01How we work

We work with a few partners at a time.

DataSitr is for Saudi enterprises and institutions, by engagement — not self-serve. There is no free tier and no trial. We start with a focused pilot for the right partner, and an enterprise licence in SAR is where a successful pilot leads.

02The engagement

We start with a pilot.

A short, scoped pilot on your own data path — so the outcome is proven before any commitment. We take on a small number, with partners who are the right fit.

Selective

The pilot

A focused engagement, typically 2–4 weeks, scoped with you and run on your configured data path.

  • Scope and success measures agreed up front
  • Runs on your own data path — green / amber / red routing, in-Kingdom where configured
  • Direct founder support throughout
  • Commercial terms agreed before we start — a scoped engagement, not a free trial

// We take on a small number of pilots, with partners who are the right fit — there is no self-serve sign-up, no free tier, and no trial. After a successful pilot we move to an enterprise licence in SAR: production deployment, in-Kingdom or customer-hosted paths, and diligence support. Payment rails (PayTabs, HyperPay, STC Pay, mada) are scaffolded with no live keys in code.

03How the licence is priced

You pay for what you use.

An enterprise licence is denominated in SAR and usage-based. Your cost comes from automatic privacy routing, the AI provider, token usage, and any agreed per-route minimum. You pay for the requests and tokens you actually use.

Factor
Detail
Privacy route

Tokenized external routing can be cheaper; Saudi region (me-central-1) routing may cost more

AI provider

Provider token rates vary by model — passed through, not marked up

Token usage

Input + output tokens consumed per request

Route base charge

Optional per-request minimum per route — set in the rate card, not a hidden fee

04What's included

The platform baseline. On every engagement.

Engagement terms set limits, retention, seats, audit exports, and support. The privacy-gateway controls and live billing visibility are the same operating baseline underneath.

  • Three-lane PII detection + routing (green / amber / red)
  • AES-256-GCM encrypted vault with per-tenant derived keys
  • Retention flags configurable per engagement, up to the 2555-day Article 17 target; cleanup enforcement pending
  • Subject rights tooling is admin-authorized today; backend enforcement middleware remains pending
  • Multi-provider AI routing — Claude, GPT, Gemini, Llama, operator-configured Saudi region (me-central-1) paths
  • Customer dashboard with usage metering, rate limiting, and billing visibility
  • Live billing visibilitytoday's and this month's billable amount update in real time; per-request history breaks down lane, provider, and token counts; downloadable monthly statements are ready for procurement and finance.
  • Payment rails are scaffold-onlyPayTabs, HyperPay, STC Pay, and mada are abstracted behind a BillingProvider scaffold; no live keys are committed. Payment-provider code stays scaffold-only until pilot customer keys, signing, callbacks, and PCI scope are reviewed. Only super_admins can change rate-card settings.

Request a pilot → · Download Customer Evaluation Guide → · Download one-pager → · Read the whitepaper →

05On the commercial roadmap

Not yet — in writing.

Next investments on the commercial side — explicit and dated. None of these block a pilot today.

  • Contractual SLA (uptime guarantee)Not yet — pilot operates on best-effort basis.
  • SOC 2 report / ISO 27001 auditNot yet — internal controls are implemented, formal audit is planned.
  • Provider-level token streaming parity across every backendNot yet — API-level SSE streaming exists today, but backend depth still varies.
  • Dedicated support tiers (24/7, SLA-bound)Not yet — direct founder support during pilot.
  • Cross-cloud database replication and operator-directed failoverSaudi region (me-central-1) multi-region drill standby (GCP Dammam, me-central2) is provisioned and drill-rehearsed for DNS / GKE / TLS routing as of 2026-05-16; data-tier failover and full unplanned region tolerance remain operator-directed.
  • HSM / external key managementPartial roadmap item — KMS bootstrap exists, but steady-state external KMS/HSM custody is not yet the live claim.

Every line on this list is on the roadmap — and stated plainly until it ships.

See it work on your data.

A scoped pilot with the right partner, then an enterprise licence in SAR. No self-serve, no free tier, no trial.

Request a pilot → Talk to the founder →