Retrieval-augmented AI that never leaves your perimeter
Ground your agents in your own documents, tickets, and databases — with embeddings, vector storage, and retrieval that run entirely inside your VPC, on-prem, or air-gapped network.
- Embeddings computed in your environment
- Permission-aware retrieval
- Cited, reproducible answers
- No data sent to third parties
Every layer stays inside your walls
A RAG pipeline touches your most sensitive content at every hop. We close each one so nothing escapes the perimeter.
In-perimeter embeddings
Open or self-hosted embedding models run on your hardware or in your VPC — your text is never sent out to be vectorized.
Self-hosted vector store
The index lives in your environment with encryption at rest. No external SaaS holds your knowledge base.
Permission-aware retrieval
We carry user identity and ACLs through to query time and filter candidates before ranking — no document leaks to the wrong reader.
Citations & retrieval traces
Every answer cites its sources, and the full query-to-chunk trace is logged for reproducibility and audit.
Air-gapped capable
The entire pipeline can run with no internet egress for the most sensitive classifications.
Freshness & deletes
Change-driven sync re-embeds only what moved and propagates deletes and revocations so stale or pulled docs drop out.
From scattered sources to grounded answers
A measured path that treats your data as the crown jewels it is.
Map & classify
Inventory the sources, their access models, and data classifications so we design retrieval around real entitlements.
Ingest in place
Chunk, embed, and index inside your environment, preserving source-system permissions on every chunk.
Retrieve & ground
Permission-filter, rank, and feed only authorized context to the model, with citations attached.
Evaluate & maintain
Score answer quality and grounding, then keep the index fresh as your sources change.
Public RAG endpoints quietly exfiltrate your knowledge
The fast way to ship RAG is to pipe your documents to a hosted embedding API and a managed vector database. That convenience means your proprietary content — contracts, source code, patient records, deal memos — leaves your control to be processed and stored by someone else.
We build the opposite: a closed loop where embeddings, the index, and retrieval never cross your boundary. Identity flows end to end, so the system can only return what the asking user is already entitled to see.
- No documents sent to external APIs
- Identity carried to query time
- Encryption at rest for the index
- Optional zero-egress operation
Public RAG vs. private RAG
Where your sensitive content actually goes — and who can see it back.
| Public RAG endpoint | Automatic.co private RAG | |
|---|---|---|
| Embeddings | Computed by a third-party API | Computed in your VPC or on-prem |
| Vector store | Hosted SaaS holds your corpus | Self-hosted, encrypted at rest |
| Access control | Often ignored at retrieval | ACL-filtered before ranking |
| Provenance | Opaque | Citations + full retrieval trace |
| Egress | Required | Optional zero-egress / air-gapped |
Frequently asked questions
Does my data leave our environment to be embedded or retrieved?
No. Embeddings, the vector index, and retrieval all run inside your VPC, on-prem, or air-gapped network. Documents are never shipped to a third-party indexing service, and nothing is retained outside your perimeter.
How does RAG respect our existing access controls?
Retrieval is permission-aware. We carry each user's identity and entitlements through to query time, filter the candidate set by ACLs before the model ever sees a chunk, and never let a document surface to someone who couldn't open it in the source system.
Can you prove what the model actually used to answer?
Yes. Every answer carries citations back to the exact source chunks, and we log the full retrieval trace — query, candidates, filters applied, chunks selected, and model version — so any response is reproducible and auditable.
How do you keep the index fresh and prevent stale or leaked context?
We sync from your systems of record on a schedule or via change events, re-embed only what changed, and propagate deletes and permission revocations so a removed or reclassified document drops out of retrieval promptly.
Ground your agents without giving up your data.
Bring a corpus and an access model — we'll map a private RAG architecture that keeps every chunk inside your perimeter.