • + Permissions defined per tool and per action (read, write, execute)
  • + No lateral access between customers or between teammates within the same organisation
  • + SSO integration supported — teammates can authenticate through your identity provider

Audit Logging

  • + Every action is logged with timestamp, tool, input, and output
  • + Logs available via dashboard export; API access and SIEM forwarding available on request
  • + Configurable retention periods agreed during onboarding

Data Handling

  • + Data processed in-session is not persisted beyond task completion unless explicitly configured
  • + No cross-customer data sharing, aggregation, or model training
  • + Data deletion available on request — timelines agreed per customer
  • + Encryption at rest and in transit using industry-standard protocols

Authentication & Credentials

  • + Customer-managed credentials supported — bring your own API keys and service accounts
  • + Secrets stored in isolated vaults, never in plaintext or logs
  • + Credential rotation supported and recommended on a regular cadence
  • + MFA enforced for all operator and administrative access

Security Review Process

  • + Security questionnaire and DPA available on request before onboarding
  • + Penetration testing programme in place — results available under NDA
  • + Dedicated security contact for incident reporting and escalation
  • + Custom security review process available for regulated industries

How Data Moves

A controlled path from system to output.

On the on-premises and private-cloud tiers, here is how data moves: you decide what is connected, what can be accessed, and which actions require approval before anything high-risk happens.

Step 1

Connect Approved Tools

Only the systems you approve are connected. Access starts from your existing permissions model.

Step 2

Process in Your Infrastructure

Your digital teammate runs on your on-premises hardware or private cloud — isolated and dedicated to your organisation only.

Step 3

Log and Review Actions

Every action is logged for traceability, and sensitive operations can require human approval.

No cross-customer data flow. No shared memory. Full traceability. On the on-premises and private-cloud tiers, everything stays inside your perimeter.

Industries

Structured for sectors where shortcuts create risk.

We work with regulated organisations that need delivery capacity without compromising security posture, residency, or oversight.

Healthcare

Deploy: On-premises or private cloud
HIPAA SOC2
+ Clinical data analysis and research support
+ Patient communication and scheduling
+ Regulatory documentation and audit preparation

Financial Services

Deploy: Private cloud or on-premises
SOC2 ISO 27001 PCI DSS
+ Risk analysis and compliance reporting
+ Transaction monitoring and anomaly detection
+ Regulatory filing and documentation

Government

Deploy: On-premises with sovereign data controls
GDPR National data sovereignty
+ Policy research and analysis
+ Citizen services coordination
+ Cross-department reporting and data aggregation

Plan your secure deployment.

Tell us about your compliance requirements, data classification, and preferred operating model. We will recommend the deployment path that fits.