Why this is hard

Know what AI you're running. Govern what every system produces.

To govern AI effectively, enterprises need two things: a clear picture of every system running across their provider estate, and a way to ensure every interaction is aligned with their own organisational context. Getting that visibility is a genuine challenge — AI spreads across Bedrock, Copilot Studio, AI Foundry, Vertex, and direct API keys, without clear identified ownership. Ensuring those flows are aligned to your specific policies, consistently across platforms, at the pace AI operates, is the harder part — and what no existing category addresses end to end.

When something goes wrong, no one can answer the only question that matters: what was this agent allowed to do, and where is the evidence it stayed within those limits?

What human oversight used to solve

As AI moves from a tool your people use to a body of work they can't review by hand, three things quietly break.

A committee that meets quarterly doesn't scale. Leyn provides a system whose evaluation rate matches your agents' action rate — and whose criteria are your own.

What makes Leyn different

Govern the content, not just the asset.

Every other category governs an asset — an agent, a registry entry, an issued identity — and infers safety from properties of that asset. Knowing AI exists is perceived risk versus actual risk. A correctly authenticated agent can still produce a non-compliant recommendation.

Leyn governs the actual content: the prompts, tool calls, results, and responses flowing in and out — evaluated against your own translated policy, at runtime, across every provider. The same standard governs both the design of an agent before it ships and every live interaction after. That isn't a feature bolted on top. It's a different place to stand.

Identity tells you who's at the door. Leyn tells you what they did once inside — and whether it was within policy.

The Leyn loop

Your policy becomes the control. Then it keeps working.

At the centre sits the Engine — it reads your real policy documents and turns them into machine-evaluable criteria. Everything else is what those criteria do.

Explore the platform →

Not just IT

The functions who can actually judge AI finally get to see it.

Where your most sensitive data is concerned

Designed to govern your crown jewels without exposing them.

The content that most needs alignment — strategy, planning, M&A thinking, trade secrets — is exactly the content you're most reluctant to expose to any third party. Leyn protects your most sensitive assets and data, with EU, EU Sovereign and US hosting options supplemented with extensive technical, organisational and contractual safeguards.

See our security architecture →

Provider-agnostic

No rip-and-replace. No single-vendor dependency in your governance layer.

Leyn sits across the providers you already use and feeds the systems you already run.

See all integrations →

Find your bearing.

See a live walkthrough on your stack, your policies.

The core

See · Align · Guard · Assure

Four layers, one continuous loop.

Depth where it's warranted

From sub-50ms checks to human review — calibrated to risk, not applied uniformly.

Not every interaction needs the same scrutiny. Leyn funnels traffic through progressively deeper layers, with depth set by the use case and its autonomy classification — so cost and latency track risk, not volume.

How it's deployed

A composable control plane between your applications and your AI providers.

Leyn operates as a transparent control plane in front of provider APIs. Traffic flows through the gateway, where each layer applies in turn — capturing risk and unwanted or unaligned behaviour as it happens — and full telemetry is captured for audit, trending, and reporting. Each layer can be deployed independently and switched on as your governance matures.

See deployment models →

See it run on your estate.

The pipeline

Four stages, fully traceable.

Why did the system behave that way?

Every runtime decision traces back to a line in a document.

Each control traces through artefact → statement → source section → source document. An auditor can follow any AI behaviour back to the exact policy clause and control framework that governed it. Governance is version-controlled, tested, and deployed like code.

It knows what it can't test

Operational policy becomes runtime-testable. Pure principle is flagged, not faked.

Operational policies — usage rules, editorial standards, escalation procedures — produce criteria that apply to a transcript in seconds. Principles-based documents are ingested and followed, but where translation into operational instructions is needed, Leyn flags the gap and surfaces worked examples for your subject-matter experts to review and approve. The system telling you what it cannot test is a safety property, not a limitation.

Bring a policy. See what comes out.

We'll run the Engine on a document and show you the criteria, the source quotes, and the coverage.

Pre-deployment

A risk vector, not a single number.

When an agent is registered, its instructions and declared tools are evaluated against your policy and assigned an automated-decision tier from 1 to 5. But a tier alone is too blunt to gate a deployment — Leyn evaluates a richer set of signals:

Runtime

Declared tier, meet observed behaviour.

Captured traces are evaluated against your active criteria and fold back into an observed tier, compared against the declared one. A mismatch — a tier-2 agent making write-capable tool calls without a human checkpoint — is the highest-signal governance event Leyn produces. A real stop control can revoke an agent's permissions and halt active sessions immediately.

Multi-agent workflows

Standards-based tracing across the whole chain.

Leyn propagates a single trace across agent chains using open tracing standards — every agent action, tool call, and inter-agent message is a step within one auditable trace. A violation mid-workflow can block, roll back, alert, or escalate.

Bring your messiest workflow.

How teams start

Begin with one domain. Grow into a governance capability.

You don't have to boil the ocean. A typical start is one domain — gateway visibility, one slice of policy, one set of stakeholders — proving value in weeks. From there, more domains come online, more functions own their criteria, and the value compounds. Onboarding isn't a cost centre; it's where the capability is built.

See pricing & deployment →

Discover, route, and watch.

Invisible throughput becomes something a business owner can actually weigh.

From a hope to an owned, living control.

Measure, evidence, and feed your GRC.

See compliance coverage →

Three deployment regions. One governance standard.

Beyond certification.

Certifications set a floor. Leyn builds above it — with controls that regulated industries require and that are cost-effective to operate at scale.

Visit the Trust Center →

Not a questionnaire. A continuous record.

Evidence of how AI actually behaves — not how it's intended to.

GRC suites map systems to frameworks and produce evidence from a human filling in an assessment. Leyn evidences how AI actually behaves, continuously, at the content layer, with every record traceable to the policy clause and control framework that governed it — then feeds it into the GRC stack you already run.

Your control frameworks.

Leyn's primary governance layer is not a generic standard — it is your own. During onboarding, the Engine ingests your internal policies, risk frameworks, values, and operational rules and translates them into machine-evaluable criteria, reviewed and approved by your subject-matter experts before they go live. Every evaluation is traceable to your specific document and clause.

Available as onboarding selections

Complementary regulatory and industry standards.

In addition to your own frameworks, Leyn supports regulatory and industry standards as selectable overlays — chosen during onboarding, maintained as those standards evolve. Each adds a structured evidence layer without replacing your own governance.

Evaluation calibrated to autonomy

Five automated-decision tiers, differentiated controls.

From "AI assists, human decides" to "AI decides and acts independently." Higher autonomy means deeper evaluation, mandatory checkpoints, and continuous monitoring with a stop control. Tier 1 → quarterly sample, inline rules only … Tier 5 → continuous monitoring, all layers, kill switch.

See the evidence Leyn would generate for you.

Don't see your stack? Ask us.

Four tiers, by AI volume.

Pricing reflects your AI interaction volume and deployment model. Book a demo for a quote scoped to your estate.

Choose your deployment region.

Design-partner programme

Build the standard with us.

We're working with a small number of founding customers as design partners — co-developing against real policies, real estates, and real regulatory pressure. A partnership, not a transaction: deeper roadmap input, hands-on onboarding, and preferential terms.

Apply to the programme →

Get a quote scoped to your estate.

A note when there's something worth reading.

No volume for its own sake. We write when we have a marker worth placing.

What we're building

The problem is real and the gap is wide.

Enterprises are deploying AI at scale — across providers, teams, and use cases — without a reliable way to know whether what their systems produce is aligned to their own standards. Existing tools govern assets. Leyn governs output: the actual content produced by AI, evaluated against the organisation's own translated policy, at the pace AI operates. That distinction is not a marketing claim. It determines whether governance works or just looks like it does.

Why now

Regulation and scale are converging.

Regulatory deadlines are forcing enterprises to produce evidence of AI control that doesn't yet exist in most organisations. Simultaneously, the volume of AI-generated work is growing faster than any human review function can scale to. Both pressures point to the same requirement: an evaluation layer whose rate matches the action rate, and whose criteria come from the organisation — not a vendor's rulebook.

How we work

Openness. Quality. Determination.

• Open about what we know and what we don't. Every criterion is traceable; every score is explainable; every limitation is stated, not papered over.
• Quality over coverage. We build fewer things and build them properly. A governance tool that produces unreliable output is worse than no tool.
• Determined on the hard part. The Engine is the difficult, novel work. We stay focused on it rather than expanding surface area prematurely.
• Results, not process. The measure is whether regulated enterprises can prove their AI is aligned — not whether a framework has been filled in.

Built in Stockholm

A Swedish company, founded at a specific intersection.

Leyn AB sits where data protection, AI governance, and the practical reality of running AI inside large, regulated organisations meet.

What to expect.

Pick a time that works for you.

30 minutes. Bring a real policy document and your AI estate. We'll show you the Engine running on it.

Certifications

Where we are.

Security controls.

Deployment regions and data residency.

• US hosted. AWS US East / US West. Data remains in the United States.
• EU hosted. AWS eu-west (Ireland / Frankfurt). Data remains within the EU boundary.
• EU Sovereign hosted. Dedicated sovereign EU cloud. Contractual data-residency guarantees enforced at infrastructure level. No data leaves the sovereign environment.

Sub-processors.

A full, current list of sub-processors is maintained below. We give 30 days' notice before adding or replacing any sub-processor.

Last updated: June 2026

1. Controller

Leyn AB (organisation number to be confirmed), Stockholm, Sweden, is the data controller for personal data processed in connection with our services. Contact: privacy@leyn.ai

2. Data we collect

• Account and contact data. Name, work email address, job title, company name — provided when you create an account, sign a contract, or contact us.
• Usage data. Feature usage, interaction logs, session metadata, API call volumes — collected automatically as you use the platform.
• Technical data. IP address, browser type, device identifiers, log data — collected automatically.
• Communication data. Content of emails, support tickets, and correspondence with Leyn.

We do not collect or process the personal data contained within AI inputs and outputs routed through the platform. That data is processed on your behalf under the Data Processing Agreement.

3. Purposes and legal bases

• Service delivery and account management. Performance of contract (Art. 6(1)(b) GDPR).
• Billing and subscription management. Performance of contract; legal obligation.
• Security monitoring and fraud prevention. Legitimate interests (Art. 6(1)(f) GDPR).
• Product improvement and analytics. Legitimate interests.
• Legal compliance. Legal obligation (Art. 6(1)(c) GDPR).
• Marketing to existing customers. Legitimate interests; consent where required.

4. Retention

• Account data: duration of the contract plus 3 years.
• Usage and technical logs: 12 months rolling.
• Billing records: 7 years (Swedish Bookkeeping Act).
• Support correspondence: 3 years from resolution.

5. Recipients

We share data with sub-processors necessary to provide the service — including cloud infrastructure providers, payment processors, and support tooling. A current list of sub-processors is available on our Trust Center. We do not sell personal data or share it with third parties for their own marketing.

6. International transfers

Leyn AB is based in Sweden (EU). For EU-hosted deployments, data remains within the EU. For US-hosted deployments, data is transferred to the United States under Standard Contractual Clauses (SCCs, Commission Decision (EU) 2021/914). For EU Sovereign deployments, no data leaves the sovereign cloud environment.

7. Your rights

Under GDPR you have the right to: access your data; correct inaccurate data; request erasure (where no legal obligation requires retention); restrict processing; data portability; object to legitimate-interest processing; and withdraw consent where processing is consent-based. To exercise your rights, contact privacy@leyn.ai. You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

8. Changes

We will notify you of material changes by email or in-product notice at least 30 days before they take effect.

Last updated: June 2026

1. Definitions

• Leyn, we, us. Leyn AB, Stockholm, Sweden.
• Customer, you. The legal entity that has subscribed to the Service under an Order Form.
• Service. The Leyn AI governance platform, including the Engine, gateway, evaluation layers, and associated APIs, as described in the documentation.
• Authorised Users. Employees or contractors of Customer permitted to use the Service.
• Order Form. The commercial agreement specifying edition, volume, deployment region, term, and price.

2. Access and use

Subject to payment and these Terms, Leyn grants Customer a non-exclusive, non-transferable right to access and use the Service during the subscription term, for Customer's internal business purposes, for the number of Authorised Users specified in the Order Form. Customer is responsible for Authorised Users' compliance with these Terms.

3. Acceptable use

Customer must not: (a) use the Service to violate applicable law; (b) reverse-engineer, decompile, or attempt to extract the source code; (c) resell, sublicense, or make the Service available to third parties outside the Order Form; (d) use the Service to process data beyond the agreed scope; (e) attempt to circumvent or disable security controls.

4. Intellectual property

Leyn retains all rights in the Service, including the Engine and all underlying technology. Customer retains all rights in its governance documents, policies, and data. Criteria generated by the Engine from Customer's documents are owned by the Customer. Aggregate, anonymised benchmarks derived from platform-wide usage — which do not identify Customer or its data — may be used by Leyn for product development.

5. Confidentiality

Each party agrees to keep the other's confidential information secret, to use it only for purposes of the agreement, and to protect it with at least the same standard of care it uses for its own confidential information. This obligation survives termination for 5 years. It does not apply to information that is publicly available, independently developed, or required to be disclosed by law.

6. Data processing

To the extent the Service processes personal data on Customer's behalf, the parties' Data Processing Agreement governs. In case of conflict between these Terms and the DPA on data processing matters, the DPA prevails.

7. Warranties

Leyn warrants that the Service will perform materially in accordance with the documentation during the subscription term. Customer warrants that it has the right to provide to Leyn any data submitted for processing. Except as expressly stated, the Service is provided "as is".

8. Limitation of liability

To the extent permitted by law: (a) neither party is liable for indirect, consequential, or punitive damages; (b) Leyn's total aggregate liability for any claim is limited to fees paid by Customer in the 12 months preceding the claim. Nothing in this clause limits liability for death, personal injury, fraud, or liability that cannot be limited by law.

9. Term and termination

The subscription term is as specified in the Order Form and renews automatically unless either party gives 60 days' written notice before the renewal date. Either party may terminate immediately on material breach unremedied within 30 days of written notice. On termination, Customer's access ceases and Leyn will make Customer data available for export for 30 days before deletion.

10. Governing law

These Terms are governed by Swedish law. Disputes shall be resolved by the courts of Stockholm, Sweden, as the court of first instance.

Last updated: June 2026

1. Subject matter

The Processor processes personal data on behalf of the Controller in connection with the provision of the Service, as described in Annex 1 below.

2. Instructions

The Processor shall process personal data only on documented instructions from the Controller. The Order Form and Terms of Service constitute the Controller's initial instructions. The Processor shall inform the Controller if it believes an instruction infringes applicable data protection law.

3. Confidentiality of processing

The Processor shall ensure that persons authorised to process personal data are bound by appropriate confidentiality obligations.

4. Security

The Processor shall implement and maintain appropriate technical and organisational measures as described in Annex 2, taking into account the nature of the processing and the risks to data subjects.

5. Sub-processors

The Controller provides general authorisation for the Processor to engage sub-processors. The Processor shall: (a) maintain and make available a current list of sub-processors; (b) notify the Controller at least 30 days before adding or replacing a sub-processor; (c) impose data protection obligations on sub-processors equivalent to those in this DPA. If the Controller objects to a new sub-processor on reasonable data-protection grounds, the parties shall work in good faith to resolve the concern.

6. Data subject rights

The Processor shall, taking into account the nature of the processing, assist the Controller by appropriate technical and organisational measures in responding to data subject rights requests.

7. Security incidents

The Processor shall notify the Controller without undue delay — and no later than 48 hours after becoming aware — of a personal data breach affecting data processed under this DPA. Notification shall include: nature of the breach; categories and approximate number of data subjects and records affected; likely consequences; and measures taken or proposed.

8. Data protection impact assessments

The Processor shall provide reasonable assistance to the Controller in carrying out data protection impact assessments and prior consultation with supervisory authorities where required.

9. Deletion or return

On termination of the Service, the Processor shall, at the Controller's election, return or securely delete all personal data and provide written confirmation of deletion. The Processor may retain data where required by applicable law for the minimum period required.

10. Audit

The Controller may, on reasonable written notice (not less than 30 days) and no more than once per year, audit the Processor's data processing activities or commission an independent auditor, at the Controller's cost. The Processor may propose an equivalent third-party audit report in lieu of an on-site audit.

11. International transfers

Where personal data is transferred outside the EEA, the transfer shall be subject to Standard Contractual Clauses (Commission Decision (EU) 2021/914) or another valid transfer mechanism under Chapter V GDPR.

12. Governing law

This DPA is governed by Swedish law. The competent supervisory authority is the Swedish Authority for Privacy Protection (IMY), unless otherwise required by applicable law.

Annex 1 — Details of processing

• Subject matter. AI governance and policy compliance monitoring.
• Duration. Term of the Service agreement.
• Nature and purpose. Evaluation of AI inputs and outputs against policy criteria; logging; reporting — to enable the Controller to govern AI behaviour in accordance with its own policies.
• Types of personal data. As determined by the Controller; may include identifiers of employees and end users appearing in AI interactions.
• Categories of data subjects. Employees of the Controller; end users of the Controller's AI systems.

Annex 2 — Technical and organisational security measures

• Encryption. TLS 1.3 in transit; AES-256 at rest.
• Access control. Role-based access; MFA enforced on all access paths; least-privilege principle.
• Key management. Customer-managed keys (BYOK) available; HSM-backed.
• Audit logging. Immutable, tamper-evident log of all access and processing events.
• Vulnerability management. Quarterly penetration testing; SBOM; dependency scanning.
• Incident response. Defined plan with SLA commitments; NIS2-aligned notification for EU Sovereign deployments.
• Personnel security. Background checks for production access; annual security training.