PII detection & anonymization
Automatically surface Dutch BSNs, IBANs, person names, and work emails before they reach a model. Operators can anonymize in one step so downstream prompts stay useful without leaking identifiers.
EU AI Act-Ready. Audit-Ready.
Compliance built into every agent run. Not added later.
Audit coverage
100%High-risk actions logged
- PII detection & anonymization - Active
- Forbidden use blocking (Art. 5) - Active
- Immutable audit logging - Active
- AI transparency labels - Active
- Agent risk classification - Active
Compliance capabilities
Forbidden use blocking
Guardrails aligned with Article 5: social scoring, subliminal manipulation, and exploitative biometric surveillance patterns are blocked at submission time with a clear, logged reason code for reviewers.
Immutable audit logging
Every AI interaction - inputs, model choice, tool calls, approvals, and outputs - is retained in an append-only log. Filter by agent, user, severity, and time window; export CSV or JSON for regulators.
AI transparency labels
End users see explicit “You are communicating with an AI system” messaging wherever agents generate content, matching EU transparency expectations for human-facing automation.
Agent risk classification
Tag agents as minimal, limited, or high-risk under your internal AI Act mapping. Attach assessment notes, owners, and review dates so procurement and legal can trace decisions.
GDPR-compliant data handling
Customer data stays in EU regions by default, encrypted in transit and at rest. Retention windows, access logging, and processor agreements align with GDPR accountability requirements.
SS-12
Full compliance dashboard - posture, rules, and incidents
1440 × 900pxSS-13
Immutable audit log - filter, search, export
1440 × 900pxSS-14
PII detection preview - highlighted sensitive fields
1200 × 800pxNeed the full regulatory walkthrough, definitions, and checklists? Read EU AI Act Guide.
FAQ
Frequently asked questions
- Is AgentWorks GDPR compliant?
- Yes. AgentWorks is GDPR-compliant by design: lawful basis recorded per data category, data subject rights (access, rectification, erasure) handled via the dashboard, EU data residency on managed cloud or self-hosted deployments, and a Data Processing Agreement available on request.
- Does AgentWorks mask PII before sending data to LLMs?
- Yes. PII detection and redaction happen at the gateway layer before any third-party LLM (OpenAI, Anthropic, Google, Mistral) sees the request. Email addresses, phone numbers, names, IDs, and configurable custom patterns are masked, processed, and then unmasked in the response when appropriate.
- Where is my data stored?
- On managed cloud, data is stored in EU regions by default (Netherlands and Frankfurt). On self-hosted deployments, you choose the region — Microsoft Azure, AWS, Google Cloud, or IBM Cloud — including EU-only configurations for full data sovereignty.
- Does AgentWorks support human-in-the-loop oversight?
- Yes. Per-agent and per-pipeline approval flows let a human reviewer accept, reject, or edit AI output before it executes a side-effect (sending email, modifying a record, posting to Slack). High-risk steps can be required to wait on approval per the EU AI Act.
- Can I export an audit log of every agent interaction?
- Yes. Every chat turn, agent run, and pipeline step is recorded with timestamp, user, model, input, output, applied tools, and approval state. The log is exportable as JSON or CSV for legal review and retained per your data-residency configuration.
Explore More Features
See how other platform capabilities work together.
Last updated: March 2026