What is Sovereignty by Choice™ in this context?

As of 2026, bayata Nexus™ operates as a sovereign control layer that governs the AI, cloud, and legal path while keeping sensitive operations under customer jurisdiction.

How does the system architecture support compliance expectations?

The architecture supports compliance reviews through customer-controlled boundaries, policy-driven processing tiers, and evidence-aware operational design aligned to GDPR/AVG and regulated deployment requirements.

Who should request a technical audit?

Security, engineering, and compliance stakeholders should request a sovereignty assessment when they need architecture-level validation before procurement or legal sign-off.

Will this lock us into one cloud provider?

No. Nexus keeps governance controls consistent while allowing provider and deployment path pivots as legal, risk, or operational requirements change.

How is CentralVeri different from Nexus?

Nexus governs sovereignty operations and compliance execution. CentralVeri focuses on integrity, verification, evidence, and traceability across the intelligence path.

A bayata Nexus™ sovereignty solution

Sovereignty by Choice™

Deploy enterprise AI in regulated environments without exposing sensitive intent to external platforms. Keep jurisdictional control, reduce compliance risk, and preserve performance.

Nexus is bayata's sovereign control layer for AI, cloud, and legal governance - giving organizations one architecture to run, secure, and prove compliant operations end-to-end.

Book Sovereignty Assessment See 3 Deployment Paths

Designed for regulated industries and sovereignty-first infrastructure programs.

Pilot-ready path with technical assessment scope in approximately 30 days (project scope dependent).

Compliance readiness checklist aligned to GDPR, NIS2, and enterprise governance reviews.

bayata Nexus™ · bayata.nl

Who it is for

Start with your role. Each path uses the same sovereignty architecture, but the outcome and review lens differ.

CISO / security leadership

Reduce data-exposure risk while keeping AI utility. Establish clear control boundaries for cloud providers and operators.

Book Sovereignty Assessment

CTO / engineering

Run AI workloads with predictable architecture choices, deployment paths, and performance tradeoffs your team can operate.

See 3 Deployment Paths

Compliance / legal

Document jurisdictional control and evidence handling with one accountable architecture for audits and board review.

Book Sovereignty Assessment

The illusion of cloud privacy

Standard AI integrations are a one-way street. Every prompt you send to a public LLM creates a permanent shadow of your intellectual property in a jurisdiction you do not control. Whether it is R&D formulas or manufacturing logs, once it leaves your VPC, it is no longer yours.

Risk

IP dilution: your R&D intent becomes signal for platforms your competitors use.

Regulatory

GDPR, NIS2, and the EU Data Act turn standard cloud AI into a legal liability.

Geopolitical

Law can change access overnight. Your models and data need a jurisdictional pivot.

Legacy cloud AI = jurisdictional risk.

Architecture

Two systems, one platform

The bayata Nexus™ is built from two independent concerns you can reason about separately: how data is protected before it leaves your control, and where the software runs. Same Hybrid Data Pipeline, different Three-Box Infrastructure layouts per deployment path.

Nexus protects and governs the AI, cloud, and legal path. CentralVeri protects the intelligence and evidence path.

Step 1

Classify request sensitivity and apply the right policy tier before anything leaves your boundary.

Step 2

Mask sensitive terms and route through the selected deployment path (cloud-first, hybrid, or sovereign).

Step 3

Restore approved context on your side and log compliance-ready evidence for operations and audit review.

How · software

Hybrid Data Pipeline

A tiered wash, not an on/off switch. Tokenisation, cryptographic sharding where applicable, and noise injection are composed per request according to your Sensitivity Policy in the Cockpit. Raw proprietary content becomes mathematically incomplete instructions for the cloud; the token map stays where you put it.

Plain English: each request is cleaned in stages so cloud models can reason without seeing your raw sensitive language.

Where · infrastructure

Three-Box Infrastructure

The physical and network layout: on-premise master node, secure link, sovereign cloud node, combined differently in each option. Pipeline engineers work on scrubbing rules; network engineers work on VPN and topology. Neither substitutes for the other.

Plain English: your team chooses where each control runs so legal, security, and latency requirements can be balanced.

Schematic

Not every option includes every box. See deployment paths below.

What they see is noise. What you see is progress.

Nexus Scrubber™ dismantles context at the edge. The cloud receives mathematically valid queries that are contextually empty.

Raw input: internal VPC

PROMPT: Optimize Alloy-77 at 1450C.

Nexus™

Processing via bayata Scrubber™

Ghost data: cloud relay

TOKENISED: Optimize [SECRET_ID_12] at [SECRET_ID_07].

What the Cloud sees is mathematically useless noise. What your team sees is the future.

or try your own line below

Try your own prompt

Type a sample line (ops, R&D, scheduling). This page shows an illustration of what would cross the wire. Nothing is sent anywhere; it runs only in your browser.

The preview applies a simple in-browser mask so you can see the shape of a tokenised line. It is not the real Nexus™ tokenisation used in production, which we do not ship to browsers for security reasons.

Your text

What the cloud would see

Type or paste above to preview the tokenised view.

How a request crosses the Nexus™

Illustrative flow for a full-wash path (hybrid deployment). Your policy may activate fewer tiers. Expand any step for a plain-language note.

01 DNS / TLS · Client traffic terminates at the on-prem Nexus™ proxy; session established.
Visitors and apps connect to your environment first. TLS ends at the proxy so later stages see a controlled session context, not a raw hop straight to a public model.
02 Policy router · Payload classified; full pipeline tiers selected.
This step decides how much of the pipeline applies to this request (for example, which privacy stages run). Lighter policies may skip or shorten later tiers.
03 Pattern scan & NER · Materials, projects, parameters identified as entities.
Structured and semi-structured cues (names, codes, locations, specs) are surfaced so they can be handled as first-class entities instead of leaking as free text.
04 Tokenisation · Entities replaced with stable session tokens; token map updated on-prem only.
Sensitive literals become opaque tokens for anything that leaves your boundary. The live mapping between tokens and real terms stays under your control on-prem.
05 Sharding (when enabled) · File objects split; incomplete fragments routed per design.
Large or sensitive blobs can be split so no single off-prem hop carries a complete picture. Routing follows your deployment design when this mode is on.
06 Secure link · Tokenised payload crosses the bayata link to the cloud node.
Only tokenised (and policy-approved) material uses the encrypted path between your site and the cloud helper. It is not a generic open internet shortcut for raw payloads.
07 Chaff injection · Decoy traffic accompanies the real query where configured.
Where you turn this on, additional traffic shaped like real requests can travel alongside the genuine one to complicate traffic analysis. It does not replace tokenisation or policy.
08 Cloud model · Hyperscale AI reasons over tokens; response returns tokenised.
The remote model operates on the token vocabulary and structure you sent. Its reply comes back still tokenised so sensitive terms are not reintroduced in the open cloud hop.
09 De-tokenisation · On-prem map restores your terms; the user sees the answer in natural language.
Back inside your boundary, tokens are resolved to the original wording for display and downstream systems. End users get a normal answer without exposing the raw path the cloud saw.

Technology matrix

SEAL-aligned controls: local brain, global muscle, without surrendering the keys.

Fragmented-Lock™

Military-grade Shamir secret sharing. Your IP remains locked even if the cloud provider is subpoenaed. One shard stays with you; one with bayata. No single actor can reconstruct.

Plain English: no single party, including cloud infrastructure, can rebuild the protected content alone.

How this helps: legal disclosure requests against any one platform cannot recover your full protected terms without your on-site component.

Supports split-custody governance across internal and external operators.
Improves resilience against single-domain compromise scenarios.

Chaff Injection™

Defeat pattern-recognition AI by injecting synthetic technical noise into every cloud request. Hide true R&D intent in statistical blur.

Plain English: extra decoy traffic makes it harder to infer what your real project is about.

How this helps: traffic analysis sees mixed intent patterns rather than a clean map of your operational priorities.

Zero-Trace Ephemeral

Local-only translation maps. No historical data-at-rest. Instant cryptographic shredding when sessions end.

Plain English: sensitive mapping data stays local and is removed fast after the session closes.

How this helps: there is no long-lived translation ledger in shared environments to mine later.

Jurisdictional Pivot

Google to AWS. Azure to on-prem. Native adapters for Vertex AI, Azure OpenAI, and AWS Bedrock. One toggle moves intelligence where the law is on your side.

Plain English: you can move provider and location without redesigning your governance controls.

How this helps: legal or geopolitical shifts can be handled with policy and routing changes, not full platform rewrites.

Deployment paths

Choose infrastructure to match risk, latency, and regulatory posture. The Hybrid Data Pipeline applies per option as described. Expectations stay explicit.

Option A · Cloud-first

Managed Nexus™, EU cloud

Fastest start: no on-prem hardware. Root CA and DNS steering only.

Option B · Hybrid · recommended

On-prem master + cloud relay

Full three-tier pipeline. Token map and master shards stay on-prem.

Option C · Full sovereign

TEE vault + Core-IQ™ on site

Maximum control for aerospace, pharma, defence-adjacent workloads.

Option D · Air-gap

Disconnected Core-IQ™

No cloud path. Inference on the master stack only.

Option B details

Option B (recommended)

bayata ships a 1U master to your rack. Tier 1 runs on Box 1; the token map stays on-prem. Tier 2 splits file fragments across Box 1 and Box 3; Tier 3 runs on the cloud node. Secure link between nodes. Core-IQ™ covers local AI failover. Non-custodial exit is part of the design from day one.

Plain English: balanced path for regulated teams that need strong control and practical deployment speed.

Typical rollout: three to five days
Full tiers when your policy requires it
Baseline path for most regulated enterprises

Options A vs B · at a glance

Capability	A · Cloud-first	B · Hybrid
On-prem master (Box 1)	No	Yes
Secure link (CentralVPN™)	No	Yes
Sovereign cloud node (Box 3)	Yes	Yes
Tier 1 · tokenisation	Yes (cloud)	Yes (on-prem)
Tier 2 · cryptographic sharding	No	Yes
Tier 3 · noise / chaff	Yes	Yes
Token map remains on-site	No	Yes
Core-IQ™ local failover	No	Yes
Non-custodial exit	No	Yes
Typical deployment window	< 1 day	3-5 days

Timelines are indicative; C and D build on B with additional enterprise supplements. Confirm scope with bayata before procurement.

Book Sovereignty Assessment See 3 Deployment Paths

The contact form below can pre-select this deployment. Change the card any time.

Continuity & exit

What buyers ask before signature: what happens when the link degrades, and what happens if we stop. Answers are architectural, not slogans.

Nexus governs operational sovereignty and compliance execution. CentralVeri anchors the integrity and evidence path used in legal and audit workflows.

Operational continuity

On hybrid paths, health checks cover the secure tunnel and cloud relay. When the path fails, policy can pivot: targets switch toward on-prem inference where Core-IQ™ is licensed, so teams keep working without exposing raw payloads to an uncontrolled route. Behaviour is policy-driven; exact thresholds and failover UX are set with your team during implementation, not generic SLAs on this marketing page.

Non-custodial exit

You retain custody of what must stay yours: keys and maps for reconstruction stay under your operational control on supported paths. Leaving the platform is a migration problem, not a hostage situation. Export and provider moves are scoped in commercial agreements. Bring your legal and infra stakeholders; we align the technical off-ramp with what your board will sign.

Is this legal advice?: No. Regulatory references on this site are general context. Your counsel validates fit for GDPR, export controls, sector rules, and cross-border transfers.
Does the cloud ever see complete files?: On paths with Tier 2, fragments are engineered so the cloud fragment is incomplete without the on-prem material. Combined with Tier 1, the cloud sees tokenised reasoning, not your raw vocabulary.

One console. Total control.

Built on a high-performance Go stack: unified sovereignty scoring across vendors, not three portals.

nexus-cockpit · production

Sovereignty health

Autonomy

Sovereignty alarm: nominal · last pivot: EU-Central

Hotlist

Alloy-77masked
Turbine-X7token
Project Helixchaff

One console to rule all vendors. Manage Google, Azure, and AWS sovereignty from a single pane of glass.

Engineered by bayata

Based in the Netherlands, bayata is a high-performance engineering collective dedicated to digital autonomy. We do not just build software; we build sovereignty. The bayata Nexus™ is the culmination of our “Sovereignty by Choice™” philosophy, giving global enterprises the options they deserve.

Visit bayata.nl

Trust layer

Compliance badges and regulatory mentions on this site are for general orientation only. They are not legal advice, a certification guarantee, or an exhaustive list of obligations for your organisation. Validate applicability with qualified advisors.

Nexus protects and governs the AI, cloud, and legal path. CentralVeri protects the intelligence and evidence path.

Enterprise lens

Nexus gives one operating model to run and govern AI under changing legal and provider constraints.

Technical lens

Nexus standardizes policy, masking, and deployment controls while CentralVeri preserves evidence integrity.

Legal & compliance lens

Nexus supports compliance execution; CentralVeri supports defensible traceability and verification records.

Google Cloud Partner Advantage AWS Qualified Software Azure Marketplace Ready

Compliance focus

GDPR
FIPS 140-2
ISO 27001
NIS2

Technical paper

Request the bayata Nexus™ technical whitepaper (PDF) from the contact form. We will send a current version under NDA where applicable.

Book Sovereignty Assessment

Book Sovereignty Assessment See 3 Deployment Paths

Proof and buyer objections

Common enterprise questions, answered directly before procurement and legal review.

How fast can we validate fit?: For qualified teams, the sovereignty assessment defines architecture scope in approximately 30 days, then moves into deployment planning.
Will this lock us into one cloud provider?: No. Nexus governance remains consistent while infrastructure targets can pivot between cloud-first, hybrid, full sovereign, or air-gap paths.
Can legal and compliance teams review this clearly?: Yes. The same architecture is mapped to governance controls, data-boundary decisions, and evidence expectations used in legal and audit workflows.
Does sovereignty control kill performance?: Policies are tuned by workload sensitivity. Teams can keep high-value AI performance while applying stronger controls where risk is highest.

Book Sovereignty Assessment See 3 Deployment Paths

Book Sovereignty Assessment

Tell us your objective and constraints. We route this to the right team and return with a scoped next step. Requires consent under our Privacy Policy.