What is ZeroH Disclosure?

ZeroH Disclosure is a verifiable AI safety layer. It intercepts every prompt your team sends to an AI tool, classifies fields under your disclosure policy, redacts what must not be exposed, and is designed to produce tamper-evident cryptographic proof. Your CISO, DPO, and regulator can verify what the AI saw. And what it never saw. Without trusting any vendor log.

How is selective disclosure different from standard document redaction?

Standard redaction replaces sensitive text with "[REDACTED]" or a black bar. Selective disclosure is designed to create cryptographic proof that reveals specific fields while concealing others. Recipients can verify that the fields they see are authentic and unmodified. Standard redaction can be disputed or reversed. Cryptographic selective disclosure proofs are designed to be tamper-evident.

Which regulatory frameworks does this satisfy?

Proof packs are designed to support evidence requirements under PRA SS1/23 (UK model risk), EU AI Act Article 12 (high-risk system logging) and Article 10 (data governance), GDPR Article 5 (data minimisation) and Article 35 (DPIA), NIST AI RMF, ISO 42001, QCB AI guidance, and CBUAE responsible AI principles. Always consult your DPA or legal team for jurisdiction-specific requirements.

How does ZeroH Disclosure work with the ZeroH platform?

ZeroH Disclosure feeds directly into the ZeroH GenAI infrastructure platform. Disclosure proofs become evidence artefacts in ZeroH agent workflows. Trust Center surfaces them with selective disclosure for regulators and auditors. All three products form an integrated stack. Use them together, or use Disclosure standalone as a BYO-AI safety layer.

ZeroH Disclosure is in alpha — first through Ask Ali.Try Ask Ali·Terms

Audit-grade AI safety for every prompt.Bring your own AI.

Q: Does this work with Microsoft Copilot, ChatGPT, or Claude?

Yes. That is the bring-your-own-AI design intent. ZeroH Disclosure is built to sit in front of the AI tools your team already uses. Specific plugin integrations (Microsoft 365 Copilot, browser extension, MCP servers for Claude, custom adapters for internal agents) are in active development. Talk to us about being in the first deployment cohort.

Q: How is this different from LLM security platforms?

LLM security platforms focus on input/output security. Prompt injection defence, jailbreak prevention, model integrity. They are valuable. They do not produce cryptographic, third-party-verifiable proof of what an AI saw and never saw. ZeroH Disclosure adds the verifiable proof layer that turns LLM security into evidence your regulator and DPO will accept.

Every prompt your team sends to AI passes through ZeroH Disclosure first. Field-level classification, policy-based redaction, cryptographic proof of what the AI saw. And what it never saw. Designed to sit beside Microsoft Copilot, internal agents, and any AI tooling your staff already uses. Patent-pending architecture (UK GB2604344.8).

Schedule a Demo Try Ask Ali with ZeroH Disclosure

How it works

Watch a prompt get cryptographically redacted before it reaches an AI

ZeroH Disclosure intercepts every prompt at the policy boundary. Sensitive fields are masked by your governance rules, the AI sees only the redacted version, and a signed, tamper-evident audit record is produced. Designed to be verifiable by your DPO and your regulator.

1. Your prompt

From your user, agent, or workflow

Review the Mudaraba contract for customer Ahmed Al-Maktoum with account ••• 4429 for Shariah compliance. Portfolio value AED 2.4M.

CUSTOMER_NAMEACCOUNT_NUMBERAMOUNT

ZeroH Disclosure

policy · mask · sign

Cryptographic redaction at the prompt boundary

2. What the AI sees

Microsoft 365 Copilot, Claude, ChatGPT, or your internal agent

Review the Mudaraba contract for customer ████ [CUSTOMER_NAME] with account ████ [ACCOUNT_NUMBER] for Shariah compliance. Portfolio value ████ [AMOUNT].

Policy applied3 fields masked

3. Signed audit record · tamper-evident

disclosure-proof:sha256:0x9c2f...e41a · 2026-05-19T08:14:22Z

GDPR Art.5EU AI Act Art.12QCB AI GuidancePRA SS1/23

Loops every 6 seconds

AI Safety Primitives, Cryptographically Verified

Every prompt classified at field level. Every redaction signed and tamper-evidently recorded. Every disclosure designed to be third-party verifiable. Aligned to PRA SS1/23, EU AI Act, QCB, CBUAE, and GDPR.

Prompt-Layer Interception

Every prompt your team sends to AI is intercepted at the policy layer before it reaches the model. Field-level classification identifies PII, PHI, financial sensitivity, and Shariah-sensitive content. Redaction is applied under your disclosure policy.

Tamper-Evident Proof of Non-Disclosure

Most audit logs prove what happened. ZeroH Disclosure is designed to prove what did not happen. That a specific PII field was redacted before the prompt reached the model, under a specific policy, at a specific time. Tamper-evidently recorded; designed to be verifiable by any third party.

Selective Disclosure

Share proof of compliance without exposing the underlying data. Your auditor sees what they need; your regulator sees what they need; nobody sees more than they need. Designed to use cryptographic proof, not editorial redaction.

Deterministic, Rule-Based Classification

Classification rules are deterministic. Not probabilistic AI guesses. Every redaction decision is traceable to a specific regulation article (GDPR Article 5, AAOIFI FAS 4, Qatar PDPPL, QFC DPR). Auditable. Reproducible. Defensible.

On-Premise Data Residency

Original documents and source data stay on infrastructure under your control. Only redacted content leaves your perimeter. Tamper-evident audit anchors are designed to be written with on-soil storage where available. Schrems II and Gulf data residency compliant by architecture.

Proof Packs on Demand

Generate regulator-grade evidence in one click: what your AI saw, what it never saw, under what policy, with what timestamp. Designed to support evidence under PRA SS1/23, EU AI Act Article 12, QCB AI guidance, CBUAE responsible AI principles, and GDPR Article 35 DPIA evidence.

Why ZeroH Disclosure Instead of LLM Security Tools or DLP

Cryptographic Proof, Not Vendor Assertion

LLM security platforms deliver runtime LLM security. Prompt injection defence and model integrity. Microsoft Purview and Google DLP do file-level redaction. None produce cryptographic, third-party-verifiable proof of what an AI saw and never saw. ZeroH Disclosure is designed to.

vs. alternatives: Vendor-asserted logs require trust in the vendor. Tamper-evident cryptographic records require trust in mathematics. Different security models. Different evidence grade.

Bring-Your-Own-AI, Not Vendor Lock-In

ZeroH Disclosure sits beside the AI your team already uses. Microsoft Copilot, ChatGPT Enterprise, Claude, internal LLM deployments, custom agents. No need to switch vendors. Specific plugin integrations (Microsoft 365 Copilot, browser extension, MCP servers) are in active development.

vs. alternatives: Most AI safety tools require adoption of their chat interface or their wrapper. ZeroH Disclosure is the policy + proof layer that works with any AI surface.

Regulator-Grade Evidence, Pre-Mapped

Proof packs are designed to support evidence requirements under PRA SS1/23 model risk, EU AI Act high-risk system logging, QCB AI guidance, CBUAE responsible AI principles, NIST AI RMF, ISO 42001, and GDPR Article 35 DPIA evidence. One product satisfies multiple supervisors at once.

vs. alternatives: AI governance dashboards map controls to frameworks. ZeroH Disclosure produces the runtime evidence those controls actually require.

Frequently Asked Questions

Bring Your Own AI. Make It Provably Safe.

See how ZeroH Disclosure wraps the AI tools your team already uses in a cryptographic safety layer. With proof your CISO, DPO, and regulator can verify independently.

Schedule a Demo Try Ask Ali with ZeroH Disclosure