Data Sovereignty and LLM Provider Routing
Control where your data goes
When your application sends a prompt to an LLM provider, that data crosses infrastructure boundaries. SAIG enforces provider residency rules before every request — ensuring data only reaches providers that meet your sovereignty requirements.
Sovereignty modes
- Standard — route to any configured provider
- EU-Only — only providers with verified EU data residency
- Swiss-Only — only providers with Swiss data residency
- Air-Gapped — no external provider calls permitted
- Custom — tenant-defined residency rules for specific requirements
Provider routing
SAIG routes requests across OpenAI, Azure OpenAI, Anthropic Claude, and Google Gemini. Circuit breaker with automatic failover ensures resilience. Per-tenant rate limiting and budget controls provide cost governance.
Fail-closed enforcement
If a provider’s residency cannot be verified or does not match the active sovereignty mode, SAIG denies the request. There is no permissive fallback — unknown residency means blocked egress.
SAIG provides runtime controls, policy enforcement, audit evidence, and compliance-supporting workflows. It does not constitute legal advice, certification, or a guarantee of regulatory compliance.
Frequently Asked Questions
Can I restrict AI traffic to EU-only providers?
Yes. SAIG EU-Only sovereignty mode ensures requests only reach providers with verified EU data residency. Non-compliant egress is blocked.
What happens if the preferred provider is unavailable?
SAIG uses circuit breaker with automatic failover to route to the next available provider that meets sovereignty requirements.
Can different tenants have different sovereignty rules?
Yes. Sovereignty mode can be configured per tenant, allowing different teams or business units to have different data residency requirements.