Research synthesis · 26 May 2026

A private LLM your clients can trust with their secrets.

How to run a capable AI assistant over confidential client material — legally defensible, technically airtight, and explainable to the people whose trade secrets you hold. Two reports, one for the decision, one for the build.

Holder Portugal (EU) Clients EU · UK · Canada · elsewhere Workload small-team chat assistant Data entrusted trade secrets

For decision-makers

Business assessment

What "legally covered" actually requires, the three deployment options side by side, real costs, and a clear recommendation — plus how to turn the setup into a client-trust asset you can sell.

The "reasonable steps" test, across EU / UK / Canada
Decision matrix & cost reality
Recommendation + path to live

Read the business report

For engineers

Technical reference

A buildable architecture: threat model, deployment trust boundaries, model and hardware sizing, the full hardening checklist, an operational runbook, and a mapping from every control to the legal test.

Reference stack: vLLM / Ollama + Open WebUI, LAN-only
Model & VRAM sizing; hardware vs hosting costs
Hardening + control-to-law mapping

Read the technical report

The finding that ties it together

Across EU, UK, Canada and the worldwide TRIPS baseline, a trade secret is protected only if its holder took reasonable steps under the circumstances to keep it secret. So the goal isn't perfect secrecy — it's a documented, proportionate chain of measures. Build to the strictest reading once, and you're covered everywhere your clients are.

The through-line

One question runs through both reports

"Who can technically read the prompts, the documents, the model's memory, the disk, and the logs — and can you prove it?" Each option is graded on how short and controllable that list is.

1Own hardware, on-prem — the recommendation. Nobody but you is inside the boundary; the data never leaves the building. Strongest legal posture, best client story, lowest long-run cost for a small team.

2Rented single-tenant server — the OPEX / scale path. You plus one named EU provider under a data-processing agreement; no shared neighbours.

3Managed private endpoint — only with a client's written sign-off. Easiest to run, but the data leaves your runtime and you rely on contract over control.