Architecture
A Private AI pattern, proven in production.
Magic's architecture is a specific discipline for running production AI agents on infrastructure the customer controls. Five components, extracted as a formal pattern from a year of live deployments with a manufacturer, a trade union, and Magic's own operations.
The customers Magic serves — mid-market manufacturers, institutional communities, regulated organisations — cannot run their commercial operations on conventional cloud AI. Their data is sensitive. Their identity is their asset. Their regulatory environment (GDPR, the AI Act, CSRD, CSDDD, NIS2, emerging EU sovereignty requirements) makes traditional cloud architectures progressively harder to deploy. Magic was designed for exactly this environment from day one. The architecture is not a compliance feature bolted on. It is the foundation.
Five components that work together
The Private AI Pattern is the architectural discipline Magic's commercial operating system runs on. Each component is necessary. Removing any one collapses the guarantees the others depend on.
Governed Data Schema
A structured, versioned data layer with documented ownership of every field, machine-enforceable integrity rules, and explicit classification of safe versus dangerous structural changes. Audit-ready by construction. Schema changes append rather than insert, so new fields degrade gracefully when absent.
Contextual AI Reasoning Layer
Agents that read from multiple data domains simultaneously and generate recommendations grounded in both the customer's own reality and aggregate patterns from similar organisations. Reasoning framework versioned separately from domain knowledge. Every recommendation grounded in the customer's data and in network-level benchmarks at constant token cost.
Automation Engine with Bounded Autonomy
A classification, routing, deferral, and execution pipeline that lets the system act within boundaries the customer sets. Every automated action condition-checked at execution time, so stale actions self-cancel. Global frequency caps prevent over-contact. The system is allowed to act — and constrained in a way leadership can verify.
Self-Improving Knowledge Base
A knowledge layer that starts with curated seed knowledge and accumulates operational intelligence from every interaction. Frequency scoring for pattern validation. Materialised aggregate views for efficient delivery back into the reasoning layer. Each interaction makes the next one smarter — under the customer's governance, not the vendor's.
Sovereign Execution Environment
The runtime where everything above runs inside the customer's boundary rather than in a shared cloud. Cryptographic identity as the trust anchor. Zero data egress by default. The intelligence comes down to the data rather than the data going up to the intelligence.
Why this matters for Europe
GDPR, the AI Act, CSRD, and emerging EU sovereignty requirements are making conventional cloud AI progressively harder to deploy for organisations handling sensitive commercial or member data. The Private AI Pattern is a structurally strong fit — not because compliance was retrofitted, but because sovereign execution, verified data provenance, and audit-ready governance are the foundation. Magic is an active participant in European Horizon Europe research on sovereign AI infrastructure, in consortium with CERTH/ITI and a Bulgarian partner.
Trust architecture for institutions
When an institution puts its operational knowledge through a production agent, leadership needs to know three things: that nothing will be invented, that member-only information will never leak to public visitors, and that the head of the organisation can change what the agent knows without calling an engineer. The Private AI Pattern is built around all three.
Nothing invented
The agent only draws on knowledge leadership has explicitly approved. Every answer is grounded in the governed knowledge base. No hallucination, no extrapolation from public data.
Hard visibility boundaries
Member-only content is enforced in code, not in instructions to the model. Public visitors cannot see what members see — the boundary is architectural, not instructional.
Leadership closes the loop
A weekly digest shows every question the agent could not answer. The head of the organisation edits the knowledge directly, without an engineer, and the agent improves on their terms.
Identity as the architectural root
Every action the platform takes is identity-resolved at execution time. Not role-based access control grafted on at the application layer — identity as the trust anchor at the cryptographic root of the runtime. This is what makes tier-gated visibility deterministic rather than advisory, and what makes agent actions attributable to a verified principal rather than a session token.
The Magic Agent Platform — the delivery layer that implements this pattern — has its own page. See /platform for orchestration, instruction, and context assembly.
We respect your privacy
We only use one cookie to remember your language preference. We don't use tracking cookies. No analytics, no tracking, no data collection — just a better experience for you.