§203-compliant · 300+ vetted PII patterns · EU-27

Use AI without client data ever leaving the building.

Saklam Bridge runs as a Docker container in your infrastructure, masks confidential data, and forwards only tokens to Anthropic, OpenAI, Google, Azure, AWS, Mistral — or your own inference cluster. Built for law firms, tax advisors, and regulated professions.

Book a 30-min demo

See it in action:

Your prompt

Analyze the lease agreement between Mr. Thomas Miller, 123 Main Street, New York, NY 10001 and Smith Real Estate LLC. My client (Case No: 2024/M-0847) is disputing the maintenance charges.

What the AI sees

Analyze the lease agreement between [PERSON_1], [ADDRESS_1], [LOCATION_1] and [ORG_1]. My client (Case No: [CASE_ID_1]) is disputing the maintenance charges.

Pattern Entities AI

Professional secrecy compliant No data on US servers You see what gets sent (Review Mode)

Try it yourself, no signup: piidetector.com

For Regulated Professions & Professionals

Saklam protects confidential data — no matter your industry.

Lawyers & Law Firms

Client data + AI without losing your license

Learn more

Doctors & Practices

Patient data + AI without confidentiality breach

Learn more

Tax Consultants & CPAs

Client data + AI without professional secrecy breach

Learn more

Developers & Agencies

Client code + AI without NDA breach. Drop-in API for any tool.

Learn more

How it works

What Saklam sees: nothing. What the LLM provider sees: masked tokens.

Workstation

Claude Code, Cursor, or your own apps point at bridge.intern.firm.com

Saklam Bridge (Docker)

Runs on-prem inside your firm network. Masks PII (300+ patterns) before requests leave the house.

LLM Provider

Anthropic, OpenAI, Google, Azure, AWS Bedrock, Mistral, or your self-hosted endpoint see only tokens like [PER_a1b2]. The response is unmasked on the way back.

Three properties, three sales arguments

Zero-Knowledge

Saklam servers are not in the data path. The container runs on-prem, sees all plaintext — Saklam sees nothing. Real technical separation, not just contractual assurance.

§203-compliant

Client data never leaves your premises as plaintext. No DPA with Saklam needed — you sign that directly with Anthropic, OpenAI, or Mistral.

BYOK

Anthropic, OpenAI, Google, Azure OpenAI, AWS Bedrock, Mistral, or your own inference cluster (Ollama/vLLM) — your direct provider relationship. We don't mark up your AI usage; we license you the software.

Live in 5 minutes

Linux x86_64 or ARM64, 2 vCPU + 4 GB RAM minimum. Docker Engine ≥ 24.

1. Create directory

mkdir -p /opt/saklam-bridge && cd /opt/saklam-bridge

2. Download docker-compose.yml + .env template

curl -fsSL https://saklam.com/bridge/docker-compose.yml -o docker-compose.yml
curl -fsSL https://saklam.com/bridge/env.example -o .env

3. Enter ANTHROPIC_API_KEY and BRIDGE_MASTER_KEY into .env

$EDITOR .env

4. Start

docker compose pull && docker compose up -d

5. Smoke test

curl -fsS http://localhost:4000/health/readiness

mkdir -p /opt/saklam-bridge && cd /opt/saklam-bridge
curl -fsSL https://saklam.com/bridge/docker-compose.yml -o docker-compose.yml
curl -fsSL https://saklam.com/bridge/env.example -o .env
$EDITOR .env
docker compose pull && docker compose up -d
curl -fsS http://localhost:4000/health/readiness

Full setup guide →

Pricing

Two prices, no volume limits — Bridge runs on your infrastructure, we can't count anything. 30-day free trial.

Solo

€99

/ month

Your own API keys (BYOK), all providers
Unlimited volume, flat
Setup support directly with the founder

Try free for 30 days

Team

€299

/ user / year

Minimum 5 licenses — smaller teams start with the 5-seat package (€1,495/year)
Auto-updates + email support within 2 business days
Site license + data protection addendum as PDF

Book demo

Cost example: 60-staff firm on Team tier = €17,940/year. Compare: 60 × Libra Pro at €200/mo = €144,000/year.

OpenAI, Anthropic & Mistral.

GPT-5.4, GPT-5 Mini, Claude Sonnet 4.6, Claude Haiku 4.5, Mistral Large — switch anytime.

Anthropic OpenAI Azure OpenAI Google Gemini AWS Bedrock Mistral Ollama

Frequently asked questions

Does Saklam store or archive the token mappings?

No — we couldn't even if we wanted to. The token ↔ original mapping is created by the Bridge inside your infrastructure, lives in memory per request only, and is discarded after the response. No database, no log, no transfer to Saklam. The only thing leaving your container is masked tokens headed to the LLM provider.

Do we need a DPA (Auftragsverarbeitungsvertrag) with Saklam?

No. Saklam Bridge runs on-prem inside your infrastructure, Saklam receives no personal data. A DPA under Art. 28 GDPR would be content-empty. Instead we provide a site-license agreement + data protection addendum for your DPO documentation. A DPA with the LLM provider (Anthropic, OpenAI, Mistral) is still required and you sign that directly with the provider — we don't resell it through us.

Which LLM providers are supported?

Anthropic (Claude), OpenAI (GPT), Azure OpenAI (same GPT models with EU data residency + Microsoft DPA), Google Gemini (Vertex AI EU or AI Studio), AWS Bedrock (Claude/Llama/Mistral via AWS, EU Frankfurt), Mistral La Plateforme, and self-hosted via Ollama/vLLM/TGI inside your own network. Customer-provider relationship is direct — Saklam is not a reseller.

We run our own inference cluster (Ollama/vLLM). Does Bridge add value there?

Yes. Point Bridge at your cluster via OLLAMA_API_BASE (OpenAI-compatible API). The PII masking layer stays active — even with on-prem inference you get consistent token formats, an audit trail, and unified routing logic for both your local models and cloud fallbacks. Belt-and-suspenders.

We use Claude Pro / Anthropic Team / ChatGPT Plus. Does that work?

Unfortunately not. Bridge only works with classic API keys (pay-as-you-go, Console → API Keys). Subscription OAuth tokens are not accepted.

What hardware do we need?

Linux x86_64 or ARM64. 2 vCPU + 4 GB RAM minimum, 4 vCPU + 8 GB recommended for multi-user. ~3 GB storage for container + models.

What is the latency overhead?

~70 ms PII detection overhead per request (Linux CPU). For structured PII (Email/IBAN/phone) <100 ms; for PERSON/ORG detection (GLiNER + Presidio) 1-2 s additional on first request, then cached.

How does unmasking work with streaming responses?

Bridge unmasks chunk-by-chunk, including tokens that split across chunks. Works for both OpenAI and Anthropic SSE streams.

Can we add custom PII patterns for our client workflows?

Yes — included in the Team tier; available on request for Solo.

How do we update the image?

docker compose pull && docker compose up -d. Auto-updates are off — you control what runs in your network.

Is Saklam Bridge open source?

Closed-source, proprietary. Image on hub.docker.com/r/saklam/bridge, setup docs public, license: site license per Named User.

Who is behind this

Stefan Böck — Software engineer and product manager. Has built and run marketplaces, APIs, and web platforms — today all his energy goes into one question: how to bring confidential data and AI together safely.

Saklam is bootstrapped, built and operated in Munich, Germany (Portalix UG, HRB 250502). No investors, no exit plans — and by architecture: none of your data.

During setup and support you talk directly to me.

Stefan on LinkedIn

More than one user? Or building your own?

Saklam Chat

Solo attorney, tax advisor, or consultant?

→ Saklam Chat (€79.00/mo)

For Developers

PII masking as API + LLM proxy. Drop-in for your pipelines.

Devs

Looking for pilot customers

We're looking for 1-3 mid-sized IT-aware law firms (30-100 staff) for a 30-day pilot. Unlimited use, personal setup support from the founder, feedback flows directly into the roadmap. Afterwards: standard site license.

Book a 30-min demo

Direct questions? bridge@saklam.com