Support Investors Partners About us
Privacy & Security

Built for environments where
data leaks are not options.

Regulated industries, critical infrastructure, and public sector bodies operate where security is not a feature — it is a precondition. Qualitum is architected from the ground up for those environments: private tenant, zero-egress inference, customer-managed keys, and a 5-tier permission model enforced at retrieval time, not just the UI.

Talk to a security engineer See the architecture
Core pillars

Three things we got right before anything else.

Encryption at rest & in transit

All tenant data — documents, metadata, vector embeddings, audit records — encrypted with AES‑256 under customer-managed keys in your KMS. TLS 1.3 end-to-end. Qualitum never holds your encryption keys.

Identity & authentication

SAML 2.0, OIDC, OAuth 2.0, LDAP. Native connectors for Microsoft Entra ID, Okta, Ping, and Active Directory with SCIM provisioning. MFA enforced at platform level. No parallel user directory. No shadow accounts.

Five-tier role-based access

Platform Admins → Process Owners → Knowledge Owners → Validators → Agent Users. Every permission enforced at document level. RAG retrieval respects RBAC at query time — agents cannot surface what the user cannot see.

Question 1 · Where does my data live?

Inside your tenant. Your cloud. Your region. Your keys.

Your data never leaves your perimeter.

Qualitum is a single-tenant deployment model. Each customer runs in a dedicated environment on their chosen cloud, in their chosen region, under their IAM. There is no shared data store, no shared model state, and no shared inference pool between customers — ever.

  • CloudAWS · Azure · GCP · on-prem. Bring your own. Air-gap supported for classified workloads.
  • RegionAny. EU (Frankfurt, Ireland, Paris), US, UK, UAE, Singapore, Sydney — pinned to your residency requirement.
  • NetworkYour VPC. Private subnets, VPC endpoints, PrivateLink. No public ingress required for the agent runtime.
  • StorageYour buckets, your database. Object storage in your S3/Blob/GCS. Postgres in your RDS/Cloud SQL. Your snapshots, your backups, your retention.
  • KeysYou hold them. Customer-managed KMS keys (AWS KMS, Azure Key Vault, GCP KMS). Revoke anytime and the data becomes unreadable — to us, to you, to anyone.
  • EgressZero. Inference happens inside your VPC. No prompt content, no completions, no embeddings, no telemetry leaves your network.
Your tenant · Your VPC · Your region
Ingress
Your SSO
API
Agent API
Audit
Immutable log
Compute
Workers
LLM
Private model runtime
Queue
SQS / Service Bus
Index
Vector DB
Docs
Your S3 / Blob
RDBMS
Your Postgres
✕ ZERO EGRESS · No data leaves this boundary
AES‑256 at rest TLS 1.3 in transit Customer-managed keys
Question 2 · We already have Copilot

Copilot is a chat surface. Qualitum is operational agents.

Different primitive. Different problem. Different outcome.

Microsoft Copilot, ChatGPT Enterprise, and Gemini Enterprise are general-purpose assistants: a chat box over your documents. Qualitum is not a chat box. It is a set of domain-specific, validated operational agents that execute regulated workflows end-to-end. Here is the practical difference.

Dimension Microsoft Copilot · ChatGPT Enterprise Qualitum
Primitive Chat box over your M365 / corporate data. User asks, model responds. Validated operational agents that author, execute, and defend a specific regulated workflow. No human prompt engineering required.
Deployment Multi-tenant SaaS. Your data in Microsoft's / OpenAI's cloud, under their keys, subject to their roadmap. Single-tenant. Your cloud, your region, your keys, your IAM. Air-gap capable.
Inference location Shared inference pool. Prompts processed in the vendor's shared environment. Inference runs inside your VPC. Zero egress. Every token stays in your perimeter.
Model Vendor-chosen. OpenAI GPT for Copilot, OpenAI for ChatGPT Enterprise. You cannot swap it. LLM-agnostic. Azure OpenAI, Anthropic Claude, Gemini, Mistral, LLaMA, or your in-house fine-tune. Swap per workflow.
Training on your data Contractual opt-out. Data handling governed by the vendor's terms, revisable by the vendor. Architecturally impossible. There is no pipeline out. Model weights sit inside your tenant.
Retrieval security Graph permissions honoured, but enforced by the vendor's RAG. You trust their implementation. 5-tier RBAC enforced at retrieval, inside your tenant. Every chunk gated by the user's identity before it reaches the model.
Audit trail Usage logs. Limited traceability of which document informed which answer. Tamper-evident ledger. Every retrieval, every token, every edit, every approval — immutable, signed, exportable to regulators.
Regulatory posture Generic enterprise compliance. Not designed for GxP, Annex 11, 21 CFR Part 11, or EU procurement directives. Purpose-built for GxP, Annex 11, 21 CFR Part 11, GAMP 5, EU AI Act, Directive 2014/24/EU. Validated agent outputs.
What you buy Per-user monthly subscription. Price scales with headcount. Vendor owns the software. Perpetual licence on your deployment. You own the software, the data, the model weights, and the modifications.

The two are not competitors — they solve different problems. Most Qualitum customers continue to run Copilot for general productivity. Qualitum handles the regulated work Copilot is not architected for.

Question 3 · What is the platform, actually?

The architecture behind Qualitum.

Private deployment · LLM agnostic · data sovereign · enterprise-grade. Every layer engineered for the environments Copilot-class tools were not built for.

A private agentic runtime, not an LLM wrapper.

Qualitum is the agentic layer. It combines domain knowledge, deterministic workflow, and context isolation into auditable agents that execute regulated work. The LLM is a component we swap. The agent behaviour — what gets drafted, how it is checked, what the audit trail looks like — is ours.

What this means practically: When GPT-5 ships, your Source·AI gets better overnight. When your InfoSec team decides OpenAI is off the approved list, you flip to Anthropic or a self-hosted LLaMA with a config change. No re-implementation. No vendor lock-in.
Domain knowledge

Agents pre-trained on industry-specific process patterns, regulatory requirements, and domain terminology — GxP, procurement law, EU AI Act.

Deterministic workflow

Process rules layered above the LLM ensure consistent, auditable outputs — regardless of which model is running underneath.

Context isolation

Each agent operates in a fully isolated context. No data bleed between agent types, no shared conversation state across tenants.

LLM agnostic by design.

Qualitum is not tied to any single model. Bring your preferred LLM — Azure OpenAI, Anthropic Claude, Google Gemini, a self-hosted Mistral or LLaMA, or a custom fine-tune — or use the default private model runtime that ships with the platform. Route different workflows to different models.

Why it matters: LLM capabilities evolve faster than procurement cycles. Agnostic architecture means your agents improve as models improve — with no re-implementation, no vendor renegotiation, and no forced migration path when your current provider's policy changes.
Azure OpenAI

EU data boundary, Microsoft Entra ID integration, private endpoint.

Anthropic Claude

Claude via AWS Bedrock or direct enterprise API with zero data retention.

Google Gemini

Gemini via Vertex AI in your GCP project, no cross-project data flow.

Self-hosted

LLaMA 3, Mistral, Qwen, or your in-house fine-tune on your GPU fleet.

Azure OpenAIAnthropic ClaudeGoogle GeminiMistralLLaMA 3QwenCustom fine-tunes

Deployed in your infrastructure.

Fully automated CI/CD pipeline. From contract to live production agents in under 14 days for standard connectors. All environment provisioning defined as code — repeatable, version-controlled, auditable.

Infrastructure as Code: Tenant setup, connector configuration, and agent deployment are automated from a single pipeline run. Your SRE team sees the full Terraform / Bicep / CloudFormation manifest. Nothing is "magic."
Isolated tenants

Each client runs on a fully isolated tenant. No shared infrastructure, no shared data stores, no cross-client exposure of any kind.

Cloud agnostic

Deploy on AWS, Microsoft Azure, Google Cloud, or on-premises. The pipeline is cloud-neutral and infrastructure-agnostic.

Air-gap capable

For classified or high-security environments, Qualitum can be deployed in a fully air-gapped configuration with no external network dependency.

AWSMicrosoft AzureGoogle CloudOn-premisesAir-gappedPrivate VPCIsolated tenantsAutomated CI/CD

Data sovereignty & privacy.

Data sovereignty is architectural — not a contractual promise. Qualitum is designed from the ground up so that client data never leaves client infrastructure. There is no telemetry pipeline, no training on client data, and no shared model state between tenants at any point.

Zero Egress Architecture: The LLM model runtime is deployed inside your private network or dedicated environment. All inference happens locally. No prompt content, no completions, no embeddings, no diagnostic telemetry is transmitted to external providers — ever.
AES‑256 encryption

All data encrypted at rest with AES‑256. Customer-managed keys — you hold the key, Qualitum cannot access your data. Revoke at will.

Perpetual licence

You own the software licence permanently. No SaaS subscription to be cancelled, no data held hostage by a vendor.

Tamper-evident audit log

Every agent interaction logged with immutable timestamps. Full audit traceability for regulatory inspections and internal governance.

GDPR Article 25ISO 27001NIS2DORAAES‑256 at RestTLS 1.3 in TransitCustomer-Managed KeysZero Data Egress

Authentication & access control.

Enterprise-grade identity and access management out of the box. Qualitum integrates with your existing identity provider — no parallel user directory, no shadow credential management, no separate login portal. If someone loses access in your IdP, they lose access to Qualitum the same second.

Microsoft Entra ID: For M365-deployed tenants, authentication flows through Microsoft Entra ID. Users sign in once with existing corporate credentials — no additional accounts, no separate passwords, no parallel identity surface to manage.
SSO / LDAP

Active Directory, Entra ID, Okta, Ping, any LDAP-compatible IdP via SAML 2.0 or OIDC.

5-tier RBAC

Granular roles enforced at the retrieval layer — not just the UI. Governs which agents, data sources, and outputs each role can access.

MFA enforced

Multi-factor authentication enforced at platform level. Configurable per-tenant policy, per-role requirements.

SCIM provisioning

Automated lifecycle management. Accounts provision and deprovision automatically when employees join, move, or leave.

Azure AD / Entra IDOktaPingSAML 2.0OIDC / OAuth 2.0LDAPSCIMMFA5-Tier RBAC

Connected to the systems of record.

Qualitum is the agentic layer above your stack, not a replacement. Agents read, write, and round-trip into your validated systems of record — eQMS, ERP, LIMS, procurement, clinical — without owning the source of truth. Bi-directional, auditable, idempotent.

Connector-first: Forty-plus certified connectors ship with the platform. Additional integrations via standard adapters (REST, SOAP, OData, JDBC, SFTP, IDoc). Your middleware team builds nothing from scratch.
eQMS

Veeva Vault Quality, MasterControl, Sparta TrackWise, Kneat Gx.

ERP

SAP S/4HANA, Oracle Fusion, Microsoft Dynamics 365.

Procurement

SAP Ariba, Coupa, Jaggaer, SAP Fieldglass.

LIMS / MES

LabWare, Siemens Opcenter, Werum PAS-X, Rockwell FactoryTalk.

RESTSOAPODataGraphQLJDBCSFTPIDoc40+ certified connectors
Commercial posture

You own the platform and the data.

The SaaS model was designed for software vendors, not for enterprises handling sensitive regulated knowledge. Qualitum issues a perpetual licence — you own the deployment, you own the data, and in most tiers you own the modifications. We win when your team grows into the platform, not when you get stuck on it.

  • Perpetual licence, no per-user fees

    One licence covers unlimited users. No fees that compound as your headcount grows. No vendor renegotiation at renewal.

  • Modify and extend it yourself

    Full source access under licence for enterprise tier. Your team can extend agents, customise workflows, and add integrations without involving us.

  • Your data belongs to you

    Complete data portability. Export everything at any time — documents, audit trail, vector index, model fine-tune weights. No proprietary formats. No lock-in. If you ever leave, everything comes with you.

CharacteristicQualitumTypical SaaS AI
Pricing modelPerpetual licencePer-user / month
Data locationYour infrastructureVendor cloud
AI model on your dataYour model, privateShared inference
Training on your dataNever — architecturalOften by default
Modifiable by youYes — full sourceNo
Air-gap deploymentYesNo
Data portabilityCompleteLimited / export fees

Certified where it matters. Aligned where it is required.

Qualitum is built, operated, and audited against the regimes that govern the next decade of regulated work.

ISO/IEC 27001
InfoSec Mgmt
SOC 2 Type II
Trust Services
ISO/IEC 27701
Privacy Ext.
GDPR
EU · By design
21 CFR PART 11
US FDA
EU ANNEX 11
EMA GxP
GAMP 5
ISPE
HIPAA
US healthcare
NIS2
EU cyber
DORA
EU finance
EU AI ACT
High-risk aligned
DIR. 2014/24/EU
EU procurement
Residual questions

Everything your InfoSec team will ask.

No — and not because of a contractual clause. Because the pipeline does not exist. Inference runs inside your tenant; model weights never leave it; there is no upstream channel to Qualitum. Even if we wanted to, there is nowhere for the data to go.

The deployment is yours under the perpetual licence — it keeps running. You retain all data, all audit logs, all configurations, and all fine-tune weights. We can offer a 90-day transition package where we hand over the knowledge-transfer documentation and detach from operational support; after that your platform keeps operating without us.

You do. Keys live in your KMS (AWS KMS, Azure Key Vault, GCP KMS, or your on-prem HSM). We configure the platform to use them; we never have access to the key material. If you revoke the key, Qualitum can no longer read your data — and neither can anyone else.

No. Qualitum engineers have no standing access to your tenant. Break-glass support requires explicit, time-bound, customer-approved access through your IAM — every session logged in your audit trail, not ours. Most customers never grant it.

Only if you choose a hosted LLM and only under the contractual terms you sign with them. Most regulated customers run inference through Azure OpenAI in their own EU data boundary, Bedrock in their own AWS account, Vertex in their own GCP project, or a self-hosted open-weight model — in which case no external provider sees anything. Every option is configurable per workflow.

The architecture is the privacy control. No telemetry egress, no shared inference, no cross-tenant data flow, RBAC enforced at retrieval. Data minimisation is enforced at ingest (we index only what you scope). DPIA templates and sub-processor inventory ship with the platform.

Yes. Fully air-gapped deployments are supported for defence, public-sector classified environments, and pharma facilities with strict network isolation. A self-hosted open-weight model runs locally; updates are shipped via signed, offline artefacts; no outbound network dependency exists.

Qualitum deployments classified as high-risk AI systems ship with a conformity-assessment-ready technical file: risk management documentation, data governance records, logging, human oversight configuration, and transparency artefacts. We align to the 2026 enforcement timeline.

Yes. Enterprise-tier customers receive full source access under the perpetual licence, with a signed SCA (source-code access) agreement. Your security team can review, pentest, fork, and extend the platform. Most customers do not modify it; all of them can.

Sev-1 incidents: 15-minute acknowledgement, 4-hour mitigation target, post-incident RCA within 5 business days. Sev-2 and Sev-3 scaled accordingly. Every incident reported to you within the NIS2 / DORA disclosure windows applicable to your jurisdiction.

Bring your InfoSec team. Bring your hardest questions.

Book a working session with a Qualitum security engineer. We will walk through the architecture, the audit trail, and the exact answers to the questions your CISO is paid to ask.

Book a call

Or email info@qualitum.ai