Enterprise-grade local AI for organisations that can't afford a data breach. No cloud. No telemetry. No data processor agreements. Runs entirely on your own hardware — and updates from your own servers.
Every enterprise feature ships in the same installer as the standard product. No separate enterprise build. No vendor lock-in.
LDAP direct bind to Active Directory. SAML 2.0 with XMLDSig verification — supports Microsoft Entra ID, Okta, and Google Workspace. Users auto-provisioned on first login. Full admin config tab.
Shared memories, shared prompt library, and a team usage dashboard. All users on the same instance see the same curated knowledge base and approved prompts. Full admin control.
Set HARBOUR_UPDATE_SERVER to point Electron's auto-updater at your intranet instead of GitHub. IT drops release artifacts on an internal file server. Users on locked-down networks update without touching the internet.
20+ vulnerabilities audited and fixed. No shell=True, no path traversal, CORS hardened, all auth gaps closed. Pre-release security scan on every version. Full SECURITY_LOG published on GitHub.
AI reports generated on daily, weekly, or monthly schedules. Choose an agent, write the prompt, and results land in your inbox via email. Run Now for immediate generation. APScheduler — survives restarts.
Every action logged — who sent what, when, from which agent, on which session — with a SHA-256 chain hash linking each entry to the previous (GENESIS anchor). Any modification, deletion, or insertion breaks the chain. One-click VERIFY CHAIN in the admin panel. Login events logged with IP address. Exportable as CSV for ICO evidence packs and internal governance.
11 UK PII types detected and redacted from every chat message before it reaches any AI model — NHS numbers, National Insurance numbers, postcodes, phone numbers, email addresses, credit card numbers, sort codes, bank account numbers, dates of birth, passport numbers, and driving licence numbers. Toggle on in Admin → PII. Every redaction event logged with type, count, user, and session. Meets ICO data minimisation guidance for AI tools (2024).
Legal (SRA, GDPR), Accountancy (FCA, AML), HR (ACAS, data protection), Education (KCSIE, Ofsted EIF, SEND), Healthcare (CQC, MCA 2005, Duty of Candour, NHS DSPT). Templates, prompts, and memory facts built in.
Persistent always-on RAG namespace. Upload your policies, procedures, and documents once. Every agent query is contextualised against your organisation's own knowledge — automatically, on every conversation.
Full REST API with API key management. MCP support (stdio, HTTP/SSE, Streamable HTTP). Docker deployment for server or VPS installs. Fits into your existing infrastructure.
In active development. If something here is a blocker for your organisation, let us know and we'll prioritise it.
LDAP + SAML 2.0 — Entra ID, Okta, Google Workspace. Shipped in v1.0.52.
HARBOUR_UPDATE_SERVER env var — internal intranet updates, no GitHub access required. Shipped in v1.0.60.
CI pipeline complete — macos-13 runner, signed .dmg, notarisation hook, hardened runtime entitlements. Pending Apple Developer code-signing secrets.
UK government procurement requirement. Unlocks NHS trusts, councils, and schools with a budget code. Security hardening already done — certification in progress.
Dedicated enterprise tier with volume seat pricing, priority support SLA, and onboarding assistance. Contact us now to discuss.
UK government procurement framework. Puts HARBOUR AI in front of every NHS trust, council, and school with a budget code.
Sectors where a cloud AI data breach isn't just embarrassing — it's a regulatory event.
Article 9 health data never leaves the network. NHS DSPT compatible. Air-gapped updates for locked-down clinical networks. CQC, MCA 2005, Duty of Candour sector pack built in. No data processor agreement required — you are the sole controller.
Client privilege protected by design — matter files never touch a cloud AI. SRA-safe. Solicitor Accounts Rules compatible. Legal sector pack with SRA Code of Conduct, GDPR, AML prompts and templates built in.
Pupil data stays on your servers. KCSIE 2023, Ofsted EIF 2023, SEND/EHC sector pack included. Air-gapped updates work on school networks with restricted internet. No DPA required — no third party ever handles pupil data.
FCA Consumer Duty and AML compliance. No client financial data in any cloud AI. Accountancy sector pack with FRS 102, Companies Act, AML prompts. Full audit trail meets FCA record-keeping requirements.
Tell us your sector, number of users, and any compliance requirements. We'll come back within one working day.
EMAIL US ↓ DOWNLOAD & TRY FREE14-day free trial · no payment details required · GDPR compliance statement