Privacy and data processing
All data is stored in Norway and the EU in compliance with GDPR. Each customer receives their own data processing agreement (DPA) that governs how data is processed, stored and deleted. We never sell data and do not share information with third parties without explicit consent.
ISO 42001, responsible AI governance
ISO 42001 is the international standard for AI management systems. We work systematically according to this standard to ensure our AI systems are transparent, traceable and responsible. This means, among other things, that all decisions made by the AI can be documented and explained.
EU AI Act
The EU AI Act sets new requirements for how AI systems are developed and used. We closely follow developments and continuously work to ensure KonversAI meets the requirements applicable to our category of systems. For organisations in regulated industries this is particularly important.
Secure development and operations
KonversAI is built on Azure with infrastructure in European data centres. We use encrypted traffic, role-based access control and full logging of all events in the system. The solution is monitored around the clock and we carry out regular penetration testing and vulnerability assessments.
Access control and traceability
Each customer operates in an isolated environment. No data is shared between customers. All user actions are logged and can be traced, making it easy to document who did what and when.