Private AI

What is private AI — and why serious organisations insist on it.

Private AI is artificial intelligence that runs inside your organisation's own security boundary — your data stays under your controls, your prompts and outputs are never used to train public models, and every access is logged and auditable. It's the difference between putting company knowledge into someone else's product and owning an AI capability of your own.

The definition

Four tests that make AI “private”.

“Private AI” gets used loosely. We hold it to four concrete tests — if any one fails, what you have is a public tool with your data in it:

TEST 1 · DATA BOUNDARY

Your data stays inside your controls.

Documents, records and knowledge bases live in an environment governed by your access rules and data-residency requirements — not scattered across consumer accounts.

TEST 2 · NO TRAINING LEAKAGE

Nothing trains public models.

Prompts, documents and outputs are contractually and technically excluded from model training. Your competitive knowledge never becomes everyone's model.

TEST 3 · GOVERNED ACCESS

Access is controlled and logged.

Who used AI on what, when, with which data — answerable from the record. That's what makes AI defensible to a board, an auditor or a regulator.

TEST 4 · YOUR RULES ENCODED

The AI works to your policies.

Safeguards, house standards and human-approval gates are built into the system itself — so quality and compliance don't depend on every user prompting carefully.

Why it matters now

Your team is already using AI. The only question is on whose terms.

In most organisations, staff quietly paste work into consumer AI tools because the productivity gain is real. The knowledge in those prompts — client details, pricing, unreleased work — leaves your boundary with them. Banning AI doesn't stop this; it just keeps it invisible.

Private AI is the grown-up answer: give your people AI that's better than the consumer tools — grounded in your own knowledge, integrated with your systems — inside a boundary you control. Adoption goes up, exposure goes down, and the capability compounds as yours.

Who insists on private AI

Organisations whose data is the business or whose sector is regulated: professional services carrying client confidentiality, healthcare, education providers under quality frameworks, financial services, government and iwi organisations with data-sovereignty obligations, and any firm whose bid library, formulas or research is its moat.

Private AI, as a service

How Supahuman delivers it.

Private AI is our default architecture, not an enterprise add-on. Every application and AI agent we build runs on it: hosted on AWS in Australia, ISO 27001 / NZISM-aligned controls, layered safeguards at platform and model level, and human-approval gates where the stakes demand them.

And because we run what we build as a managed service, the privacy posture is maintained for you — models updated, safeguards tuned, logs kept — rather than decaying after a consultant leaves.

See what we build →
Sovereignty-aware hosting

AWS Australia data residency for ANZ customers, with the controls documented in our Security Statement.

Best model for the job

Private doesn't mean weaker. We route work to leading frontier models under enterprise no-training terms — you get frontier capability inside your boundary.

Proven in regulated sectors

The same architecture runs VETos for audited education providers and the systems in our case studies.

Common questions

Is private AI the same as self-hosting a model?

No — self-hosting is one implementation, and usually the wrong first one: you inherit weaker models, GPU bills and an ops burden. Private AI is about the boundary, not the plumbing: frontier models consumed under enterprise no-training terms, inside an environment you govern, can pass all four tests above while staying at the frontier of capability.

Isn't the enterprise tier of a chatbot enough?

It fixes the training-leakage problem and little else. It doesn't ground answers in your knowledge, encode your policies, integrate your systems or log activity in a form your auditor can use — and it leaves quality dependent on each employee's prompting. Private AI as we build it is an application layer, not a subscription tier.

Does private AI meet New Zealand and Australian data requirements?

That's the design goal: ANZ data residency on AWS Australia, ISO 27001 / NZISM-aligned controls, and contractual terms documented in our legal centre. Specific obligations (health data, government classifications, iwi data sovereignty) are assessed per engagement — bring yours to the first conversation.

What does private AI cost?

Engagements are structured as a build fee in small committed blocks, then a monthly subscription that covers hosting, monitoring, support and improvement — sized to the system, not per seat. Our approach explains the model; talk to us for numbers against your use case.

Ready to bring AI inside the boundary?

Tell us what your team is already pasting into chatbots. We'll build the private version.

Start a conversation

Related: AI agents for business · AI for governance, risk & compliance · Security Statement · All case studies