Workspace isolation, role-based access, audit trails, and zero training on your data. Deploy AI across teams and regions while satisfying legal, security, and DPO scrutiny.
The problem
Legal, security, and DPO teams veto generic AI tools because of data residency, DPA terms, or unclear AI training policies. "Interesting but we can't deploy it" is the death sentence.
1,000+ employees across countries, each team with its own KB, docs, and compliance constraints. Generic AI can't handle org structure, regional data rules, or per-team permissions.
Who queried what? Which docs fed this answer? When was this content updated? Enterprise AI without audit trails and source citations isn't deployable — it's a risk.
The solution
Frankfurt + Stockholm only. Your documents never leave the EU. Powered by AWS Bedrock with zero data training. GDPR-compliant from day one, DPA on request.
Per-team workspaces, sub-user access control, Google Workspace SSO. Your org chart maps cleanly to our permission model — HR doesn't see Finance, contractors don't see everything.
Token usage per user, prompt versioning, source citations on every answer, full data deletion on request. Every AI response is traceable back to its source document.
How it works
Drop PDFs, Word files, spreadsheets, or sync from Google Drive / Notion. Everything is classified automatically.
Pick a prebuilt template or create your own. Invoke it anywhere with @AgentName in chat.
Every response cites the source document. Zero hallucinations, zero copy-paste from generic chatbots.
Use cases
Legal, DPO, and audit teams get grounded answers from your actual policy docs with full traceability.
HR workspace ≠ Engineering workspace. Permissions respect your org chart, not the lowest common denominator.
DACH team, France team, Romania team — each searches its own regionally-scoped docs and policies.
Google Workspace SSO, with audit logs for every query. Deactivate a user in SSO, they lose AI access instantly.
Agents trained on your DPAs, privacy notices, and GDPR procedures — for compliance team self-service.
Every system prompt is versioned. Changes go through review. Rollback available. Full audit trail.
Agent library
Prebuilt agents you can clone and customize with your own documents in under 5 minutes.
Answers GDPR, DPA, and audit questions from your policy docs. Every response cites the source section so legal and DPO teams can verify instantly.
Clone this agentSearches across multiple workspaces with per-user permissions enforced. HR, Engineering, Legal, and Finance each see their own scoped results.
Clone this agentGenerates compliance-ready reports from usage logs — token consumption per department, prompt versions in use, data access summaries.
Clone this agentIn practice
Yes. The DPA (v4.1, section 3.2) lists AWS Bedrock as an approved sub-processor with EU data residency. Lawful basis for HR data is legitimate interest under Art. 6(1)(f), documented in the DPIA from 2026-Q1. No cross-border transfer outside the EU...
DACH team process (documented in dach-ops/gdpr-deletion.md, last updated 2026-03-18): Step 1 — verify requester identity via SSO. Step 2 — trigger the data-deletion job in ops tools. Step 3 — confirm deletion in 30 days per Art. 17. Step 4 — log in the ROPA register...
March 2026 report ready. Total queries: 14,238 across 6 departments. Top consumers: Engineering (38%), Customer Support (22%), Sales (18%). Zero queries touched PII-tagged documents outside authorized workspaces. Full breakdown + CSV export linked below...
Current MSA template is v7.2 (2026-02-10), in legal/templates. Last enterprise redline was with Globex Corp — key changes: (1) expanded data deletion SLA to 14 days, (2) added custom DPA schedule for DACH operations, (3) modified liability cap. Full redline PDF linked...
Contractors: 90-day password rotation, 2FA mandatory (TOTP or hardware key), SSO-only access to production systems, quarterly access review by the sponsoring manager. Policy ref: security-handbook/contractor-access.md §5.3...
EU-hosted, GDPR-compliant, audit-ready. Book a security review with our team.