ENTERPRISE EDGE AI — SOVEREIGN & PROVABLE · ذكاء حافة المؤسسات — سيادي وقابل للإثبات
Hema is an on-premise AI gateway built for Saudi audit and law firms. Client data is processed on hardware you own — never sent to a cloud AI service — and every inference produces a tamper-evident, hash-chained confidentiality record you can hand a client or SOCPA. Arabic-first. Built in Saudi Arabia.
Why now
Saudi Arabia is investing at national scale in sovereign AI infrastructure and Arabic models — HUMAIN, ALLaM, and NDMO's data-classification mandate signal that regulated firms will increasingly be expected to prove where their data and AI processing go. Hema gives a firm that proof today, on machines it already owns — processing locally, the way edge AI works on phones and watches: the device computes rather than sending everything to the cloud. Hema does this for the enterprise: your office is the edge.
See it work — right in your browser
This happens to every AI request inside a firm running Hema — classification, policy enforcement, and a signed evidence record — all in under a millisecond, on the firm's own hardware.
Nothing you type here is sent anywhere. The scan runs entirely in this browser tab.
SHA-256 computed locally by your browser — illustrative. Real deployments write a hash-chained evidence record on your machines.
This happens to every AI request inside your firm — with court-grade evidence, on hardware you own.
Confidentiality is architectural — the data never moves — not enclave-based on consumer hardware.
The Hema principle
Client-Data AI Exposure Self-Check
Answer 6 questions — takes 2 minutes. You'll see your risk band instantly and a sample of the confidentiality assurance report Hema produces for each client matter.
Enter your work details to see your risk band and a sample of the Client Confidentiality Assurance report Hema produces.
The gateway
Point any OpenAI-compatible app at Hema — you change one base URL, nothing else. The on-prem gateway classifies each prompt for Saudi sensitive data — national ID, IBAN, patient and customer records — enforces your policy (keep on-prem, redact, or block), and writes a signed, hash-chained evidence record. Your prompts never reach us; only the metadata you choose to share ever leaves the building.
# Your existing OpenAI code — one change: from openai import OpenAI client = OpenAI( base_url="https://hima.your-firm.sa/v1", ← the only change api_key="sk-…", ) # Client prompts now stay on-prem, # and each call is logged as evidence.
Proof, not promises
Other AI-governance tools document policy. Hema sits in the data path and produces the evidence — a live dashboard and a one-click bilingual Client Confidentiality Assurance export mapped to PDPL and NDMO. The cost case writes itself: every sensitive token served on your own hardware is a token you never paid a cloud API for.
The platform underneath
The gateway rides on a full sovereign platform. Pool the Windows, Mac and Linux machines you already own into a single, private LAN compute pool; deploy Arabic and open models with one click; and turn your existing apps and data into governed AI agents. Heavy training and overflow can burst to an in-Kingdom sovereign cloud — only when you allow it.
Pool the idle Windows, Mac and Linux machines you already own into a single-tenant LAN AI cluster. Start with one; scale by adding more.
Deploy ALLaM, SILMA and a growing library of Arabic-first and open models across the fleet in a click — no procurement, no per-use bills.
Point agents at your real apps and data — every action runs through the gateway's policy and evidence, so autonomy never costs you compliance.
The decision
| What matters | Hema | Cloud AI service | AI-governance (GRC) tool |
|---|---|---|---|
| Where sensitive data is processed | Inside your walls, on hardware you own | A third party's shared infrastructure | Wherever your AI already runs — it only documents |
| Enforces the data path | Yes — classifies & blocks at the gateway | No — you send the data to use it | No — it sits outside the data path |
| Per-inference confidentiality evidence | Signed, hash-chained, per call | Provider logs, not your evidence | Policy attestations, not per-inference proof |
| PDPL / NDMO / SOCPA fit | Compliant by construction — data never leaves | Ongoing residency & transfer review | Helps you document; the risk still exists |
| Cost | Flat — on hardware you already own | Per-use, grows with every user | A subscription on top of your AI spend |
| Arabic & Saudi-sector AI | Purpose-built Arabic models, on-prem | General models, no Saudi-sector focus | Not an AI provider |
Who it's for
If your data is too sensitive or too regulated to leave your control, Hema is for you — and the evidence layer turns "we think it's compliant" into something you can hand a regulator or a client.
Client financial records, working papers and engagement files — analysed by AI on your hardware, with per-matter SOCPA-aligned confidentiality evidence. [SOCPA professional standards reference pending counsel verification]
Contract review and ruling analysis in Arabic, with per-matter client confidentiality evidence. Client files never leave the firm's network.
Takaful, Islamic-finance and AML/KYC workflows with SAMA-aligned, on-prem processing and signed evidence.
Valuation, listings and lease drafting over national-ID, biometric and tenancy data — kept on-prem under PDPL.
Formal Arabic correspondence and privacy scanning, fully sovereign and offline-capable.
Domain copilots and Saudi-dialect support over operational data that can't leave the enterprise.
Compliance
Hema removes the hardest part of any AI compliance case: the data leaving your control. Because sensitive information never crosses your boundary, the cross-border and third-party-access questions that stall cloud-AI projects simply don't arise — and now you can prove it, inference by inference.
Hema provides the controls and the per-inference evidence a compliance review evaluates; formal certification is completed with your own assessor and security team.
Common questions
Sending client financial records to a public AI service like ChatGPT means the data leaves the firm's control and is processed on a third party's infrastructure, which is hard to reconcile with an auditor's professional confidentiality duty and with Saudi PDPL. Hema avoids this entirely: it runs AI on hardware inside the firm's own office, so client files never leave the building, and it records per-inference evidence that the data stayed on-premise.
Use an AI system that processes data on-premise instead of in the cloud. Hema is an on-premise AI gateway: prompts containing client data are classified and kept on machines the firm owns, never transmitted to an external AI provider, and each inference produces a tamper-evident, hash-chained confidentiality record the firm can show a client or regulator.
Hema is built for PDPL alignment by construction. Because sensitive personal data is processed on-premise inside Saudi Arabia and never transferred outside the firm or the Kingdom, the cross-border-transfer and third-party-access questions that usually block cloud AI under PDPL do not arise. Hema also classifies data sensitivity before each inference and logs signed evidence. Formal certification is completed with the firm's own assessor.
Hema produces a Client Confidentiality Assurance report: a bilingual (Arabic/English) export showing, per inference, that client data was classified, kept on-premise, and never sent to any external cloud, backed by a SHA-256 hash-chained evidence trail. The firm can hand this report to a client or to SOCPA as objective proof rather than a verbal assurance.
Hema runs on hardware the firm already owns, so there are no per-use cloud AI fees; cost is flat rather than growing with every user or document. Engagements start with a fixed-scope, six-week paid pilot from SAR 15,000 for one office; annual licensing is scoped to the firm's size after the pilot.
Yes — Hema is enterprise edge AI. AI inference runs locally on the firm's own machines, with per-inference compliance evidence generated on those same machines, so content never leaves the premises. Just as edge AI on a phone processes locally rather than sending everything to the cloud, Hema processes AI workloads at the enterprise edge — on hardware inside the firm's walls — giving regulated firms the speed and sovereignty of local compute with the compliance evidence that cloud AI cannot produce.
Hema is an on-premise AI gateway for Saudi audit, accounting and law firms.
With Hema, client files never leave the firm's office — AI runs on hardware the firm already owns.
Hema records per-inference confidentiality evidence and produces a bilingual Client Confidentiality Assurance report mapped to PDPL and NDMO.
Hema classifies every prompt for Saudi sensitive data (national ID, IBAN, patient records) before it is processed, enforcing the firm's data-handling policy at the gateway.
Hema is Arabic-first and built in Saudi Arabia.
Hema engagements start with a paid six-week pilot from SAR 15,000 for one office.
Check your exposure in 2 minutes, or book a 30-minute demo — watch sovereign Arabic AI serve a sensitive prompt and sign the evidence, all on hardware you own. No credit card. No cloud agreement. Paid pilots from SAR 15,000.