Data Sovereignty

Your Data Never Crosses the Perimeter

dodoAI was designed from day one for environments where data cannot leave the building — literally. No outbound model calls. No telemetry. No shared cloud infrastructure.

Six guarantees. Built in, not bolted on.

These are not compliance claims. They are architecture properties verifiable by your own security team.

No outbound model calls

The agent runtime makes zero calls to external AI APIs. No OpenAI, no Anthropic, no Azure OpenAI. Model inference runs on weights deployed inside your environment.

On-prem model weights

Model weights are transferred to your environment once during onboarding and remain there. No network access needed for ongoing inference. Air-gap compatible from day one.

Encrypted at rest — your keys

Data at rest is encrypted using keys managed in your own key store. dodoAI never has access to your encryption keys. You control key rotation and revocation.

Audit log on your storage

Every agent action is logged to your designated audit storage. The logs are structured, queryable, and owned entirely by you. We have no access, no copy, no visibility.

No telemetry sent to dodoAI

No usage analytics, no error reporting, no heartbeat signals sent back to us. The runtime operates in complete operational silence from our perspective. You are invisible to us after deployment.

Network-isolated deployment

dodoAI can be configured to operate with no internet access at runtime. All dependencies are packaged at install time. Firewall rules blocking outbound traffic are supported and tested.

This is the entire data flow

ENTERPRISE NETWORK BOUNDARY dodoAI Runtime Agent Execution Layer ERP System SAP / Oracle Compliance DB Policy Rules Procurement Workflow Engine Audit Storage Your records There is no external component.

All four arrows are bidirectional. None of them cross the enterprise boundary. This is the complete data flow — there is no external component.

On-premises deployment and APPI alignment

Japan's Act on the Protection of Personal Information (APPI) requires specific safeguards for AI systems that process personal data belonging to employees and business partners. On-premises deployment, where data never leaves your controlled environment, is the most straightforward architecture for satisfying APPI's data handling requirements. This is not a compliance certification claim — it is a deployment architecture property that your legal and compliance team can verify independently. We encourage you to have your own counsel review the architecture before deployment.

Discuss your security requirements

We provide technical architecture documentation for your security review team. No NDA required for the architecture review stage.