Many organizations think they are sovereign as soon as their data is hosted in the Netherlands. But hosting is just one layer. True control over an AI system goes deeper.
This article explains the layers that make up an AI system, why control over each layer matters — and how soev.ai addresses this.
The four layers of an AI system
An AI platform broadly consists of four layers, each with its own risks and control mechanisms.
Layer 1 — Infrastructure
Where does the software run? On which servers, in which data center, in which country? This is the layer that receives the most attention in the sovereignty debate — and rightly so. But it is not the only layer.
soev.ai runs in Dutch data centers operated by Dutch hosting partners. Data never leaves the Netherlands.
Layer 2 — Models
Which AI model processes your data? Is it a closed model from OpenAI or Anthropic, or an open-source model you can host yourself? And who has access to the parameters and training data?
soev.ai uses open-source language models that run in the soev.ai environment of your choice — Dutch cloud, your own cloud, or on-premise. You are not dependent on an API from an external company. If a model provider changes its policy tomorrow, you can simply switch to a different model.
Layer 3 — Data
What data do you feed in? Is that data stored? Is it used for training? Who has access to it?
At soev.ai, your data is never used for training models. You decide which data sources are connected, where processing takes place, and who has access.
Layer 4 — Application
How is the application built? Is the code transparent? Can you customize it to your needs? Are you locked into a vendor's roadmap?
soev.ai is fully open source. The code is auditable. You can adapt it to your organization. And there is no vendor lock-in — you can always migrate.
Why all four layers matter
Imagine: your data is in the Netherlands (layer 1 — good), but the AI model is from OpenAI and runs via an API (layer 2 — not sovereign). Then your data still leaves Dutch infrastructure the moment you send a query.
Or: you use an open-source model (layer 2 — good), but the application layer is built by an American company that you cannot audit (layer 4 — not transparent).
True control means control over all four layers. Not just hosting.
Flexibility as part of control
Control is not just about security. It is also about flexibility. Which model do you use? That should be your choice — and you should be able to switch. Which data sources do you connect? That should be your decision. How is the application configured? That should be something you can customize.
soev.ai is built to be cloud-agnostic. That means you can run it on Dutch cloud, on another European cloud, or fully on-premise in your own data center. The choice is yours.
Frequently asked questions
Can I run soev.ai on-premise?
Yes. For organizations with the highest security requirements, a fully on-premise deployment is possible. Contact us for a custom implementation plan.
Can I switch AI models?
Yes. soev.ai supports multiple open-source models. You can switch based on your needs and the availability of new models.
Is soev.ai auditable?
Yes. The source code is fully open source and available for audit. There is no black box.
Learn more
Want to know more about how soev.ai provides control at every layer? Visit soev.ai/en/security-compliance.
- Security and compliance: soev.ai/en/security-compliance
- Custom implementations: soev.ai/en/solutions/custom
- soev.ai for government: soev.ai/en/sectors/government