Sovereignty and security. By design.
The AEC-RE industry handles strategic data. Training public AI models with your intellectual property is out of the question. Security is not a feature of Vonbuild. It is the foundation of the OS.
Our architecture has been designed to meet the requirements of the most stringent CIOs, CTOs and legal departments. Here is how we protect your competitive advantage.
European sovereignty. Zero compromise.
Your data never leaves the European continent and remains protected from extraterritorial legislation.
Bare-metal hosting in Germany
Vonbuild's core infrastructure runs on dedicated bare-metal servers physically located in Germany. We do not use American cloud giants for the persistent storage of your critical projects. No shared virtualisation with other clients.
GDPR protection and zero Cloud Act
By choosing European infrastructure, your data remains under the exclusive jurisdiction of the GDPR. It is shielded from foreign government requests via laws such as the American Cloud Act. No FISA Section 702. Exclusive European jurisdiction.
Strict isolation and absolute confidentiality
Your intelligence is your property. It must never leak, neither to your competitors nor to public AI models.
Kubernetes Pod isolation
In traditional SaaS platforms, your data shares the same database as your competitors'. Not with us. Each company and each user runs in their own dedicated and isolated Kubernetes Pod. Network Policies physically block any communication between Company A's Pod and Company B's Pod.
No public training
This is a non-negotiable guarantee. None of your data (documents, drawings, queries) is ever used to train foundational AI models. Your data is only used to execute your tasks (inference) and is immediately forgotten by external models.
No private reading
The Vonbuild agent does not have global access to your mailbox. It only processes emails and documents that you have explicitly linked or routed to the project workspace. Your private correspondence remains private.
Total flexibility for maximum trust
We adapt to your security policy, not the other way round. Three levels of sovereignty to meet every requirement.
On-premise deployment
For absolute zero-trust control, we can deploy the entire Vonbuild OS directly on your own servers. Your data never leaves your physical infrastructure. Ideal for large groups and the most demanding public contracts.
LLM-agnostic: bring your own AI
Our platform is agnostic. Do you want to use a locally hosted open-source LLM model, or your own fine-tuned model? Connect your own API keys. You retain total control over the processing of your data. No prompt ever leaves your perimeter.
Internal connectors (MCP)
Does your company use an in-house ERP or legacy software? Our architecture team can develop bespoke connectors via the Model Context Protocol to allow our agents to operate your internal tools securely, respecting the access rights defined by your IT department.
On-premise deployment
For absolute zero-trust control, we can deploy the entire Vonbuild OS directly on your own servers. Your data never leaves your physical infrastructure. Ideal for large groups and the most demanding public contracts.
4 concentric layers of protection
Each layer adds a level of security. A breach in one layer is contained by the next.
Security at the heart of the process
The best security is that which integrates naturally into your experts' validation processes.
ConfirmRisky
The ConfirmRisky protocol
Ultimate responsibility remains human. Any sensitive agent action (sending an external email, financial approval, validation of an execution plan) is blocked by default until validated by a click from an authorised user. The agent prepares everything. The human decides and bears the responsibility.
Audit Trail
Legally enforceable audit trail
Every agent action and every human approval is logged with a timestamp, the validator's identity and full context. This complete traceability is designed to serve as evidence in the event of a dispute and to meet the highest compliance requirements. Immutable and exportable audit trail.
[1/6] Agent prepares action: Send chaser email to subcontractor Alu-Facades SA
[2/6] Risk classification: HIGH — External communication
[3/6] System blocks automatic execution BLOCKED
[4/6] Notification sent to jean.dupont@entreprise.fr PENDING
[5/6] Human validation received (jean.dupont, 14:32:07 CET) APPROVED
[6/6] Action executed and logged in the audit trail EXECUTED
Trace ID: cr_2026030914320700_alu-facades_email — Immutable, exportable, legally enforceable
Frequently asked questions about security
Everything your CIO needs to know before approving deployment.
Who has access to our data at Vonbuild?
Nobody. Each client's data is isolated in a dedicated Kubernetes Pod. Our engineers do not have access to client workspaces in production. Maintenance interventions require a formal authorisation process with full logging. In BYO-LLM or on-premise mode, we physically have no access to your data.
Are prompts sent to AI models retained?
In Pro mode, prompts pass through LLM provider APIs with enterprise options that disable retention and training. In BYO-LLM mode with local models, prompts never leave your environment. We recommend this option for the most sensitive documents.
Is Vonbuild compatible with public procurement requirements?
Yes. Hosting in Germany (EU), the absence of dependency on American cloud providers, per-user isolation, end-to-end encryption and GDPR compliance make Vonbuild compatible with most European public procurement specifications. For the strictest requirements, the consulting plan offers on-premise deployment.
How does the ConfirmRisky protocol work?
Any sensitive agent action (sending an external email, invoice approval, validation of an execution plan) is technically blocked until human validation. The agent prepares the deliverable, presents its reasoning and sources, then awaits your decision. Each validation is timestamped, identified and logged in an immutable, legally enforceable audit trail.
What happens if Vonbuild ceases operations?
Your data belongs to you. You can export all your documents, skills and Knowledge Graph at any time via the export API. In the event of cessation of operations, a 90-day period would be granted for complete export. Skills are in a standard, non-proprietary format.
Ready to audit the architecture?
Let us schedule an in-depth technical session with your IT and security teams. We will answer all your questions, line of code by line of code.