Honest answers about how this works, what to expect, and what you actually need to get started.
Airgapped.co builds and deploys private AI infrastructure for individuals and small offices -- doctors, lawyers, executives, and business owners who want the power of AI without sending their data to a tech company's servers.
Practically speaking: I come in, configure your hardware, deploy AI models that run locally on your machine, and set up intelligent agents that can draft documents, research, summarize, schedule, and automate repetitive tasks -- all without your information ever leaving your building.
ChatGPT, Gemini, and similar tools send everything you type to external servers where it is used to improve their models, stored indefinitely, and subject to data breaches. For casual use that is fine. For medical records, client files, legal documents, or anything sensitive, it is a meaningful risk.
What I build runs on hardware you own, in your office. The AI model never calls home. Nothing you type or upload is stored anywhere outside your building. You also get agents -- automated workflows that actually do things -- not just a chat window you have to prompt manually every time.
A chatbot waits for you to ask it something, answers, and stops. An agent takes a goal and works toward it autonomously -- it can read files, search the web, draft and revise documents, make decisions between steps, and hand off tasks to other agents.
For example: instead of asking an AI to "help me write a patient follow-up," an agent can monitor your calendar, pull the relevant appointment notes, draft the follow-up in your voice, and flag it for your review -- without you lifting a finger. That is the difference between a tool and a system.
No. That is the point. I handle every technical layer -- hardware configuration, model installation, agent setup, and integration. What you receive is a working system with a clean interface and a written guide tailored to how you will use it.
If you can use a web browser, you can use what I build. Ongoing maintenance is covered under the support retainer for clients who want it, so you never have to worry about updates or troubleshooting on your own.
The typical Airgapped.co client is a professional or small office in the Nashville and Williamson County area who handles sensitive information daily -- a medical practice, a law firm, a financial advisor, a real estate office, or a business executive who wants a meaningful productivity edge without compromising client confidentiality.
Remote clients outside Middle Tennessee are accommodated on a case-by-case basis depending on the service tier and hardware scenario.
Short answer: no, and there is a good reason for it that directly benefits you.
Apple Silicon (the M-series chip inside modern Macs) is the best consumer hardware available today for running AI models locally. The architecture allows large language models to load into unified memory -- meaning a Mac Mini M4 with 24GB of RAM runs models that would require a $3,000+ dedicated GPU on a Windows PC, at a fraction of the cost and noise. The performance gap is significant.
Beyond performance, my entire workflow -- the agent framework, model runtime, monitoring tools, and remote access setup -- is purpose-built and battle-tested on macOS. Supporting Windows would mean maintaining a separate stack, delivering a slower product, and introducing a category of unpredictable troubleshooting I have eliminated from my process entirely. Specialization is how I guarantee a consistent, high-quality result.
To run a private AI stack that performs well enough to be genuinely useful, the hardware needs to meet these minimums. Anything below these specs will produce noticeably slow responses and limit which models can run.
The Mac Mini M4 base model ($599) is the sweet spot for most clients -- compact, silent, fast, and more than capable of running 7B to 14B parameter models with excellent response times. If you want to run larger models or need more headroom for future growth, the 24GB or 32GB configurations are worth it.
Yes, as long as it meets the minimum specs above. Before we schedule setup, I will ask you to confirm the chip generation, RAM, storage, and macOS version. If anything falls short, I will let you know the upgrade path or suggest a new device that makes more sense economically than upgrading an older machine.
For the Private + Connected and Fully Private tiers, the dedicated device works best when it stays on and accessible rather than being carried around daily, so a Mac Mini or a MacBook Pro used primarily at a desk works better than a travel laptop as the primary AI server.
Yes. For clients on the Private + Connected or Fully Private tiers, I can procure the device, configure it completely, and deliver it ready to use. Hardware cost is billed as a pass-through -- you pay exactly what the device costs, with a receipt, and I charge only for the service.
This means you receive a machine that is already configured, tested, and running when it arrives. You plug it in, connect it to your network, and it is ready to go.
On the Private + Connected and Fully Private tiers, all AI inference happens on your local hardware. Your prompts, documents, and outputs never leave your machine. There is no API call to OpenAI, no data logged by a cloud provider, no third party with visibility into what you are doing.
On the Connected AI tier, processing occurs via third-party cloud APIs. I will be explicit with you about which services are involved and what their data handling policies are before we configure anything. You choose what connects to what.
Only if you want me to and only while a retainer is active. Remote access for ongoing support is done via Tailscale -- a private, encrypted VPN that you control. You can revoke my access at any time by removing me from your Tailscale network, which takes about thirty seconds.
For clients who complete setup and do not retain ongoing support, my remote access is removed at project close. I document all access credentials and configurations and hand them to you completely.
I am not a compliance officer and this is not legal advice -- those are assessments your own counsel or compliance team needs to make. What I can tell you is this: a fully local AI system with no external data transmission removes the primary technical risk factors that typically create HIPAA and privilege concerns with cloud AI tools.
I am happy to document the data routing architecture of your specific setup in writing so your legal or compliance team can evaluate it. Several professional practices use local AI infrastructure specifically because it avoids the regulatory ambiguity of cloud-based AI tools.
Only what is needed to do the work: your name, contact information, and whatever context you share during the project so I can configure the agents appropriately (your preferred workflows, document types, common tasks, etc.).
I do not sell your information, do not share it with third parties, and delete it from my working files within 30 days of project completion or upon written request. The terms are spelled out in the client agreement you sign before we start.
| Tier | Where it runs | Best for |
|---|---|---|
| Connected AI | Cloud APIs (third-party servers) | Non-sensitive workflows, getting started quickly, lower upfront cost |
| Private + Connected | Your local hardware + optional cloud | Sensitive work with selective cloud integration; best balance of power and flexibility |
| Fully Private | Your local hardware only | Medical, legal, financial, or executive use where zero external data transmission is required |
Most clients with privacy requirements land on Private + Connected or Fully Private. The Connected AI tier is a good fit for someone who wants to experience what well-configured agents feel like before committing to local hardware.
The specific agents I configure are tailored to your work, but common high-value use cases include:
Document drafting -- contracts, letters, reports, summaries, and follow-ups written in your voice based on notes or templates you already use.
Research and briefings -- background on a client, topic, or company compiled automatically and delivered as a clean summary before a meeting.
Email and calendar management -- drafting responses, flagging priority items, and keeping your inbox from running your day.
File organization and tagging -- sorting, naming, and archiving documents according to rules you define.
Transcription and meeting notes -- turning recordings into structured notes with action items pulled out automatically.
If you have a specific workflow in mind, bring it up during our call. The answer is usually yes.
The setup fee covers the complete build: discovery and scoping, hardware configuration, model installation, agent design and deployment, integration with your existing tools where applicable, testing, and a written onboarding guide specific to your setup.
It is a one-time fee for a complete working system, not an hourly rate. You know the number before we start, and it does not change unless the scope changes -- which we agree in writing first.
Setup only is a completely valid option. You pay the setup fee, I build and deliver the system, and it is yours to run independently. The written guide and documentation I provide are designed to make you self-sufficient.
The retainer is for clients who want ongoing support: model updates, agent modifications as your needs evolve, proactive monitoring, and a direct line when something needs attention. It is optional, and you can add it later if you start without it.
Step 1 — Discovery call (30–45 min). We talk through your workflows, privacy requirements, hardware situation, and what you actually want AI to do for you. I recommend a tier and give you a clear number.
Step 2 — Agreement and payment. You review and sign the client agreement. Setup fee is due before work begins.
Step 3 — Project summary. Within five business days I send a written scope confirmation: exact deliverables, hardware plan, and timeline.
Step 4 — Build and configuration. Depending on your tier and hardware scenario, this happens remotely via Tailscale, at your location, or with your hardware temporarily at my workspace. Typical build time is two to five business days.
Step 5 — Delivery and walkthrough. I walk you through the system live, confirm everything works the way you expected, and hand over the written guide. You sign off on delivery.
Most setups are complete within five to ten business days of receiving payment. Simpler configurations on existing hardware can be done faster. If hardware needs to be ordered, add three to five business days for shipping.
I will give you a specific timeline in the project summary before any work begins, and I communicate proactively if anything changes.
The five-day acceptance window after delivery exists specifically for this. If something is not working as agreed, I fix it at no additional charge within that window. My goal is a system you are genuinely glad you paid for, not a one-and-done handoff.
If there is a fundamental mismatch between what was scoped and what you actually need, we have a conversation -- adjustments to scope can be handled as a follow-on project. The setup fee is non-refundable once work has begun, which is standard for custom technical work. That is all spelled out in the agreement so there are no surprises.
| Tier | What is included | Monthly |
|---|---|---|
| Essential | Monthly check-in call, async email support, agent health monitoring, minor prompt adjustments | $500 |
| Professional | All Essential, plus priority response, up to 2 hrs/mo of agent modifications, quarterly strategy review | $750 |
| Executive | All Professional, plus up to 5 hrs/mo of agent development, proactive model updates, direct phone access | $1,500 |
Yes. The retainer is month-to-month. Either party can cancel with 30 days written notice. No penalties, no long-term commitment. The system and all configurations remain yours regardless.
Hardware failures are covered by the manufacturer's warranty -- Apple's standard warranty on a new Mac is one year, and AppleCare+ extends that significantly. Because everything runs locally, a hardware failure does not mean your data is lost or exposed -- it just means the system is offline until the hardware is repaired or replaced.
For retainer clients, I will help diagnose the issue and get the system back up as quickly as possible, including reconfiguring a replacement device if necessary. For setup-only clients, that work would be scoped as a new project.
This is one of the practical reasons I recommend Apple hardware specifically -- their support infrastructure and repair network is the most accessible for non-technical users.
The models I deploy are local files on your machine, which means they do not auto-update the way cloud AI products do. That is actually a feature for many clients -- your system does not change unexpectedly.
When meaningfully better models are released that run well on your hardware, I flag them. Updating is straightforward. For retainer clients, model updates are included in the service. For setup-only clients, an update is typically a short, low-cost project rather than a full rebuild.