Private AI API (PAI API)
Programmatic access to Swiss-hosted private LLMs for applications and automation.
Product Overview
PAI API gives your teams programmatic access to Swiss-hosted private LLMs via a secure, OpenAI-compatible interface. You can plug AI capabilities directly into your applications, automations and backend systems while keeping full control over where your data lives and how it is processed. All models run in Switzerland, and no customer data is used for training.
With PAI API you work against a single, unified API while choosing from a curated catalogue of open LLMs such as DeepSeek, Llama4-Maverick, Apertus, Mistral and more. Dynamic routing, consistent response formats and flexible configuration make it easy to embed sovereign, enterprise-grade AI into any product or workflow – at transparent per-token pricing.
Key Features
Private, Swiss-Hosted LLMs
Run your AI workloads on privately hosted models in Swiss data centres. All prompts and outputs stay within the Private AI environment and are not used for model training. This gives you data sovereignty, regulatory alignment and full control over how sensitive information is processed.
OpenAI-Compatible API Interface
Integrate quickly using familiar OpenAI-style endpoints. Existing code, SDKs and tools that already speak the OpenAI API can usually connect with minimal changes, dramatically reducing integration effort and time-to-value.
Choice of Models with Smart Routing
Access a growing catalogue of open LLMs, including DeepSeek, Llama4-Maverick, Apertus, Mistral and others, all through the same API. Dynamic routing automatically detects provider status and context limits, and can transparently switch to alternate models if a primary model is slow or unavailable – increasing reliability and effective uptime.
Full Configuration & Cost Control
Fine-tune behaviour on a per-request or per-model basis with parameters like temperature, max_tokens and more. Apply detailed budget controls and rate limits per project, team or user to keep spend predictable and aligned with internal policies, even at scale.
Normalised, Developer-Friendly Responses
All responses follow a consistent, normalised format with generated text always available at choices, message, content. This abstraction shields your applications from provider-specific differences and simplifies downstream parsing, logging and analytics – especially when you work with multiple models in parallel.
Streaming, Async & Token-Based Pricing
Use synchronous or asynchronous calls depending on your architecture, and enable server-side streaming where you want faster perceived response times in your UI. PAI API is billed per million input and output tokens, giving you transparent, usage-based pricing that scales cleanly from prototypes to high-volume production workloads.
Ready for Private AI API?
In our free briefing, we show you how to use Private AI API productively and securely in the company – without data risks and compliance concerns.
Service Description
The PAI API gives your developers and applications direct, programmatic access to Safe Swiss Cloud’s Private AI models, hosted entirely on GPU infrastructure in our Swiss data centres. It is designed as a drop-in alternative to public AI APIs — fully managed, OpenAI-compatible, and built around the same standards your existing tooling already speaks.
The following service details describe how the PAI API is delivered, secured and billed:
- Pricing: Billed per million input and output tokens. (Pricing Details →)
- Standard service: Customers receive a dedicated API endpoint and an authentication key to connect their applications to the LLMs.
- API standard: The API is OpenAI-compatible — the de facto industry norm — so existing libraries, SDKs and integrations work without modification.
- Fully managed: Safe Swiss Cloud operates, maintains and updates the entire service end-to-end.
- Security: All API traffic is encrypted via HTTPS, and can optionally be routed over a VPN.
- No logging of content: Prompts and model responses are never logged. Only metadata is recorded — for example, request timestamp, model used, completion time and token count.
LLM Models at Safe Swiss Cloud: Core Characteristics
Choose from a rich catalog of sovereign LLMs – all with the same strict privacy and compliance guarantees. Safe Swiss Cloud’s Private AI (PAI) services combine a broad selection of open-source LLMs with a consistent security, privacy and compliance foundation. You keep full control over data, infrastructure and model choice, while we provide the sovereign hosting and operational excellence
Which LLM Models are supported by PAI?
SSC provides access to the following open source large language models. These are provided as-is with no warranties:
| Model | Type | Details |
| apertus-70b | Chat | Optimized for multilingual dialogue use cases. |
| bge-m3 | Embedding | Optimized for Embeddings and parse retrieval with support for Multi-Functionality, Multilinguality, and Multi-Granularity. |
| bge-reranker-v2 | Reranker | Optimized for Reranker to get relevance score. |
| deepseekr-v32 | Chat | Optimised for reasoning chat completions |
| deepseek-ocr | OCR | Optical Character Recognition |
| gemma-12b-it | Multimodal | Optimized for handling text and image input and generating text output. |
| gemma4-31b | Multimodal | Optimized for handling text and image input and generating text output. |
| gpt-oss-120b | Chat | Optimized for powerful reasoning, agentic tasks, and versatile developer use cases. |
| granite-33-8b | Chat | Optimized for Reasoning and instruction-following capabilities. |
| granite-emb-278m | Embedding | Optimized for Embeddings. |
| granite-vision-2b | Multimodal | Optimized for compact and efficient vision-language model |
| llama4-maverick | Chat and multimodal | Optimized for text and multimodal experiences. |
| llama4-scout-17b | Chat and multimodal | Optimized for text and multimodal experiences. |
| mistral-v03-7b | Chat only | Optimized for multilingual dialogue use cases. |
| qwen3-8b | Reasoning | Optimized for thinking and reasoning. |
| qwq-32b | Reasoning | Optimized for thinking and reasoning. |
| qwen3-vi-235b | Multimodal | Optimized for text and multimodal experiences. |
| whisper-large-v3 | Speech to Text | For converting speech to text. |
Other commercial or proprietary LLMs can also be integrated depending on licensing and infrastructure requirements.
Characteristics of all Private AI Services
Private AI (PAI) involves SSC providing Customers with sovereign Private AI solutions. The following service characteristics apply to all of Safe Swiss Cloud‘s PAI services.
- Multi-lingual LLMs provide you access to knowledge from any language with results being delivered in your own language.
- Choice of models: Select from a large catalogue of open large language models (LLMs) including DeepSeek, Llama4-Maverick, Apertus, Mistral and many more.
- Sovereign AI by design: All LLMs are privately hosted in Switzerland, by Swiss owned entities. Your data always stays under your control. Your data is processed strictly in accordance with Swiss and privacy regulatio
- Privacy: Your data is processed strictly in accordance with with the Swiss Data Privacy Act (DSG) and EU GDPR.
- No Training, Retraining or Fine Tuning of the LLMs with your data.
- ISO Certifications: 27001, 27017, 27018.
- Conforms to the C5 and NIS2 standards
- 100% hosted in Swiss data centers under Swiss control.
Why Private AI?
Sovereignty matters
Public AI is useful—but it can conflict with enterprise privacy, compliance and change control. Private AI keeps prompts, data and outputs inside your perimeter, with model versions you govern.
AI systems hosted by US-controlled providers fall under the US CLOUD Act, even when infrastructure is outside the US. That exposure conflicts with Swiss/EU data-protection expectations. Hosting in Swiss sovereign infrastructure under Swiss control avoids this risk.
Safe Swiss Cloud commitments
- Full privacy: Data is used strictly to provide the contracted service—no training on your proprietary data unless you opt in.
- Hosted by Safe Swiss Cloud in Swiss data centres.
- Swiss law & control: Services run under Swiss law (aligned with EU law); all service entities are Swiss-controlled.
- Not subject to US CLOUD Act coercion: As a fully Swiss-controlled IT group, Safe Swiss Cloud cannot be compelled to disclose customer data by US law.
Outcome: predictable operations, regulatory alignment (GDPR, DSG, FINMA, DORA) and audit-ready AI.
PAI API Pricing
All prices are in CHF / EUR. The prices are all based on the number (in millions) of input and output tokens used for each model per month. Allows programmers to access more than 25 LLMs via an OpenAI API compatible Application Programming Interface.
There is a minimum charge of CHF 95.- (EUR 100.- for non-Swiss customers) per month for all the input and output tokens consumed for all models. The prices per model are as follows:
| Model | Type | Price per million input tokens (CHF/EUR) | Price per million output tokens (CHF/EUR) | Details |
|---|---|---|---|---|
| apertus-70b | Chat | 0.712 | 2.553 | Optimised for multilingual dialogue use cases. |
| bge-m3 | Embedding | 0.496 | n/a | Optimised for embeddings and parse retrieval with support for Multi-Functionality, Multilinguality, and Multi-Granularity. |
| bge-reranker-v2 | Reranker | 0.009 | n/a | Optimised for Reranker to get relevance score. |
| deepseek-ocr | OCR | 0.443 | 1.770 | Optimised for scanning documents – optical character recognition |
| deepseek-v32 | Chat | 0.708 | 2.124 | Deepseek Version 3.2 |
| gemma-12b-it | Multimodal | 0.310 | 0.496 | Optimised for handling text and image input and generating text output. |
| gemma4-31b | Multimodal | 0.136 | 0.374 | Optimized for handling text and image input and generating text output. |
| glm45-air-110b | Chat | 0.487 | 1.938 | Optimised for chats |
| gpt-oss-120b | Chat | 0.133 | 0.531 | Optimised for powerful reasoning, agentic tasks, and versatile developer use cases. |
| granite-33-8b | Chat | 0.177 | 0.177 | Optimised for Reasoning and instruction-following capabilities. |
| granite-emb-278m | Embedding | 0.089 | n/a | Optimised for Embeddings. |
| granite-vision-2b | Multimodal | 0.089 | 0.089 | Optimized for compact and efficient vision-language model |
| kimi-k2 | Chat | 0.886 | 2.657 | Optimised for multi-lingual chats |
| llama4-maverick | Chat and multimodal | 0.310 | 1.239 | Optimised for text and multimodal experiences. |
| llama4-scout-17b | Chat and multimodal | 0.221 | 0.735 | Optimised for text and multimodal experiences. |
| miner-u25 | Vision – Language | 0.437 | 0.265 | Optimized for document parsing that achieves state-of-the-art accuracy with high computational efficiency. |
| mistral-v03-7b | Chat only | 0.177 | 0.177 | Optimised for multilingual dialogue use cases. |
| qwen3-8b | Reasoning | 0.031 | 0.122 | Optimised for thinking and reasoning. |
| qwq-32b | Reasoning | 1.062 | 1.062 | Optimised for thinking and reasoning. |
| qwen3-vl-235b | Multimodal | 0.805 | 2.300 | Optimised for text and multimodal experiences. |
| whisper-large-v3 | Speech to Text | 0.007 per minute | n/a | For converting speech to text. |
How to get started
- Initial briefing – We assess your goals, compliance requirements, and current IT landscape to determine the optimal AI architecture.
- Architecture design – Together we select suitable LLMs, integration points, and hosting options that fit your strategy.
- Implementation – We deploy and integrate the AI environment, connecting it to your internal systems securely and efficiently.
FAQ
Questions and answers about Private AI by Safe Swiss Cloud
Private AI at Safe Swiss Cloud means three things:
- Customer data — prompts, replies, and AI output — is never used to train models.
- Customer data is handled in accordance with the Swiss Data Protection Act (DSG) and the EU’s GDPR, ensuring full privacy compliance.
- The infrastructure is sovereign, meaning it is not subject to arbitrary service interruptions for non-technical reasons.
Safe Swiss Cloud’s Private AI complies fully with the revised Swiss Data Protection Act (CH DSG) and the EU GDPR.
No. Prompts and responses are not stored in logs and therefore cannot be viewed or traced by Safe Swiss Cloud staff.
Yes. Every customer receives their own dedicated front end and RAG (Retrieval-Augmented Generation) system. Prompts are fully isolated from one another and have no cross-customer side effects.
Yes. This option is more expensive because it involves dedicated GPUs for a single customer. It is a viable solution for customers with sufficient workload volume and strict compliance requirements for a dedicated AI infrastructure.
Swiss law requires that Safe Swiss Cloud may only hand over customer data to non-Swiss or foreign governments if a warrant issued by a Swiss court under Swiss law has been served. This provides a robust legal barrier against extraterritorial data access requests.
Yes. The technical privacy features, together with the regulatory frameworks of the Swiss Data Protection Act and the EU GDPR, ensure that the Private AI environment is suitable for regulated data, including healthcare and financial data.
Yes. Safe Swiss Cloud offers dedicated GPU and storage clusters for individual customers.
Backups are always encrypted. Snapshots of an encrypted volume are also encrypted. Customers can additionally choose to encrypt data at rest, which ensures that all snapshots remain encrypted and cannot be used in any way other than intended.
We use open-source models accessible via the industry-standard OpenAI API. This allows customers to switch models and providers as needed, without being locked into proprietary formats or interfaces.
All AI data and models are stored and processed exclusively in Switzerland.
Safe Swiss Cloud uses open-source models and does not train — or contribute to training — these models. As a result, customer data (prompts, AI output, logs, etc.) is never used for any purpose other than what the customer explicitly requests. This prevents confidential information from inadvertently entering the public domain.
Many publicly available AI services silently use customer data for training. For example, an employee who uploads a file containing confidential information to a public AI service may see that data incorporated into a future large language model (LLM) iteration — potentially enabling a competitor to retrieve proprietary information in a future query.
Safe Swiss Cloud offers an SLA with 99.9% uptime. For paid support plans, the guaranteed response time is a maximum of one hour.
We offer services to develop MCP (Model Context Protocol) servers for connecting AI systems to enterprise data sources and workflows.
Safe Swiss Cloud offers paid support packages with 24/7 coverage. For details, please visit our Support Services page.
Safe Swiss Cloud is ISO 27001, ISO 27017, and ISO 27018 certified and audited annually. This ensures that an Information Security Management System (ISMS) is in place, that the necessary standards for protecting Personally Identifiable Information (PII) are met, and that additional security and privacy measures for cloud environments are implemented.
Safe Swiss Cloud also complies with a range of industry-specific standards, including FINMA and BaFin (finance), HIPAA and FMH (healthcare), EU GDPR and Swiss DSG (data protection), as well as C5 and NIS2.
Large Language Models are accessed via the industry-standard OpenAI API. Interfaces to enterprise data are based on the Model Context Protocol (MCP) standard. Together, these ensure a very high degree of interoperability between systems, making it straightforward to switch models or providers.
Like all AI service providers — including the major international public cloud providers — Safe Swiss Cloud does not guarantee specific performance levels for AI workloads. However, a large pool of high-performance GPUs and dynamic capacity management have been implemented to ensure strong performance under normal operating conditions.
