Your data, your knowledge, your AI
A-Team grows out of a simple conviction: anyone accountable for confidentiality should be able to use modern AI without giving up sovereignty over data, knowledge, and operations. Professional secrecy, client and patient confidentiality, and the protection of donor and member data form the basis of the work. That is exactly where control matters most.
Sovereignty is an asset here, not a brake. Data sovereignty, local anchoring, and the absence of vendor lock-in can be represented openly towards clients, patients, and members. Confidentiality becomes an advantage rather than an obstacle, and open building blocks suit organisations whose mandate demands independence.
le dot runs its own work on exactly this framework. A-Team is therefore used in-house and proven, not merely offered.
Open building blocks, controlled AI, clear traceability
A-Team combines proven open components with the latest controlled AI: open and secure at once. Every building block stays replaceable. Existing tools such as Microsoft 365 or specialist applications stay where they make sense, without forced migration.
Every AI request runs through clear approvals, and every action stays tied to a named human role. Agents act as attributable identities with limited rights. The permission model applies to agents just as it does to people, and where that is enough, their access can be limited to read-only. Traceability therefore stays a property of operations rather than an after-the-fact report: model choice, data flow, and sources stay visible, and auditability is enforced technically instead of merely documented.
Hosting stays under direct control, up to fully isolated operation.
Want to see how this looks in a concrete setup? Request an A-Team demo.
The building blocks and their value
Each building block solves a concrete task, and the value comes before the mechanics:
- One sign-on for all services, with clear rights and less friction in everyday work.
- Collaboration and files in one place, working together without scattering data.
- Knowledge base: answers from the organisation's own sources, with a traceable reference instead of repeated searching.
- Controlled AI, with model choice and data flow kept under direct control.
- Controlled agents that take on recurring work, carry out research, or merge and analyse data, while every action stays attributable.
- Familiar foundation, new leverage: A-Team builds on IT tools that have been in use for years and adds RAG, language models, agents, and automation.
The system at a glance
The framework is built in layers, from a load-bearing foundation up to value creation, with a governance bracket spanning all layers. Each box stands for a function; the tools in brackets are interchangeable examples.
flowchart BT
accTitle: A-Team as a layered container diagram
accDescr: The A-Team framework in four layers that build on each other, enclosed by a dashed governance bracket across all layers. The foundation carries infrastructure under direct control, identity and access, and secure network access and operations. Above it sits collaboration and knowledge with collaboration and files and knowledge management. Above that the controlled AI with knowledge retrieval with source binding, model gateway, and data classification and approvals. At the top is value creation with agents and automation and interfaces and integration. The dashed governance bracket encloses all layers and bundles machine and agent identities, approvals, and traceability across all layers.
subgraph GOV["Governance and accountability — across all layers (identities, approvals, traceability)"]
direction BT
subgraph L1["1 Foundation"]
HOST["Infrastructure under direct control<br/>(own servers, CH data centre, containers)"]
IDENT["Identity and access<br/>(Authentik, Keycloak, Entra ID)"]
NETOPS["Secure network access and operations<br/>(NetBird, Tailscale; Grafana, Prometheus)"]
end
subgraph L2["2 Collaboration and knowledge"]
COLLAB["Collaboration and files<br/>(M365 and Nextcloud)"]
KNOW["Knowledge management<br/>(Wiki.js, BookStack)"]
end
subgraph L3["3 Controlled AI"]
RAG["Knowledge retrieval with source binding<br/>(Open WebUI, own RAG pipeline)"]
GATE["Model gateway<br/>(own gateway, LiteLLM)"]
CLASS["Data classification and approvals<br/>(policies, tagging, approvals)"]
end
subgraph L4["4 Value creation"]
AGENT["Agents and automation<br/>(own workflows, n8n, GitLab CI)"]
API["Interfaces and integration<br/>(APIs, webhooks, connectors)"]
end
NHI["Machine and agent identities<br/>(token and secrets management, Vault)"]
end
L1 --> L2 --> L3 --> L4
style GOV stroke:#c1121f,stroke-width:2px,stroke-dasharray:6 4
Legend
- Layers from bottom to top: the foundation carries, above it sit collaboration and knowledge, then the controlled AI, and at the top value creation.
- Each box stands for a function, not for a fixed product. Tools in brackets are interchangeable examples.
- An "and" in brackets means combinable; an "or" means selectable.
- Solid arrows show the data flow over open standards and clear approvals.
- The governance bracket acts as a dashed line across all layers: identities, approvals, and traceability apply everywhere.
Building blocks in depth
- Infrastructure under direct control: Digital sovereignty
- Identity and access: Identity and single sign-on
- Secure network access and operations: Zero trust
- Collaboration and files: Open and free software
- Knowledge management and approvals: Data governance
- Knowledge retrieval with source binding: GenAI and RAG
- Model gateway: Sovereign AI
- Agents and automation: AI agents
- Interfaces and integration: API-first
- Machine and agent identities: Non-human identity
Background on the notation: C4 model and docs-as-code. The way of working behind the framework is described in the A-Team framework.
Operating frame
A-Team is not rolled out as a one-size-fits-all solution. The first scope follows the organisation profile, the confidentiality requirement, and the existing infrastructure. Typical profiles map to the following segments:
- Law firms, trustees, and practices bound by professional secrecy: usually the SME with Microsoft 365 profile, and for the highest protection needs the air-gapped operation.
- NGOs and associations: depending on size, the association segment or the SME with Microsoft 365 profile.
- Teams with their own IT and development: the lab and development segment.
- Highest isolation requirements: the air-gapped operation.
The path to A-Team
From introduction through integration to enablement, le dot accompanies the path to A-Team, without vendor lock-in.
Introduction and pilot
A working first step on the organisation's own data, with a clear result within the Swiss legal framework.
Integration with existing systems
A-Team connects to the existing systems, without disruption and without vendor lock-in.
Governance and security
Traceable AI that holds up to data protection and the EU AI Act, verified rather than claimed.
Enablement and coaching
The organisation's own team becomes capable in its own right; le dot accompanies and does not lock in.
See A-Team in action
A demo shows A-Team through the functions that matter: from sign-on and knowledge search to controlled AI. The first scope follows the organisation type, the existing infrastructure, and the prioritised use case.
Select functions and request a demo
Related topics
- A-Team framework, the way of working and method behind A-Team.
- Digital sovereignty, the pillars behind data and operational sovereignty.
- Sovereign AI, the sovereignty context for controlled AI under direct control.
- AI agents, how automation works with attributable agents.
- Open and free software, the control and ownership context of the open building blocks.