Security & privacy

AI on your terms, and your data stays home.

Privacy isn't a setting you switch on — it's how AssistantGeneral is built. By default nothing leaves your machine, and for organisations there's a control plane your IT team actually runs.

AES-256
Encryption at rest, GCM mode
0
Mandatory telemetry calls
100%
Core capability available fully offline
Append-only
Audit log, tamper-evident
On every machine

Private by default, not by promise.

These protections apply to the everyday single-user app, before any enterprise add-ons.

Local-first by default

The default model runs on your hardware via llama.cpp. Cloud providers are opt-in, per task — never required.

No mandatory telemetry

No usage tracking and no background calls home. What happens on your machine stays on your machine.

Encryption at rest

Sensitive data is encrypted with AES-256-GCM, with an optional PIN lock on the app itself.

Append-only audit log

A tamper-evident record of activity, with automatic retention purge so you keep only what you need.

Sandboxed tools

A sandboxed working folder and a three-tier permission model mean risky actions always ask first.

Air-gap ready

Designed for network-restricted and fully offline environments — no runtime cloud dependency at all.

01For IT departments

The one AI tool your IT can actually allow.

For organisations, AssistantGeneral comes with an admin console that runs on your own server. IT sets up sign-in, decides exactly what each team can use, and sees a full activity record, all without a vendor cloud.

01

One sign-in

Staff log in with the company account they already have. New starters and leavers sync automatically.

SSO via OIDC and SAML; automated SCIM provisioning.

02

Exact permissions

Decide which models, tools, data, and even screens each team can use. The rules are enforced on every computer.

Fine-grained RBAC pushed to managed clients and enforced locally.

03

Full record

See what was used across the whole organisation, from one console, for compliance and peace of mind.

Fleet-wide audit aggregation; shared knowledge bases; modular UI presets.

For regulated work

Compliance that comes from the architecture.

GDPR by architecture

Run locally, all prompts, documents and history stay on your infrastructure. No data-processor relationship with us, and no DPA to negotiate.

Sovereign & air-gapped

The Government edition packages the full control plane for on-prem, air-gapped deployment with fleet-wide policy and audit.

Bring it to your security team.

Pilot deployments and security questionnaires are handled by the people who built it. The full architecture is documented for review.

Talk to the team that actually builds the software.

Pilot deployments, volume licensing, product demos, security questionnaires — all handled by engineers and product leads, not a routing layer. We respond within one business day.

Schedule a discovery call
Half-hour walkthrough with someone who built the product — no sales script.
Run a pilot deployment
Full-feature evaluation with guided install, configured for your environment.
Email us directly
sales@royalsoftworks.com — we respond within one business day.

Send us a message

Leave your details and we'll follow up within one business day.