Why a lock for AI

Sovereignty shouldn't cost you the frontier.

One conviction: using any model shouldn't cost you control of your data. Sovereignty is deciding where data goes.

A sluis is a canal lock. It holds back the sea while it moves the boat through.

Open both gates of a lock at once and the sea floods in. So a lock never does. It admits the boat into a sealed chamber, closes behind it, equalises the water, and only then opens ahead. Controlled passage. Nothing spills.

Sluis treats your data the same way. Every request enters a sealed chamber: inspected, routed under your residency policy, then handed to a model. The frontier on one side, your jurisdiction on the other, a gate between them, never a hole. Every passage is logged.

The frontierSealed chamberIn-regionPassage sealed in the ledger
Controlled passageNothing spillsEvery passage logged

Four convictions. Each one is wired into the product, not the pitch.

  • The best model AND the right jurisdiction

    These were never opposites. Never trade the best model for the flag. Sluis runs EU-sovereign anchors and frontier models (Claude, Gemini, Mistral) in EU regions behind one endpoint, with direct US and Chinese providers available on opt-in, and pseudonymization so the model never sees a name, number or secret.

  • Prove it, don't promise it

    A compliance claim you can't verify is a hope. Every call is sealed in a hash-chained ledger that you, or your auditor, can export and re-verify offline. Trust, then check.

  • Residency is a policy, not a hope

    Where data may go is a rule you declare and we enforce on every request: explicit regions, explicit fallback, a hard block if nothing qualifies. Not a setting you trust a vendor to honour.

  • Built in the EU, for the EU

    We answer to the same regulators you do. Sovereignty isn't a feature we bolted on for a market. It's the reason the company exists, and why the default is always EU-only until you decide otherwise.

Teams who answer to regulators.

The places where a single careless egress is a breach notification, and where "we think the data stayed in the EU" is not an answer anyone will accept.

Meridian BankDORA, bank secrecy, supervised data flowsBanking & finance
Stadt HealthPatient PHI, special-category GDPR dataHealthcare
Polder LegalPrivilege, client confidentiality, e-discoveryLegal
KadasterCitizen records, sovereignty mandatesPublic sector

Names shown are illustrative: placeholders for the kinds of teams Sluis is built for, not customer claims.

Where we're from

Built in Amsterdam. Run inside the EU.

Sluis is a Dutch company, anchored in Amsterdam and operated entirely on EU infrastructure. For a sovereignty product that isn't incidental; it's the point. The country a vendor sits in decides which laws can reach your data, and which government can compel it.

We surface the part other gateways hide: not just the region a model runs in, but who owns it, so EU-region-but-US-owned deployments carry their CLOUD Act exposure on the label, in the open.

of requests go only where your policy allows100%
base_url to switch: drop-in, OpenAI-compatible1
flat over list price: no seats, no minimums10%
Sluis B.V. · Amsterdam, EU-operated
Open roles

We're hiring across the EU.

Engineering, compliance, and go-to-market. Remote-first, Amsterdam-anchored. If sovereign infrastructure is the problem you want to spend years on, talk to us.

See open roles
Get in touch

Talk to a human.

Procurement, a security questionnaire, a signed DPA, a self-hosted Sluis Edge gateway: whatever your compliance team needs to say yes. No bot, no funnel.

hello@sluis.ai

Compliance shouldn't mean giving up the best models.

It should mean knowing exactly where they ran, and leaking nothing on the way. One base_url, any model your policy allows, every call sealed in a ledger you can hand an auditor.