Sovereign by design
Sovereign GRC — your data, your jurisdiction, your control
For regulated and public-sector organizations, where data is stored, processed and governed matters as much as the controls themselves. HAiCapita is sovereign by design: the exact same platform runs as multi-tenant SaaS or as a fully air-gapped on-premise deployment — selected by a deployment profile, not a different product.
The air-gapped build has zero external egress and no phone-home: entitlements come from a cryptographically signed offline license verified locally with a pre-distributed public key. Nothing about your compliance program leaves your network.
Two deployments, one codebase
SaaS for speed and zero maintenance, or air-gapped on-premise for total isolation — the same features, the same UI, the same audit trail. No feature-stripped 'on-prem edition', no surprise cloud dependency in the isolated path.
Tamper-evident by construction
Every state-changing action is hash-chained into a write-once-read-many (WORM) audit lake, so tampering is detectable and audit records are never altered or deleted. Sessions are token-mediating (no usable token in the browser) and every request runs a default-deny authorization check.
Jurisdiction-aware
Data and AI operations pass through a sovereignty engine where the tenant's jurisdiction (EG / KSA / QA / UAE) drives behavior — so the platform adapts to the rules that apply to you, rather than forcing one global default.
Frequently asked questions
Does the air-gapped version phone home?
No. The air-gapped deployment has no external egress and no telemetry leakage. Licensing is offline: a signed license file is verified locally against a pre-distributed public key, and renewal is by importing a new license file.
Can partners deliver HAiCapita to their own clients?
Yes. Partners and MSPs can issue, renew and revoke time-boxed client licenses, white-label the platform and deliver to multiple clients — including air-gapped delivery.