TrustKit.co
LightOn icon

LightOn

Sovereign enterprise GenAI platform deployed on-prem, air-gapped, or EU cloud

vs
2021.AI (GRACE) icon

2021.AI (GRACE)

Danish on-premise sovereign AI platform with built-in governance

LightOn
88%Excellent
22/25
2021.AI (GRACE)
92%Excellent
23/25

Score Breakdown

DimensionLightOn2021.AI (GRACE)
Data Residency
Where is your data stored and processed?
LightOn: Deploys on-premise, in customer VPC, or air-gapped on EU infrastructure, so data never leaves the customer's own security perimeter. Strongest possible residency posture.
2021.AI (GRACE): Fully on-premise or air-gapped; data never leaves customer infrastructure
5/5
5/5
Legal Jurisdiction
Which laws govern the company and your data?
LightOn: French SA incorporated in France, listed on Euronext Growth Paris, with no US parent. Fully under EU/French jurisdiction.
2021.AI (GRACE): Danish ApS under EU law; not subject to US jurisdiction
5/5
5/5
Data Retention & Training
Is your data used for model training?
LightOn: In-perimeter deployment means no customer data is sent out or used to train shared models, and retention is governed by the customer's own infrastructure. Scored 4 rather than 5 as public DPA/retention-control documentation is limited.
2021.AI (GRACE): On-premise deployment; customer has full control over all data
4/5
5/5
Certifications
ISO 27001, SOC 2, Cyber Essentials, etc.
LightOn: Holds SOC 2 Type 1. ISO 27001 and SOC 2 Type II are not confirmed in published sources, and ANSSI SecNumCloud appears to be a positioning goal rather than a confirmed qualification.
2021.AI (GRACE): ISO 27001 certified
3/5
3/5
Regulatory Fit
Suitability for regulated industries and professional services
LightOn: Purpose-built for regulated and sovereign EU buyers, with public-sector and defense/aerospace references (CNES, Safran, French tax authority) and GDPR/AI Act alignment.
2021.AI (GRACE): Proven in Danish public sector healthcare; designed for highest sovereignty requirements
5/5
5/5
Total Score
22/25
23/25

Best For

LightOn iconLightOn

Best for EU-headquartered organisations needing maximum data sovereignty; regulated industries (BaFin, ICO); privacy-conscious teams who need strong data retention controls; organisations that need self-hosted or on-premise deployment.

2021.AI (GRACE) icon2021.AI (GRACE)

Best for EU-headquartered organisations needing maximum data sovereignty; regulated industries (CNIL, AMF); privacy-conscious teams who need strong data retention controls; organisations that need self-hosted or on-premise deployment.

Detailed Comparison

2021.AI (GRACE) vs LightOn: Trust & Compliance Comparison

2021.AI (GRACE) (2021.AI, DK) scores 23/25 overall with a Gold (Excellent) trust badge. Danish on-premise sovereign AI platform with built-in governance. LightOn (LightOn, FR) scores 22/25 with a Gold (Excellent) trust badge. Sovereign enterprise GenAI platform deployed on-prem, air-gapped, or EU cloud.

Dimension-by-Dimension Breakdown

#### Data Residency

Both score equally at 5/5.

2021.AI (GRACE) (5/5): Fully on-premise or air-gapped; data never leaves customer infrastructure
LightOn (5/5): Deploys on-premise, in customer VPC, or air-gapped on EU infrastructure, so data never leaves the customer's own security perimeter. Strongest possible residency posture.

#### Legal Jurisdiction

Both score equally at 5/5.

2021.AI (GRACE) (5/5): Danish ApS under EU law; not subject to US jurisdiction
LightOn (5/5): French SA incorporated in France, listed on Euronext Growth Paris, with no US parent. Fully under EU/French jurisdiction.

#### Data Retention & Training

2021.AI (GRACE) leads with 5/5 vs 4/5.

2021.AI (GRACE) (5/5): On-premise deployment; customer has full control over all data
LightOn (4/5): In-perimeter deployment means no customer data is sent out or used to train shared models, and retention is governed by the customer's own infrastructure. Scored 4 rather than 5 as public DPA/retention-control documentation is limited.

#### Certifications

Both score equally at 3/5.

2021.AI (GRACE) (3/5): ISO 27001 certified
LightOn (3/5): Holds SOC 2 Type 1. ISO 27001 and SOC 2 Type II are not confirmed in published sources, and ANSSI SecNumCloud appears to be a positioning goal rather than a confirmed qualification.

#### Regulatory Fit

Both score equally at 5/5.

2021.AI (GRACE) (5/5): Proven in Danish public sector healthcare; designed for highest sovereignty requirements
LightOn (5/5): Purpose-built for regulated and sovereign EU buyers, with public-sector and defense/aerospace references (CNES, Safran, French tax authority) and GDPR/AI Act alignment.

Certifications at a Glance

Certification2021.AI (GRACE)LightOn
ISO 27001YesNo
SOC 2 Type 1NoYes

Overall Verdict

2021.AI (GRACE) and LightOn are closely matched on trust and compliance, with scores of 23/25 and 22/25 respectively. The right choice depends on your specific regulatory requirements and existing technology stack.

Frequently Asked Questions

Which is better for EU compliance, LightOn or 2021.AI (GRACE)?

LightOn has a TrustKit score of 22/25 while 2021.AI (GRACE) scores 23/25. 2021.AI (GRACE) currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do LightOn and 2021.AI (GRACE) compare on data residency?

LightOn scores 5/5 for data residency (Deploys on-premise, in customer VPC, or air-gapped on EU infrastructure, so data never leaves the customer's own security perimeter. Strongest possible residency posture.), while 2021.AI (GRACE) scores 5/5 (Fully on-premise or air-gapped; data never leaves customer infrastructure).

Are LightOn and 2021.AI (GRACE) GDPR compliant?

Both tools are assessed across five compliance dimensions. LightOn has a regulatory fit score of 5/5 and 2021.AI (GRACE) scores 5/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool

LightOn icon
LightOn
View full review →
88%
2021.AI (GRACE) icon
2021.AI (GRACE)
View full review →
92%