Contact us

Compliance by design

GDPR, ISAE 3000, and EU AI Act 2027. The documentation is part of the product, not an appendix.

01

Privacy

GDPR-compliant from day one.

Documented in every audit line. Data processing agreement based on GDPR with roles explicitly defined. No resale, no tracking pixels.

  • Standardised DPA
  • Data-subject rights flow
  • Retention & deletion policy
02

Audit

ISAE 3000 Type II-audited.

Independent third-party audit of access controls, logging, change management, and sub-processors. Report provided to Private Cloud and Enterprise.

  • Annual Type II statement
  • Access and change controls
  • Sub-processor disclosure
03

Regulation

EU AI Act 2027-ready.

Audit trail and model governance are in place well before the regulation takes effect. SHA-256 signed ledger per call.

  • Model-governance framework
  • Every prompt audit-logged
  • Risk-classification mapping
04

Isolation

Air-gapped from public internet.

No connection to public internet. Air-gapped deployment available for classified environments and defence workloads.

  • Closed perimeter
  • VPN tunnel in, none out
  • On-prem appliance option

Documentation

What you receive.

  • DPA

    Data processing agreement ready the same week as signature.

  • ISAE 3000 report

    Type II statement from an independent auditor.

  • Audit ledger

    SHA-256 signed log per call, exportable.

  • Sub-processor list

    Up-to-date list + 30-day notice on changes.

100% Data on Danish soil
0 Connections out of the perimeter
24 h To breach notification
SHA-256 Signed audit per call

Get the documentation

DPA, ISAE 3000, and audit trail. Same week as signature.

Contact us