/* ============================================================ PAAI — Private Agentic AI. The privacy section. Sits as section 02, replacing prior services index. ============================================================ */ const PAAI_CAPABILITIES = [ { code: "C01", label: "Local LLM Inference", desc: "Open-weights models hosted on client-owned hardware. Deployments may be air-gapped or perimeter-bound. Prompts, embeddings, and inference traffic remain inside the client environment.", tags: ["Llama / Mistral / Phi / Qwen", "vLLM · TGI · llama.cpp", "GPU · CPU · NPU", "Air-gap mode"], }, { code: "C02", label: "Private Transport Layer", desc: "Hardened mTLS 1.3, zero-trust network access, and a perimeter-bound service mesh. All inter-service traffic is mutually authenticated, encrypted in transit, and recorded for audit.", tags: ["mTLS 1.3 · ZTNA", "WireGuard / IPsec", "HSM-backed PKI", "Service mesh"], }, { code: "C03", label: "On-Prem AI Harness", desc: "The full agentic stack — planner, tool routing, memory, evaluation, and audit — deployed inside the client VPC, data centre, or sovereign cloud environment.", tags: ["Agent orchestration", "Eval harness", "Audit trail", "Tool sandbox"], }, { code: "C04", label: "Private Cloud Rollout", desc: "VPC-isolated deployments across AWS, Azure, GCP, and sovereign cloud providers. Customer-managed keys, private network links, and region-bound residency are configured per engagement.", tags: ["VPC · PrivateLink", "CMK / BYOK / HYOK", "Sovereign regions", "Confidential compute"], }, ]; const PAAI_STANDARDS_PRIVACY = [ ["P / 01", "GDPR · UK GDPR", "Lawful basis · DPIA · Art. 22", "Active"], ["P / 02", "ISO/IEC 27701", "Privacy information management", "Aligned"], ["P / 03", "ISO/IEC 27018", "PII in public clouds", "Aligned"], ["P / 04", "ISO/IEC 27017", "Cloud security", "Aligned"], ["P / 05", "SOC 2 Type II", "Trust services criteria", "Aligned"], ]; const PAAI_STANDARDS_CRYPTO = [ ["C / 01", "ISO/IEC 27001", "Information security mgmt", "Aligned"], ["C / 02", "NIST SP 800-53 r.5", "Security & privacy controls", "Aligned"], ["C / 03", "FIPS 140-3", "Cryptographic module validation", "Aligned"], ["C / 04", "Common Criteria EAL4+", "Evaluated assurance level", "Available"], ["C / 05", "UK Cyber Essentials+", "Government baseline", "Active"], ["C / 06", "NIST SP 800-208", "Stateful hash-based signatures", "Aligned"], ["C / 07", "NIST PQC · ML-KEM / ML-DSA", "Post-quantum cryptography", "Deployed"], ]; const PAAI_PRINCIPLES = [ { n: "Ø1", h: "Data sovereignty by default.", p: "PAAI engagements operate on the principle that client data does not leave the client perimeter. The architecture is designed to enforce this position from the outset, not to mitigate exposure after the fact.", }, { n: "Ø2", h: "Open weights. Owned weights.", p: "Open-weights models that can be audited, fine-tuned, versioned, and operated without vendor dependencies. Closed-API integrations remain available where appropriate but are not the default deployment path.", }, { n: "Ø3", h: "Post-quantum readiness as standard.", p: "ML-KEM and ML-DSA (NIST PQC) are deployed alongside classical ciphers from the first commit. Harvest-now, decrypt-later is treated as an active threat model, not a future contingency.", }, ]; function Privacy() { return (
03 / Privacy
PAAI PRIVATE · AGENTIC · AI

Private Agentic AI.
Your data, your rules.

PAAI — Private Agentic AI — is our framework for AI systems that operate within the client perimeter. The architecture combines local LLM inference, private transport, on-premise inference harnesses, and private-cloud deployments. It is designed for organisations whose regulatory, contractual, or operational requirements preclude the use of third-party inference services.

{/* ---- PRINCIPLES (3-up manifesto) ---- */}
{PAAI_PRINCIPLES.map((p) => (
{p.n}

{p.h}

{p.p}

))}
{/* ---- CAPABILITY GRID (4-up) ---- */}
{PAAI_CAPABILITIES.map((c, i) => (
{c.code} 0{i + 1} / 04

{c.label}

{c.desc}

    {c.tags.map((t) => (
  • {t}
    • ))}
))}
{/* ---- STACK + RADAR + GAUGES ---- */}
Six architectural layers. Each is independently auditable, substitutable, and remains within the client perimeter.
Comparative threat-surface profile. PAAI deployments reduce exposure across all evaluated dimensions.
ML-KEM and ML-DSA (NIST PQC, 2024) are deployed alongside classical ciphers from the first commit. Post-quantum readiness is the default configuration, not a subsequent upgrade.
{/* ---- COMPLIANCE — twin compact tables ---- */}

Privacy Compliance.

Active Aligned Available Deployed
I · Privacy & data protection {PAAI_STANDARDS_PRIVACY.length} entries
{PAAI_STANDARDS_PRIVACY.map(([id, name, desc, status]) => (
{id}
{status}
))}
II · Security & cryptography {PAAI_STANDARDS_CRYPTO.length} entries
{PAAI_STANDARDS_CRYPTO.map(([id, name, desc, status]) => (
{id}
{status}
))}
{/* ---- BIG STATEMENT ---- */}
PAAI
Private · Agentic · AI
STATEMENT · R-PAAI / 2026

We don’t use your data to train any model.
Including ours.

Every PAAI engagement carries a contractual zero-training, zero-retention clause. Inference runs inside the client perimeter, logs are encrypted under client-managed keys, and no traffic is used to train any model — by ROZUMCODE, by our vendors, or by any downstream party.

Commission a PAAI assessment
); } Object.assign(window, { Privacy });