Step inside →

ARCHITECTURE

A Private AI pattern, extracted from production.

Five components, extracted from two customer deployments and two years of internal operations. Aligned with the European sovereign AI research agenda through our Horizon Europe consortium.

Private AI pattern

The customers Magic serves — mid-market manufacturers, institutional communities, regulated organisations — cannot run their commercial operations on conventional cloud AI. Their data is sensitive. Their identity is their asset. Their regulatory environment (GDPR, the AI Act, CSRD, CSDDD, NIS2, emerging EU sovereignty requirements) makes traditional cloud architectures progressively harder to deploy. Magic was designed for exactly this environment from day one. The architecture is not a compliance feature bolted on. It is the foundation.

Five components of the Private AI Pattern.

Each is necessary. Removing any collapses the guarantees the others depend on.

01

Governed Data Schema.

Structured, versioned, documented field ownership, machine-enforceable integrity rules. Audit-ready by construction. Schema changes append, never insert — new fields degrade gracefully.

02

Contextual AI Reasoning Layer.

Agents reading from multiple data domains simultaneously. Recommendations grounded in the customer's reality and aggregate patterns from similar organisations. Reasoning framework versioned separately from domain knowledge.

03

Automation Engine with Bounded Autonomy.

Classification, routing, deferral, execution within customer-set boundaries. Every action condition-checked at execution time. Global frequency caps. Autonomous only where autonomy is explicitly authorised.

04

Self-Improving Knowledge Base.

Curated seed knowledge, accumulating intelligence from every interaction. Frequency scoring validates patterns before promotion. Materialised views deliver knowledge back at constant token cost.

05

Data Residency Model.

Customer data lives in the customer's own cloud workspace — not in Magic's infrastructure. Magic does not hold, copy, or centralise it. The runtime data path runs between the customer's workspace and the AI compute layer, never through Magic's servers. Revoke our access: we lose all access immediately.

Every deployed Magic Agent carries a verifiable identity tied to the organisation that governs it. The identity infrastructure is cryptographic and passwordless — no credentials to manage, no passwords to breach. Agent identity means that when a Magic Agent sends an email, answers a member question, or executes a campaign action, the organisation behind it is provable. This is the same identity layer that enforces tier-gated behaviour in community deployments and trust-level gating in organisation deployments.

Data residency is not the same as sovereign execution. We are precise about the difference.

We name what the architecture guarantees and what it does not — because the honesty is the argument.

What we do guarantee today.

  • Your data lives in your own cloud workspace — not in ours.
  • Magic does not hold or centralise customer data.
  • Runtime data path runs between your workspace and the AI layer — never through Magic's servers.
  • Revoke our access: immediate, complete loss of access.
  • Every schema change versioned and auditable.
  • Every automated action condition-checked at execution time.
  • Member-only content enforced in code, not in prompts.

What we do not currently guarantee.

  • Compute runs on a cloud provider's multi-tenant runtime — not yet in a trusted execution environment you control.
  • The cloud provider encrypts data at rest; customer-managed encryption keys are not yet available.
  • Magic has operational access to your data store during the engagement — a service delivery requirement, not a security gap, and revocable at any time.

These gaps define our Horizon Europe research agenda with CERTH/ITI, where formal verification of the Private AI pattern as a trusted execution boundary is a funded objective.

Read about our research programme →

For orchestration, instruction governance, and context assembly, see /platform.

/platform →

We respect your privacy

We only use one cookie to remember your language preference. We don't use tracking cookies. No analytics, no tracking, no data collection — just a better experience for you.