Your decks never leave your control.
pretty is an orchestration layer, not a data processor. Deploy it inside your perimeter or take it as a managed service — either way, customer content moves directly from the endpoint to the contracted AI provider.
Operating principles
Built to clear an enterprise security review.
Source-available architecture
The core runtime is published under an open license, so security, legal, and compliance teams can review the full code path before any deployment decision.
Customer-owned credentials
Each tenant brings its own provider contracts and API keys. pretty does not hold credentials or proxy provider requests originating from the endpoint.
No content retention
Prompts, slides, and uploads remain on the endpoint or inside your infrastructure. pretty does not persist, log, or train on customer content.
Verifiable request trail
Every model request carries a deterministic client-side identifier you can reconcile against your DLP, proxy, or egress logs.
Deployment models
Two ways to deploy. Both keep content off our infrastructure.
Self-hosted
Open core, your perimeter
- Deployed inside your VPC, on-premises, or dedicated cloud
- Compute, storage, and egress remain under your control
- No external runtime dependency on pretty
- Open-core repository available for review and modification
- Suitable for air-gapped and regulated environments
Managed service
Operated for you, on contract
- Operated by pretty against an enterprise SLA
- SSO, SCIM provisioning, and tenant-scoped audit logging
- Consolidated provider procurement under a single contract
- Per-seat pricing without per-token reconciliation
- Endpoint payloads still transit directly to the AI provider
Enterprise procurement
Discuss your compliance requirements.
On-premises deployments, dedicated cloud, MSA and DPA review, HIPAA and SOC 2 paths, and procurement through Microsoft AppSource or Azure Marketplace.
Contact enterprise sales