←Back

Behind roc: Building AI for organizations that cannot compromise

Behind our launch statement, that roc is now in general availability, sits a larger question that many European organizations are now asking themselves: How do we adopt powerful AI without giving up control?

The first wave of generative AI was built around easy access and creating familiarity for users encountering a new technology. Users would simply open a browser, call an API, send a prompt, and get a result back. That made AI easy to try and fast to adopt in a much easier manner than ever before. It removed the need to think about hard questions such as GPU selection, model serving, operations, and the speed of model development.

Now, AI is quickly moving from experimentation into everyday business, and this means that the problem changes.

Organizations no longer ask only whether an AI system is capable enough. They've already seen this. Instead, they ask where it runs, who controls the data, how access is governed, how usage is audited, whether internal knowledge can be connected securely, and whether AI can become part of real-life workflows without creating new operational or compliance risks.

That is the bigger context roc is built for.

roc is Europe's sovereign AI agent and enterprise AI workspace. It gives organizations access to leading AI capabilities in a controlled European environment, designed for teams that want the productivity benefits of modern AI without compromising on data, security, governance, or jurisdiction.

The problem is no longer the model

Model quality still matters. Users expect AI to help them write, analyze, code, summarize, reason, and work across languages. Enterprises expect the same level of capability that has made AI adoption accelerate globally.

But in real organizations, the model is only one part of the system. The harder questions usually sit around it.

Can employees use AI without sending sensitive information into uncontrolled tools? Can internal documents and enterprise knowledge be used safely? Can identity, permissions, and access policies apply to AI the same way they apply to other enterprise systems? Can usage be governed and audited?

On the surface, roc gives users a familiar conversational AI workspace. They can use it for everyday work: writing, analysis, software development, document interaction, knowledge retrieval, and project-based collaboration. In short, many of the things they've gotten used to do with AI.

A chat interface is useful, but it is not enough. In an enterprise setting, AI needs surrounding infrastructure: identity, access control, model access, data boundaries, policy, lifecycle management, logging, auditability, and integration with the tools and knowledge people already use.

roc is not simply a place to type prompts, it's a sovereign AI workspace built to help organizations move from uncontrolled experimentation to governed adoption.

Built under European control

The foundation of roc is European infrastructure.

Customer data, operations, and services remain under European jurisdiction and within evroc-controlled infrastructure. Customer data is not used for model training. We know that these are important to organizations, as we've worked with them to understand what is more important for them, and what capabilities they are not finding on the market today.

AI workloads often involve internal documents, strategic plans, customer information, code, operational knowledge, financial data, or regulated material. For sectors such as finance, energy, defense, the public sector, and other security-conscious industries, "just use a public AI service" is not a complete answer.

These organizations need AI, but they also need a trust model that matches their obligations. They need to know where data goes, who can access it, how the platform is operated, and how AI usage can be controlled. This is what operational control looks like, for real.

How evroc ensures data sovereignty and compliance, independent of model choice.

Regardless of model origin, all customer workloads remain within roc's European-controlled environment and are governed by European legal, security, and compliance frameworks. This ensures that organizations benefit from access to the world's most advanced AI capabilities while maintaining sovereignty, control, and regulatory alignment.

roc is powered by leading frontier AI models comprising trillions of parameters. These models originate from Europe, the United States, and Asia, with roc intelligently selecting the most suitable model for each workload.

Customers contract with evroc, a European company subject to European law. This means that governance, security controls, and accountability remain under European jurisdiction, irrespective of where the underlying AI model was developed. Any external dependency is evaluated separately and subject to rigorous legal and security review.

• The open-weight models that evroc uses, no matter their origin, are fully independent of their parent organization, company, or provider. Usage of evroc's AI models is processed entirely in evroc's controlled environment, including any customer data. No open-weight third party model provider receives customer data.
• evroc does not retain customer data nor feed it to model training pipelines. Users use roc, and other evroc AI products, to perform inference on their customer data. evroc, again, does not retain any of that ingoing customer data.
• Data residency is handled at the platform level. roc runs on evroc-controlled European infrastructure, under European jurisdiction.
• When a third-party service is involved, such as when performing web search with roc, we only use providers with similar guarantees, requirements, and conditions as those evroc operate under. Abilities like web search can be turned off, when organizations don't want to risk third parties receiving customer data.

What IT and security teams should care about

roc helps reduce shadow AI by giving employees a sanctioned, enterprise-grade alternative to unmanaged external tools. It supports secure work with documents and enterprise knowledge, which is where AI becomes much more valuable than a blank chat box. It is built around enterprise identity and access management, so AI adoption can fit existing organizational control models.

It is also designed with governance and auditability in mind. As AI becomes part of daily work, organizations need visibility, controls, and accountability. Enthusiasm is not enough; adoption needs to be manageable.

roc also provides OpenAI-compatible APIs. That matters because many teams have already built prototypes, integrations, and internal tools around familiar API patterns. Compatibility lowers the migration barrier and makes it easier to move toward a more sovereign setup without starting over from scratch.

Together, these capabilities make roc less like a consumer AI product with enterprise packaging and more like infrastructure for controlled AI adoption.

General availability

With general availability, roc moves from beta into full commercial availability.

For customers, that means roc is ready for enterprise deployment: a sovereign AI agent and workspace with leading models, predictable pricing, European infrastructure, secure data handling, enterprise governance, and a path to scale adoption across teams. AI that is powerful and useful for everyday work, but built from the start for sovereignty, security, and enterprise control.

European organizations should not have to choose between AI capability and control.

With roc, they do not have to.