01Three commitments
Your data is not training data.
When we work with you, your documents, contracts, processes, and conversations are never used to train any model — ours, OpenAI's, Anthropic's, Google's, or anyone else's. All data flows through model APIs as inference inputs only, in line with each vendor's no-training contractual terms (OpenAI Enterprise, Anthropic API, Google Vertex AI).
EU-region by default.
Where the underlying model provider offers EU data residency — Gemini via Vertex AI in europe-west, Claude via AWS Frankfurt, OpenAI via EU endpoints — we use it. We can deploy in your tenant or ours; in both cases the data does not leave EU borders unless you specifically request a non-EU endpoint and we document the reason.
Audit trail by design.
Every agent we ship logs every model invocation: prompt, output, cost, latency, error. You own those logs. We retain an operational copy for 90 days for support purposes — you can request immediate deletion at any time.
02How we work with vendor models
We are model-agnostic. We pick the model per use case, not per fashion. Today we predominantly use:
- Google Gemini (via Vertex AI) — for high-volume document processing and operational workflows. Chosen for long-context handling of multi-page documents and EU data residency.
- Anthropic Claude — for higher-judgement reasoning tasks (planning, drafting, evaluation). EU residency via AWS Frankfurt.
- OpenAI GPT — selectively for specific use cases where benchmarks justify it.
We never use consumer-tier endpoints (ChatGPT.com, Claude.ai, Gemini app) for client work. All operations run through enterprise APIs under no-training, no-retention contractual terms.
03EU AI Act compliance
Most of what we build falls into "limited risk" or "minimal risk" categories under the EU AI Act:
- Document classification, OCR validation, internal Q&A → minimal risk
- Drafting assistants with human review, customer-facing chat → limited risk (transparency obligations)
We will not build, host, or recommend systems classified as high-risk or prohibited under the Act without explicit, documented assessment with you, your legal counsel, and — if applicable — your DPO.
For clients in regulated sectors (legal, medical, financial), we operate as a deployer under Article 26 of the Act. We document risk assessment, human oversight protocols, and post-market monitoring obligations together with you, before any production deployment.
04Human in the loop, always
Every workflow we ship has at least one of:
- A pre-deployment human review queue, or
- Confidence thresholds that route low-confidence outputs to humans, or
- A scheduled human-audited sample with a feedback loop
We will not deploy fully autonomous workflows for any process where a wrong AI output has material financial, legal, or reputational consequence — even if the ROI math would say to.
05What we will not do
- We will not use your data to build "industry templates" or marketing case studies without explicit, written, paragraph-by-paragraph permission.
- We will not embed tracking, analytics, or telemetry into agents we deploy in your environment.
- We will not lock you into our infrastructure — every workflow we ship can be exported, owned, and operated by your team if our engagement ends.
- We will not work with model vendors who train on our or our clients' inputs.
06Questions
Mail hello@akint.ai for any clarification or to request a copy of our model vendor data-processing agreements (DPAs).