Skip to main content

Sovereign AI · for professional firms

AI in the firm — without handing your client data away.

Your team already uses AI tools nobody signed off on: to draft a reply to a client, summarise a tax notice, prepare a year-end memo. Any of them can carry client data into a cloud you don’t control. And your duty of confidentiality isn’t a matter of good intentions. We build the architecture that makes modern AI usable in the firm — and keeps the data on your side of the line.

  • Client data stays local
  • GDPR · §203 StGB by design
  • Sits beside DATEV, no US-cloud requirement

Straight talk · the stakes

Here, a leak isn’t a fine. It’s personal liability.

For most companies a data incident stops at GDPR — a fine for the business. For professional-secret holders it goes further: §203 StGB makes disclosing a protected client secret a criminal matter — personally, for the responsible individual, not just the firm. A client record dropped unchecked into a cloud AI tool can be exactly that act. That’s not a reason to avoid AI — it’s a reason to build it properly: with an architecture that can prove where every record went.

// We state the stakes, not their interpretation. What applies in your specific case belongs with your Steuerberaterkammer or a lawyer. We build architecture, not legal opinions — and we never name a tool as the offender.

# YOUR-REALITY

Your environment is DATEV, mail and client files.

01 / 03

Not CRMs and ad platforms — client data, tax notices and deadlines. Three everyday firm tasks, each routed to the right tier: the gateway decides on every call what stays local and what may leave.

  • Tier 1 · public

    Client newsletter

    A public paragraph on new e-invoicing rules, with no personal data. May go to an EU model — under clear data-processing terms, and logged.

  • Tier 2 · internal

    Summarise a tax notice

    An anonymised tax notice as an internal template. Routed to an EU-hosted model with zero retention — it stays in the EU.

  • Tier 3 · regulated

    Client reply & year-end memo

    Names, tax numbers, amounts, year-end detail. Local inference on hardware you own. Nothing crosses the line — and everything is in the audit trail.

# THE-BLUEPRINT

Where does the client request go?

One picture, two worlds. Pick a typical firm task and watch exactly what the perimeter does with it — classify, mask, route, log.

Today — no perimeter

How an AI prompt leaves the company todayAn employee sends a prompt containing personal data straight across the EU boundary to a non-EU cloud model — with no audit trail, under foreign jurisdiction, and exposed to a provider or government kill-switch.◂ EUthird country ▸Firm workstationprompt + client datanon-EUcloud model
  • no audit trail
  • foreign jurisdiction
  • kill-switch risk

Each crossing with personal data is a regulated processing event — most companies never document it.

With a perimeter

How the sovereign perimeter routes a promptA prompt enters a gateway that classifies, masks and logs it, then routes it by sensitivity: Tier 1 public to a logged cloud call outside the perimeter, Tier 2 internal to an EU-hosted model inside the perimeter, and Tier 3 regulated to a local model that never leaves the perimeter.PERIMETER · status: controlledEUYour promptGATEWAYclassifymask · logTier 3 · regulatedlocal · never leavesTier 2 · internalEU-hosted · 0-retentionTier 1 · publiccloud · loggedaudit trail · every request logged

# FOLLOW-ONE-PROMPT

Choose a prompt to trace its route:

Draft a reply to client [CLIENT_1], tax no. [TAXNO_1], about the [AMOUNT_1] back-payment.

Client data and professional secrecy. Without a perimeter this leaves the firm as an undocumented third-country transfer — exactly what §203 StGB and GDPR are about. With it: the gateway masks the data, keeps the request on a local model, and logs it — and nothing crosses the line.

// example audit trail
14:34 · tier3 · pii_masked=3 · model=local/qwen · crossed_boundary=false

Draw the line before your data crosses it.

Book a sovereignty assessment

# FROM-THE-FIELD

What this looks like when we run it ourselves.

Our own sovereign lab stack · applied to a firm workflow · Munich

A governed gateway in front of local open-weight inference: client-style prompts are classified, names, tax numbers and amounts masked inline, Tier-3 work pinned to a local model, and each request written to an append-only audit log.

If it can’t show up in the audit trail, it doesn’t happen on our stack.

— from our own build log
0outbound calls carrying personal client data — by design, and provable from the log.

// Own-lab reference, not a client testimonial. We publish a firm case here once one is cleared for release.

# HOW-WE-START

One assessment, sized to a firm.

02 / 03

For firms of 5–50 people. Not an enterprise programme, no platform team required — a clearly scoped fixed-price start that produces a blueprint you own.

  • 01 · assess

    Sovereignty Assessment

    from €6,500 · fixed price · 2–3 weeks

    • Map current AI usage in the firm, including shadow AI
    • Classify client and firm data into the three tiers
    • Target architecture, sized for 5–50 workstations
    • Compliance gap: GDPR, §203 perspective, EU AI Act
    • Costed roadmap you own — with us or not
  • 02 · build

    Perimeter Build

    project · from the assessment

    • Local inference for client data
    • Governance gateway & audit logging
    • Least-privilege connectors to your firm systems
    • Sits safely beside DATEV & mail
    • Security, access, deployment, handover
  • 03 · run

    Managed Sovereign AI

    retainer · co-managed

    • Model updates & evaluation
    • Ongoing compliance evidence
    • Cost & usage observability
    • Tuning as firm needs change
    • Clear boundaries with your IT provider

# QUESTIONS

Before you book.

03 / 03
  • Can our firm use AI at all?
    Yes — with the right architecture. The problem isn’t AI, it’s ungoverned AI: a personal account with broad access to client data, no agreement and no log. With a sanctioned, governed setup — classification, masking, local processing for client data and a full audit trail — AI becomes usable without touching your duty of confidentiality. What’s permitted in your specific case is for your Steuerberaterkammer or a lawyer; we build the architecture.
  • What about DATEV?
    DATEV stays DATEV. We don’t replace or interfere with your existing practice software — we stand the sovereign AI layer beside it: local inference and a gateway that decides which data it may touch at all. Any connection to existing systems is explicit, minimal and logged; Tier-3 client data doesn’t ride it unchecked.
  • Do we need our own hardware?
    Not necessarily a rack. Small open-weight models on modest hardware cover a surprising amount for a firm — drafting a reply, summarising a notice, preparing a memo. The assessment sizes real hardware against your actual tasks; we advise on procurement or EU colocation, and you own the hardware. No reseller markup.
  • What does it cost?
    The entry point is the Sovereignty Assessment, from €6,500 at a fixed price, in 2–3 weeks. You leave with a data classification, a target architecture for your firm’s size and a costed roadmap — yours to keep, whether you build with us afterwards or not. Build and run follow only once the blueprint is set.

Draw the line before client data crosses it.

Start with a fixed-price Sovereignty Assessment, sized to your firm. You get a data classification, a target architecture and a costed roadmap — yours to keep, with us or not.

 book-assessment

// or write: hello@saloid.com · gräfelfing · de