Sovereign AI by AOLC.

The models come to your data — not the other way around. All storage and inference inside South Africa.

AI That Doesn't Leave South Africa.

Sovereign AI by AOLC is a self-hosted artificial intelligence service for South African organisations whose data cannot cross national borders. AOLC runs open-weights models — Llama, Whisper, open vision LLMs — on infrastructure located in Johannesburg. No foreign AI APIs are on the data path. AOLC acts as Operator under section 20 of the Protection of Personal Information Act, 2013, while the client remains the Responsible Party.

Some workloads can't cross borders. Archives holding a century of institutional memory. Legal matter files under attorney-client privilege. Medical records, financial records, government records. For these, the standard answer — "send it to a US AI API and trust the contract" — is the wrong answer.

This is architectural sovereignty — not just contractual. If the law changes, the architecture still holds.

Book a Scoping Call
Sovereign AI inside South Africa

Five Guarantees.

The commitments we'd hold ourselves to, in writing, as Operator.

Data Residency

All storage and inference inside South Africa. No cross-border transfer. POPIA §72 grounds are not required because no transfer occurs.

No Third-Party Training

Your content is never used to train any commercial or foreign model. Open-weights models are invoked for inference only — weights are not updated using your data.

You Retain Ownership

Source material, derived metadata, transcripts, embeddings, and any models fine-tuned on your content remain your property. AOLC is Operator, not owner.

POPIA-Aligned Operator

AOLC processes data only on your documented instructions, as Operator under section 20 of the Protection of Personal Information Act. You remain the Responsible Party.

Fully Reversible

Exit on notice. On termination, all data is cryptographically erased and a certificate of destruction is issued. Portable in open formats at any point during the engagement.

Architectural, Not Contractual

Sovereignty is enforced by where the infrastructure sits and what the code does — not only by what the contract says. If the law changes, the architecture still holds.

How It's Built.

Every component sits inside the South African sovereignty boundary. No foreign SaaS AI provider is on the data path.

🇿🇦 South Africa Sovereignty Boundary

Your Environment

  • Source data
  • Finding aids / records
  • Authenticated workstations
  • SSO / identity (optional)
Data owner: you.

AOLC Orchestration VPS

  • Johannesburg region
  • Ingestion + API gateway
  • Per-tenant isolation
  • Immutable audit log
  • Encrypted at rest (AES-256)
  • TLS 1.3 in transit

Self-Hosted Models

  • SA-domiciled GPU compute
  • Vision LLMs (HTR / metadata)
  • Embeddings (semantic search)
  • ASR (transcription)
  • Open-weights only
  • No outbound training
Records in over HTTPS (tenant-scoped) → inference request over private network → structured JSON results back
Trust boundary: you retain ownership and control. AOLC acts as POPIA Operator. Data is processed, not harvested, and is destroyed on engagement exit.

What's Not on the Data Path.

The differentiator is defined as much by what we don't use as by what we do.

Foreign AI APIs we don't call

  • Anthropic (Claude) — US
  • OpenAI (ChatGPT, GPT-4) — US
  • Google Gemini / Vertex AI — US
  • Microsoft Azure OpenAI — US
  • AWS Bedrock — US
  • Any other foreign LLM API provider

What runs on the data path instead

  • Open-weights models — Llama family, Whisper, open vision LLMs, open embedding models
  • Self-hosted, in-tenancy — AOLC operates the inference endpoint, no third-party API calls
  • SA-domiciled infrastructure — orchestration and GPU compute both in Johannesburg
  • TLS 1.3 + AES-256 — encryption in transit and at rest
  • Immutable audit log — every inference call logged, exportable on request

Full sub-processor list and architecture detail available under NDA as part of the vendor onboarding pack.

What It Can Do.

The shape of what's possible when AI can reach your data without the data leaving the country.

📝

Metadata Drafting

Auto-draft catalogue entries, finding aids, or file-level metadata from scans and documents. Human reviewer approves or corrects.

📖

Handwritten-Text Recognition

Cursive English, Afrikaans, Dutch and other languages transcribed at scale. Useful for historical records, clinical notes, and older paper correspondence.

📷

Photograph & Image Analysis

Caption, cluster, and date previously unidentified images. Applies equally to archival photographs, evidence photos, and inspection records.

🔍

Semantic Search

Ask questions in natural language; the system retrieves relevant records across large collections. Embeddings stay inside the sovereignty boundary.

🎤

Transcription & Translation

Recorded interviews, oral histories, depositions, compliance call recordings — transcribed, translated between SA languages, and theme-tagged.

🛡

POPIA Redaction Assist

Flag likely personal information before a record is released. Human still makes the release decision; AI just makes the review faster.

Phases and Gates.

Every phase ends with an explicit decision point. Nothing rolls forward on inertia.

0

Discovery

Day 1

Workflow walk-through, pain-point mapping, architecture review, NDA. Exit: agreement on scope and success metric.

1

Onboarding

~2–3 weeks

Vendor registration with your IT function, POPIA Operator schedule signed, isolated pilot environment provisioned. Exit: approval to process the agreed scope.

2

Pilot

4–6 weeks

AI-assisted processing with human-in-the-loop review. Weekly written progress. Accuracy measured and recorded. Exit: joint go / no-go recommendation with evidence.

3

Exit or Expansion

Your decision

No-go: certificate of destruction, return of artefacts, case study published. Go: Phase 2 proposal through your standard procurement route.

Who It's For.

Sectors where data residency is a legal, regulatory, or professional obligation — not a preference.

Archives & Research

Institutional memory, heritage collections, research data. POPIA applies to personal information in living-person records; many collections sit under donor restriction. Research & Archives →

Government

Departments, municipalities, state entities. Data localisation pressure, POPIA obligations, and public-sector IT standards make cross-border AI a hard sell. Public Sector →

Legal

Matter file review, discovery redaction, contract summarisation. Attorney-client privilege and LPC rules make sovereignty a professional-duty question, not just a compliance one.

Medical

Patient records are special personal information under POPIA. HPCSA layers sit on top. AI that processes clinical data without leaving the country is the safer default.

Financial Services

Banks, insurers, FSPs, brokers. SARB, FSCA, FICA and POPIA together make data-path questions a board-level issue. Sovereign inference removes the cross-border question.

Your Sector

If your workload has a "must stay in South Africa" constraint — statutory, contractual, or reputational — talk to us. Tell us about it →

We've Done This Before.

AOLC builds and operates multi-tenant AI-powered platforms in production.

StaffWatch

A workforce-monitoring platform we built and run. Per-tenant SQLite isolation, AI-assisted activity categorisation, immutable audit trails, and a staff-facing acceptance workflow. Live, with paying customers. See StaffWatch →

ServiceDesk

Our in-house IT service-management platform. Multi-tenant on PostgreSQL, automated ticket routing, AI-assisted triage and summarisation, SLA engine, and native GRC module. See ServiceDesk →

These are examples of what we've built — evidence of delivery, not products we're trying to sell you here. Sovereign AI engagements draw on the same multi-tenant isolation, audit logging, and production AI integration muscle.

The models come to your data — not the other way around.

Architecturally, not contractually. If the law changes, the architecture still holds.

Frequently Asked Questions.

Direct answers to the questions that come up most often in scoping calls. The same answers are encoded as FAQPage structured data so AI search engines can quote them accurately.

What is Sovereign AI by AOLC?

Sovereign AI by AOLC is a self-hosted artificial intelligence service for South African organisations whose data cannot cross national borders. AOLC runs open-weights models — Llama, Whisper, open vision LLMs — on infrastructure located in Johannesburg. No foreign AI APIs (Anthropic, OpenAI, Gemini, Azure OpenAI, AWS Bedrock) are on the data path. AOLC acts as Operator under section 20 of the Protection of Personal Information Act, 2013 (POPIA), while the client remains the Responsible Party.

Where is the data stored when I use Sovereign AI?

All storage and inference takes place on South-African-domiciled infrastructure in Johannesburg. There is no cross-border transfer of data, so POPIA section 72 grounds for cross-border transfer are not required because no transfer occurs. Source material, derived metadata, transcripts, embeddings, and audit logs all remain inside the South African sovereignty boundary for the life of the engagement.

Does Sovereign AI use Anthropic Claude or OpenAI GPT?

No. Sovereign AI by AOLC does not call Anthropic, OpenAI, Google Gemini, Microsoft Azure OpenAI, AWS Bedrock, or any other foreign AI API on the client data path. This is an architectural constraint, not a contractual one. AOLC operates open-weights models in its own tenancy on South African GPU compute. The list of foreign providers excluded from the data path is published openly above.

Is Sovereign AI POPIA-compliant?

AOLC operates as Operator under section 20 of the Protection of Personal Information Act, 2013. The client (e.g. a university, law firm, government department) remains the Responsible Party and determines the purpose and means of processing. AOLC processes personal information only on the client's documented instructions, implements appropriate technical and organisational safeguards, notifies the client of breaches without undue delay, and assists with data-subject requests. Final POPIA compliance depends on the client's overall information-handling practices; Sovereign AI is designed to support, not replace, that compliance posture.

What models does Sovereign AI use?

Sovereign AI uses open-weights models hosted in AOLC's own tenancy. The current stack includes the Llama family for general language tasks, Whisper for speech-to-text, and open vision LLMs for handwritten-text recognition and image analysis. Embeddings for semantic search are generated by open embedding models. The full list of in-use models, with version numbers and licences, is shared with each client under NDA as part of the vendor onboarding pack.

Can my data be used to train other AI models?

No. Client content is never used to train any commercial or foreign model. Open-weights models are invoked for inference only — model weights are not updated using client data. This is a hard architectural constraint enforced by the inference pipeline, not solely a contractual promise. If a future engagement involves fine-tuning, the resulting model belongs to the client and remains inside the client's sovereignty boundary.

How do I exit a Sovereign AI engagement?

Engagements are fully reversible on notice. On termination, AOLC returns all client data — source material, derived metadata, transcripts, logs, and any fine-tuned model artefacts — in open formats (JSON, CSV, original file containers). All copies are then cryptographically erased from AOLC systems within 30 days, with daily encrypted backups destroyed alongside the primary data. AOLC issues a certificate of destruction to the client.

Who owns the data and the AI outputs?

The client retains sole ownership of all source material, derived metadata, transcripts, embeddings, and any models fine-tuned on client content. AOLC's role is that of Operator under POPIA section 20 — processing on the client's documented instructions, never as data owner. Ownership terms are codified in the engagement agreement before any data moves.

How is Sovereign AI different from Microsoft Copilot or ChatGPT Enterprise?

Microsoft Copilot and ChatGPT Enterprise route prompts and responses through Microsoft and OpenAI infrastructure, which sits primarily in the United States. Even where regional endpoints exist (e.g. Azure South Africa), the underlying provider is a US-headquartered company subject to the US CLOUD Act. Sovereign AI by AOLC runs on South-African-domiciled infrastructure operated by a South African company, with open-weights models and no foreign API on the data path. The difference is architectural — sovereignty is enforced by where the infrastructure sits and what the code does, not only by what the contract says.

What sectors is Sovereign AI built for?

Sovereign AI is built for sectors where data residency is a legal, regulatory, or professional obligation rather than a preference. Primary sectors include: archives and research (institutional memory, donor-restricted material), government (departments, municipalities, state entities), legal (matter file review, attorney-client privilege), medical (patient records as POPIA special personal information), and financial services (banks, insurers, FSPs subject to SARB, FSCA, FICA, and POPIA).

Book a Scoping Call.

Tell us about the workload and the constraints. We'll respond within one business day.