Legal & Compliance
Transparency is the foundation of trust. Review our legal documents, data processing agreements, and compliance commitments.
AI Systems
FortisEU uses EU-sovereign AI (Mistral AI, France) to assist with compliance analysis. This page documents all AI systems, their risk classification under the EU AI Act (Regulation (EU) 2024/1689), and your rights.
Your Rights
- —All AI outputs are advisory only and require human verification
- —Your data is not used for model training
- —You can request human-only review of any AI-assisted decision
- —You can withdraw AI consent at any time in Settings
High-Risk AI Systems
Access Review AI Recommendations
Generate non-binding access review recommendations to assist human reviewers in identity governance campaigns. Analyzes peer group prevalence, entitlement risk levels, segregation of duties conflicts, and dormancy.
Peer Group Analysis
Identify access entitlement outliers within department+role cohorts to support access governance reviews. Groups profiles by department and role, computes median entitlements per cohort, and flags profiles significantly above median.
Limited-Risk AI Systems
ASK Copilot
Provide compliance guidance and regulatory Q&A to CISOs, compliance officers, and security professionals. RAG-enhanced chat with regulatory knowledge base (NIS2, DORA, GDPR, ISO 27001, EU AI Act).
Policy Generation
Draft compliance policy documents from natural language prompts. Outputs include disclaimer requiring legal review.
Role Mining
Discover natural role groupings from entitlement assignment patterns using frequent itemset mining.
Recommendations Engine
Suggest prioritized next-best-actions for compliance improvement based on current posture analysis.
Evidence Gap Analysis
Analyze evidence coverage gaps per compliance control to guide evidence collection efforts.
Minimal-Risk AI Systems
Morning Brief
Daily executive summary aggregating overnight security events, risk alerts, and upcoming deadlines.
Risk Alert Explanations
Generate human-readable explanations for pre-computed risk signals to accelerate security operations triage.
Remediation Snippet Generator
Generate Terraform HCL or CLI bash snippets for control/vulnerability remediation with EU region defaults.
Proactive Insights
Surface contextual compliance nudges in the Copilot empty state to guide user attention toward important items.
EU AI Act (Regulation (EU) 2024/1689) · Articles 6, 13, 14, 27, 50, 52 · Last updated: March 2026