00% SCROLL
Reference · Last updated 1 July 2026

Sovereign AI glossary

The core vocabulary of sovereign, on-premise AI for regulated European teams — what each term means, and how it differs from the ones it is most often confused with. Plain definitions, no marketing.

Sovereign AI

AI in which the models, data and processing stay under the control and jurisdiction of the organisation using it. In an EU context it means AI that runs under EU law, on infrastructure the organisation owns or genuinely controls, with nothing sent to a third party or used to train an external model in normal use.

Data residency

A requirement or guarantee that data is stored and processed in a specific location or jurisdiction — for example, entirely within the EU. It is narrower than sovereignty: residency is about where data physically sits, while sovereignty is about which laws and which parties can compel access to it.

On-prem inference

Running an AI model’s inference — the step that turns an input into an output — on servers the organisation operates itself, inside its own network or data centre, rather than by calling a hosted external API. Prompts and documents never leave the perimeter to be processed.

GDPR Art. 44 transfers

Under Article 44 of the GDPR, transferring personal data to a country outside the EU/EEA (a “third country”) is only lawful if the safeguards in Chapter V — such as an adequacy decision, standard contractual clauses or binding corporate rules — are in place. Sending personal data to a non-EU AI provider can itself be such a transfer.

EU AI Act

The European Union’s Regulation (EU) 2024/1689 on artificial intelligence — the first comprehensive AI law. It classifies AI systems by risk (unacceptable, high, limited, minimal) and, especially for high-risk systems, places obligations on providers and deployers: documentation, logging, human oversight and risk management. It was adopted in 2024 and applies in phases.

Confidential computing

A hardware-based technique that protects data while it is being processed (“in use”) by running the computation inside an isolated, encrypted region of memory called a trusted execution environment (TEE). It complements encryption at rest and in transit by keeping data protected even from the host operating system and the cloud operator during processing.

Air-gapped

A system or network that is isolated from external networks, including the public internet. An air-gapped AI deployment runs entirely inside that isolated environment, so data cannot leave and no external service can be reached — the strongest form of a no-egress deployment.

Zero data egress

A deployment property in which no data — prompts, documents, outputs or logs — leaves the organisation’s network boundary in normal operation. Because all processing happens inside the perimeter, there is no outbound transfer to a third-party service to audit or to trust.

These principles are the foundation of Diana — the sovereign AI workspace for regulated European teams, where specialist agents produce finished, cited documents inside your own perimeter.

See the product →See the security model

Related reading: What is sovereign AI? · The architecture