We started Other Me because the firms that have the most to gain from AI — accountants, lawyers, advisers, clinics — are the ones who can least afford to leak client data. So we built the firewall first, and the workspace around it.
Every AI tool wants access to your data, and most are happy to send it to a model that remembers it. For a regulated practice, that’s a non-starter: confidentiality isn’t a setting, it’s the job. The result is that the teams who’d benefit most from AI keep it switched off.
The Secure Context Retrieval System (SCRS) is a patent-pending firewall (UK App 2602911.6) that detects and tokenises personal data before any model or index sees it, and rehydrates it only for authorised people at the moment of use. The AI gets to be useful; your clients’ information never leaves your control. Everything else — CRM, email, the free Document, Workbook and Deck editors, live chat, tickets, automation and compliance — is built on top of that one guarantee.
Most AI products bolt governance on at the end. We did the opposite — because for a regulated practice, the order matters.
Redacting an answer after the model has already read the raw record is a filter, not a firewall. The data was still exposed — to the index, to the prompt, to anything that logs along the way. For confidential work, “mostly removed” is the same as leaked.
SCRS enforces permissions during retrieval, so out-of-scope data is removed before any result exists. The vector index holds zero plaintext — no readable text, ever; the content sits in a separate encrypted store and is released only after cryptographic verification.
If any check fails, the system returns nothing rather than guessing. Personal data is tokenised before a single character reaches a third-party model — the AI sees client_4821, your authorised user sees Henderson Ltd.
Once the firewall held, we built the rest in-house — CRM, email and projects, live chat, ticketing, flows, HR-lite, finance and a full governance suite — so the same protection runs end to end instead of stopping at a connector.
These aren’t settings you switch on. They’re how the system is built — which is the whole point.
Permissions are applied during retrieval, so anything outside your remit never makes it into the candidate results. It’s a firewall, not a filter — the out-of-scope data is gone before there’s anything to redact.
The vector index holds no readable text. Content lives in a separate encrypted store and is only released after cryptographic verification — so a leaked index leaks nothing legible.
11 built-in regex types (email, UK/US phone, NI number, passport, postcode and more) plus spaCy NER for names, organisations and places. Personal data is tokenised before any third-party model call; tokens rehydrate only for the authorised user.
Any failure returns nothing instead of guessing. And when someone leaves, offboarding logically revokes their data access — the leaver kill-switch is wired straight into HR.
Read the deeper write-up on the security & governance page.
Other Me is built by Pop Hasta Labs Ltd in the United Kingdom. Our data stays on UK/EU residency, and we never use client data to train models. The core firewall is the subject of a UK patent application — it’s genuinely patent-pending, not borrowed governance dressed up as a feature.
A UK company building a governed, AI-first workspace for regulated practices.
UK Application 2602911.6 covers the SCRS firewall. Patent-pending — never “patented”.
Your data stays in-region. No client data is used to train any model.
On track for ISO 42001; SOC 2 Type II and ISO 27001 are on our roadmap.
| Standard | Status |
|---|---|
| UK GDPR | Compliant |
| UK Age Appropriate Design Code | Compliant |
| ISO 42001 | On track |
| SOC 2 Type II | On roadmap |
| ISO 27001 | On roadmap |
| HIPAA | By BAA / contract |
| EU AI Act | Monitoring |
Hard rule we hold ourselves to: nothing is described as certified until it is. We say “on track” and “on roadmap” because that’s the truth.
Because every module is first-party and sits behind the same firewall, the protection holds end to end — instead of stopping at the first connector.
Best model per job across GPT, Claude, Gemini and Grok — with shared memory and free Document, Workbook and Deck editors on every AI plan.
Pipeline and deals, quote → invoice → pay, e-sign, matters with ethical walls, and forms, booking pages and automation — Flows is free with CRM.
DSAR, RoPA, consent, DPIA, AI impact assessments, audit trail, operational registers and legal hold — the paperwork the regulator asks for, kept as you work.
Every module is described in detail on the product overview.
Our values aren’t a poster on the wall — they show up in the price list.
AI base is per seat, and modules add per seat — so the price scales with your team, not with how much data you store. Office editors are free with AI; Flows and HR-lite are free with CRM.
We don’t hold the best model hostage for a higher plan. There’s no per-tier model gating — everyone gets best-model-per-job routing.
Payments run through Revolut. Enterprise — SSO, BYOK, data residency controls and matter walls — is coming soon; talk to us about early access.
Whether you want to use Other Me or help build it, we’d love to hear from you.