AI for Dutch accountants, without client data ever leaving your control.
Faylo lets your firm put ChatGPT-class models to work on real client files. Names, BSNs, KvK and IBAN numbers are deterministically pseudonymised before a single token reaches the provider — and resolved again only inside your own tenant.
Watch a real client prompt pass through Faylo
Faylo sits as a refraction layer between your team and the model: capture, refract, reason, restore. The provider only ever sees the pseudonymised middle stage.
Onze cliënt Jansen Bouw B.V. (KvK 61234567, btw NL853123456B01) heeft over 2024 een omzet van €1.240.000 en een nettowinst van €185.000. DGA is de heer P. van den Berg (BSN 999995649), die nu een salaris van €48.000 per jaar opneemt. De rekening-courantschuld aan de B.V. staat op €78.500. De vennootschap houdt aan op IBAN NL44 RABO 0123 4567 89.
Kun je beoordelen of het gebruikelijk loon van de DGA in lijn is met de richtlijnen voor 2024, en de risico’s rond de oplopende rekening-courantschuld aangeven?
The provider never receives a name, number or account it could re-identify.
- 01
Capture
Your team writes exactly as they always would — full names, BSNs, KvK and btw numbers, IBANs. Nothing about the workflow changes.
- 02
Refract
Each identifier is detected and replaced with a stable, opaque token. The value-to-token mapping stays in a vault inside your tenant.
- 03
Reason
The pseudonymised prompt goes to the model. Because tokens are consistent, the model reasons fully about context and relationships — without any re-identifiable value.
- 04
Restore
The answer returns tokenised and is resolved locally against the vault. Your team reads a clean answer about the real client; users never see a token.
Three guarantees, designed into the pipeline
Data never leaves in the clear
Every identifier — names, BSN, KvK, btw, IBAN — is detected and replaced before egress. The model receives tokens, never the original values.
Deterministic pseudonymisation
The same entity always maps to the same token within a session, so the model keeps full context and reasoning quality — without ever knowing who it is.
Runs in your own tenant
The mapping vault and keys live in your Azure tenant or on-premises. Re-identification happens locally; nobody else — including Faylo — can reverse a token.
You want the productivity. You can’t risk the AVG exposure.
Pasting a client’s figures into a public chatbot means sending identifiable personal data to a third country. Faylo removes the risk at the source — so the upside is yours without the liability.
- Public chatbots: client names and BSNs sent abroad in the clear, with no processing agreement and no control.
- “Just don’t use AI”: your team falls behind while competitors draft, review and advise in a fraction of the time.
- Faylo: full model power on real files, with identifiers pseudonymised before they ever leave your tenant.
Runs where your data already lives
The same pseudonymisation guarantees in every deployment. You only choose where the software runs and who operates it.
Your Azure tenant
Deployed inside your own Microsoft Azure environment. Keys, logs and mappings never leave your subscription.
On-premises
Fully air-gapped installation in your own data centre, for firms with the strictest data-residency rules.
Hosted by Faylo
A managed EU-region tenant we operate for you — fastest to pilot, with the same pseudonymisation guarantees.
See Faylo on your own files
A short pilot in your environment, with your team’s real workflows. No client data leaves your tenant — that’s the whole point.