DataSitr — Saudi AI Privacy Gateway

02The problem

AI is already inside your organization. The data going into it isn't yours to lose.

One click

An employee pastes a customer file into ChatGPT to summarize it faster.

That data just left the Kingdom — and your control — in one click.

Hidden instruction

An AI assistant reads a document carrying a hidden instruction,

and quietly returns information it was never meant to reveal.

You can't ban AI. You can put a layer in front of it.

03The suite

One layer. Three jobs — one we offer today.

The AI Privacy Gateway is available now; Data Sitr Shield and Adversarial Prompt Protection are in development. They share one premise: reduce the risk you can, and contain the risk you can't.

Live

AI Privacy Gateway

Detected sensitive data is tokenized before model calls.

It sits on the wire between your people and any AI model — finds Saudi PII in the prompt, swaps it for typed tokens, and routes by sensitivity before anything leaves.

On-the-wire interception of prompts to ChatGPT, Claude, Gemini and others. An Arabic + English recognizer detects National ID, Iqama, IBAN, Saudi phone numbers and names, replaces each with a typed token (‹SAUDI_ID_01›), and routes by lane: green (tokenized), amber (pseudonymized to operator-configured in-Kingdom paths), red (raw kept in-Kingdom or blocked). Tokens are rehydrated only inside your boundary.

Access leading AI models across 6 providers, including tenant-configured Saudi-hosted paths such as HUMAIN. Provider endpoints are operator-configured provider endpoints; eligible external calls use typed placeholders before external processing. Pseudonymized. Routed to operator-configured in-Kingdom AI paths. Raw. Routed only to configured in-Kingdom paths or blocked.

See detector benchmarks →

On the roadmap

In development — not offered yet.

Data Sitr Shield (on-device DLP for the browser / GenAI channel) and Adversarial Prompt Protection (layered defense against prompt injection) are in active development. They are not yet available to pilot or purchase, and we make no claim that they are. We'll list them here — with their limits in writing — only once they're ready. Today, the AI Privacy Gateway is what we offer.

// The AI Privacy Gateway is the control you can verify today. Data Sitr Shield and Adversarial Prompt Protection are in development and not yet offered. We'll never blur that line.

// Current test count is published in the trust report. Live posture, dated proof limits, and benchmark snapshots are published on Trust, Status, Benchmark, and /trust-report.

04See it work

Don't take our word for it. Watch it on a message.

Pick a synthetic Saudi message and run the gateway. Watch the sensitive parts become tokens before anything leaves.

Prompt to external AI Synthetic data

Synthetic example data only. Synthetic values, shown for illustration — never your data, never a free-text box. Detector accuracy is measured on the benchmark page →

05The guarantee

We won't promise the AI can never be tricked. We'll promise your data is tokenized before the model can ever leak it.

Prompt injection is unsolved — industry-wide. Anyone claiming every attack is blocked is selling you a story.

So we built the protection where it can actually hold: at the data layer, not the model's goodwill.

Screening the input and scanning egress reduce the risk. The hard gate — keeping protected tools, approvals, and irreversible actions behind a check the model can't bypass — is on our roadmap, not something we claim to enforce today.

Honesty isn't our disclaimer. It's the product.

06The limits — in writing

What we can't do.

We'd rather lose a deal than win it on a promise we can't keep. So here's the honest boundary of the product:

We can't guarantee zero prompt injection. No one can — it's unsolved industry-wide. Screening and egress checks reduce the risk; the model-independent gate for protected tool-use is on our roadmap, not a control we offer today.
We can't protect data we never see. The gateway acts only on what passes through it — not every exfiltration path, and not data it never sees.
We can't claim a certification we haven't earned. NDGP: registered, not licensed. We hold no AI accreditation or licence today, and we won't name one until it's actually issued.

The vendors who promise everything are the ones to worry about.

07Why it holds up

Built in the Kingdom. Every claim backed by something you can check.

Foreign security vendors route your data through their world. We were built inside yours — your data, your law, your soil, by a team accountable here.

PDPL DPO Registered #3260005651

PDPL Aligned Art. 5–24

NDGP Registered Not licensed

In-Kingdom Hosted Saudi cloud · SCCC

NDGP-registered data services provider — not licensed. Registered DPO #3260005651, in-Kingdom on Saudi cloud (SCCC), PDPL-aligned.

Trust & evidence → · Detector benchmarks → · Compliance & controls → · Where data goes →

Adopt AI without surrendering your data.

The AI Privacy Gateway — honestly built, in-Kingdom. More layers are in development, and we'll name them here only when they're ready.

Request a pilot → Read the full trust & evidence pack →

Your data.Your Kingdom.