From small teams to enterprise - your data stays covered

A shield between your team and the AI they use

sitr (Arabic ستر - "to cover, to veil") sits between your employees and the AI models they use. Sensitive data is redacted before it ever reaches any AI provider, every prompt is logged for management, and you set the policies the AI must obey - for each employee, each department, or the whole company.

Prompt sent through sitr - hover or tap to reveal what's hidden

"Draft a contract for Ahmed Al-Falasi, Emirates ID 784-1990-1234567-8, IBAN AE07 0331 2345 6789 0123 456 - due next Thursday."

No employee behaviour change · Works with the models you already use

One layer, every kind of team

The same protection, whatever your size

From your first hire to your ten-thousandth, sitr scales to how your business already works - no rip-and-replace, no change to how your people use AI.

Startups

Move fast without leaking what matters. Get governed AI from day one - no security team, and nothing for your engineers to build or maintain.

Set up in minutes Pay for what you use

Small & medium business

Give the whole team the AI they want while customer and financial data stays under your control - and keep the audit trail on hand for whenever a client or regulator asks.

Per-team policies Full audit trail

Enterprise

Enforce policies across every department, bring your own models and keys, and self-host the entire stack so nothing leaves your environment - meeting the compliance bar your business is held to.

Self-hosted option Department controls

Any industry · Works with the AI models your team already uses

One catalogue, every major provider

Connect the models your team already trusts

Enable any of these from your admin dashboard, bring your own key, and let each team pick from what you've approved.

A Anthropic
O OpenAI
G Google Gemini
V Google Vertex AI
Az Azure OpenAI
B Amazon Bedrock
x xAI (Grok)
Gq Groq
M Mistral
C Cohere
DS DeepSeek
Ce Cerebras
P Perplexity
T Together AI
F Fireworks
DI DeepInfra

Self-hosted & any OpenAI-compatible model

Running your own model on your own servers? If it speaks the OpenAI API, sitr routes to it - your infrastructure, your weights, nothing leaving your network. Point sitr at the endpoint and it works alongside every provider above.

The problem

Your staff are already pasting company data into AI

Customer names, ID numbers, contracts, financials - copied into public chatbots with no visibility and no control. Blocking AI outright just pushes it into the shadows.

Data leaves the building

Sensitive PII (personally identifiable information) and business data flow straight to third-party providers, outside any policy or region you control.

Zero visibility

Management has no record of who asked what, when, or with which data - impossible to audit or govern.

Bans don't work

Prohibiting AI kills the productivity gains and drives usage to personal devices where you have even less control.

What sitr does

Governed AI access, without slowing anyone down

One layer that masks, routes, and records - so your team keeps the speed of AI while you keep control of the data.

Automatic data masking

An advanced detection engine identifies and replaces sensitive data before the prompt leaves your perimeter - customer names, ID and account numbers, contracts and more, in Arabic and English. The model gets a clean, tokenised prompt; the real values are re-inserted in the answer that comes back to your employee.

Full audit trail

Every conversation, prompt and access to unmasked data is logged for management - who, what, when, which model.

One router, every model

Every major AI model behind a single interface. Switch providers without changing how your staff work.

Admin & employee roles

Company admins configure policies, models and credentials; employees just chat. Department-level skills and rules included.

Your keys, in a vault

Bring your own provider credentials, stored encrypted with vault access logging. sitr never trains on your data.

Compliance built in

sitr is designed to help you meet the data-protection rules your business answers to - from HIPAA for health data to the UAE and Saudi personal-data-protection laws (PDPL). Masking, audit logging and regional hosting give you the controls and the paper trail regulators expect.

HIPAA UAE PDPL KSA PDPL Data residency Audit-ready

Core42 (UAE) by default

sitr connects to Core42's UAE-hosted models out of the box, so regulated traffic can stay inside the country - available right alongside every other provider.

Skills & policies at every level

Shape what your AI will and won't do using skills from a ready-made library, or write your own policies and enforce them for a single department or the whole company. And your employees can turn on any skill they need on the fly, right inside the chat.

Ready-made skills

Start from a predefined library of policy skills, no setup required.

Your own policies

Write custom rules and enforce them per department or company-wide.

Employee-picked in chat

Staff add any skill they need for the task, right in the conversation.

Tailored to your industry

Every business has its own sensitive data and its own rules. We work with you to adapt sitr's detection, policies and terminology to what your field cares about, so the protection fits how you actually operate - not a generic one-size-fits-all filter.

Finance
Healthcare
Legal
Government
Retail
& yours

How it works

Five steps, invisible to your team

1

Employee writes a prompt

They chat exactly as they would in any AI tool - no new habits to learn.

2

sitr redacts sensitive data

Names, IDs, IBANs and more are swapped for safe tokens before anything leaves your environment.

3

sitr enforces your policies

The skills and rules you set for that employee, department or the whole company are applied to the request.

4

The model answers

The provider only ever sees the masked, policy-shaped prompt and responds to that.

5

sitr restores & logs

Real values are re-inserted for the employee, and the full exchange is recorded for audit.

The same prompt, three points of view

Employee sees

"Contract for Ahmed Al-Falasi, ID 784-1990-…"

AI model sees

"Contract for [NAME_1], ID [EID_1]"

Management sees

Logged: user, model, applied policy, time, and every unmask event.

Built for peace of mind

The speed of AI, none of the exposure

If you're smart enough to worry about your data, you're already covered. Everything on this page adds up to one promise: your team moves at the speed of AI, and your sensitive data stays yours - kept where your business and its regulations require, and never used to train anyone's model.

You keep control of your data Host it in your own region Never trains any model Accountable on demand Regional rules, incl. the Gulf

0

raw data sent to AI models

100%

of prompts logged & auditable

16+

AI providers, one interface

Any

industry, size or region

Give your team AI - and give yourself the audit trail

See sitr masking real prompts against your own data in a 20-minute demo.

getsitr.com · No commitment