Artificial Intelligence
How We Build With Claude — And Safeguard It for Clients
Anthropic's Claude is our default model for client work. Here's why we reach for it, how we integrate it into production systems, and the safeguards we put around it so it's safe to put in front of your customers and your auditors.
Quick answer
Seypro builds production AI on Anthropic's Claude — the Opus, Sonnet, and Haiku model family — chosen for its reliability on long, tool-using workflows and its safety posture. We integrate it through the Claude API, AWS Bedrock, or Google Vertex AI, and wrap it in client-controlled safeguards: no client data used to train models, optional zero-data-retention, PII redaction, prompt-injection defenses, human-in-the-loop on consequential actions, and full audit trails. The result is AI you can put in front of customers and defend to regulators.
Key takeaways
- Claude (Anthropic) is our default model for client work — strongest where it matters: long context, reliable tool use, and following instructions on multi-step agent workflows.
- We deploy it where your compliance needs it: the Claude API, AWS Bedrock, or Google Vertex AI — so the model runs inside your existing cloud and contract.
- Anthropic does not train its models on data sent through the commercial API by default, and zero-data-retention is available for qualifying accounts.
- Safeguards are an engineering layer we own: PII redaction, prompt-injection defenses, tool allow-lists, human-in-the-loop, evals, and audit logging.
- Where data sovereignty rules out any hosted model, we deploy private open-weight LLMs instead — Claude is the default, not the only option.
The short version
When a client engagement needs a large language model, our default is Claude — the model family from Anthropic. Not because it is the only good model — we also build on OpenAI's GPT and Codex and Google's Gemini, and pick per use case — but because for the work we tend to do (long, tool-using, audit-sensitive workflows), Claude is the model we trust to behave predictably in production.
This article is on the record for clients who want to know exactly what they're getting when we say "we'll build this on Claude": which model, running where, with what guarantees about their data, and what we do to make sure it stays safe once it's live.
Why Claude is our default
Anthropic ships Claude as a family — Opus for the hardest reasoning, Sonnet as the balanced workhorse, and Haiku for fast, cheap, high-volume calls. We route work to the right tier rather than paying for the biggest model on every request. Three things keep it as our default:
- Reliability on agent workflows. Most real client AI isn't a chatbot — it's an agent that calls tools, reads results, and decides the next step. Claude is consistent at following instructions across many steps and at calling the right tool with the right arguments, which is where flakier models cause production incidents.
- Long context that holds up. A large context window is only useful if the model actually uses what's in it. Claude stays coherent over long documents and long conversations, which matters for retrieval over real corpora — contracts, codebases, knowledge bases.
- A safety posture we can stand behind. Anthropic is a safety-focused lab; Claude is trained to refuse clearly, hedge on uncertainty, and avoid confidently inventing facts. For regulated clients, a model that says "I don't know" instead of fabricating is a feature, not a limitation.
Default ≠ only. We choose the model per use case. Claude is where we start; GPT/Codex, Gemini, or a private open-weight model wins when the use case calls for it.
How we integrate it
"Build on Claude" can mean several deployment shapes. We pick the one that fits your cloud, your contracts, and your compliance boundary:
- Claude API — Anthropic's direct endpoint. Fastest to the newest models, simplest to operate.
- AWS Bedrock — Claude served inside your AWS account, under your existing AWS contract, data-residency, and IAM. Common for clients already standardised on AWS.
- Google Vertex AI — the same for clients on Google Cloud.
- Model Context Protocol (MCP) — Anthropic's open standard for connecting models to tools and data sources. We expose your systems to Claude through MCP servers so integrations are typed, permissioned, and reusable rather than hand-wired per prompt.
On top of whichever endpoint, the application layer is ours to build: tool-using agents wired into your CRM, ERP, or operational systems; RAG pipelines that ground answers in your documents with citations and access controls inherited from your existing auth; and an eval harness so changes to prompts or models are measured against a fixed test set before they ship — not discovered in production.
How we safeguard it for clients
Putting a model in front of customers — or in a regulated workflow — is a security and governance decision, not just an engineering one. The safeguards below are an engineering layer we build and own; they don't depend on trusting the model to behave.
1. Your data is not training data
Anthropic does not use data submitted through its commercial API to train its models by default, and zero-data-retention arrangements are available for qualifying accounts — meaning prompts and outputs are not retained after a request is served. When we run Claude through AWS Bedrock or Google Vertex AI, requests stay inside your cloud provider's boundary under your existing data-processing terms. We configure the deployment so the contractual and technical answer to "where does our data go?" is one your legal team can sign.
2. PII redaction and data minimisation
The model should only ever see what it needs. We put redaction and minimisation between your systems and the model — stripping or tokenising personal and sensitive fields before they reach the prompt, and re-associating identifiers on the way back where the workflow genuinely needs them. A support agent can resolve a ticket without the model ever seeing a full card number or national ID.
3. Prompt-injection and tool-abuse defenses
The moment a model can read untrusted content (a web page, an email, an uploaded document) and also call tools, prompt injection is a real attack surface. We treat retrieved content as untrusted by default and defend in layers:
- Tool allow-lists and scoping — the agent can only call a fixed set of tools, with arguments validated against a schema. There is no "run arbitrary command" tool.
- Privilege separation — high-consequence actions (moving money, deleting data, sending external messages) run behind explicit confirmation, not on the model's say-so.
- Output handling — model output is never executed or rendered as trusted markup without sanitisation, closing the loop where injection turns into action.
4. Human-in-the-loop where it counts
Autonomous where the blast radius is small; human-approved where it isn't. We draw that line deliberately with you and encode it in the system, so the agent can draft a refund, a contract clause, or an outbound email — but a person approves the ones that carry real consequences. The point of AI here is to remove the typing, not the judgement.
5. Evals, monitoring, and audit trails
Every consequential interaction is logged — the prompt, the retrieved sources, the tools called, and the output — so you can reconstruct why the system did what it did. That same trail is what an auditor or regulator will ask for. We pair it with an eval harness that scores the system against a fixed set of cases on every change, and with drift and cost monitoring so a degraded prompt or a runaway spend shows up on a dashboard, not on an invoice.
Owned by you, explainable to regulators, documented for the auditors who will review it — the same rigour we bring to <a href="/services/security">security and compliance</a>, applied to AI.
When we don't use Claude
If your data genuinely cannot leave your own infrastructure — some regulators and some contracts require exactly that — then no hosted model qualifies, Claude included. In those cases we deploy private open-weight LLMs (Llama, Mistral, Qwen) on your own GPUs via Ollama or vLLM, and accept the trade-off in raw capability for full data isolation. Claude is the default because it's the right answer most of the time; it isn't the only tool in the box.
The bottom line
When we build AI for you, you get a recognisable, reliable frontier model — Claude — deployed inside your compliance boundary, wrapped in safeguards your security and legal teams can verify, and documented for the people who'll audit it. That's the difference between an AI demo and a system you can actually put your name on. This is the work we do under AI engineering.
Frequently asked questions
Which Claude model does Seypro use?
Will our data be used to train Anthropic’s models?
Can Claude run inside our own AWS or Google Cloud account?
How do you stop prompt injection when the agent reads untrusted content?
What if our data legally cannot leave our infrastructure?
Sources
Read next
Artificial Intelligence
Deploying Local LLMs for Enterprise: Ollama, vLLM, and RAG Pipelines
Cloud AI APIs are convenient but expensive, rate-limited, and send your data to third parties. Here's how enterprises deploy private LLMs with full data sovereignty — and when it actually makes sense.
Artificial Intelligence
RAG With Auth Inheritance: Permission-Aware Retrieval for Enterprise AI
Most enterprise RAG systems leak. The moment retrieval stops asking who wants the answer, it will surface documents the person was never allowed to open. Auth inheritance — making retrieval enforce the same permissions as the source systems — is what makes RAG safe to ship inside a company.
Artificial Intelligence
Local LLM vs Cloud AI API: How to Choose
Cloud APIs (OpenAI, Anthropic, Gemini) get you producing results today. Local LLMs give you control over data, latency, and cost at scale. The right answer is usually both — here is how to decide which is which.