Trust

Trust, security, and governance

Your data is protected with industry-standard encryption, certifications, and governance practices.

Encryption in transit and at restAES-256 at rest · TLS 1.2+
Tamper-evident audit trailAppend-only · hash-chain verified
GDPR CompliantEU Regulation 2016/679
EU Data ResidencyHosted in Frankfurt, Germany

GDPR compliant from day one. Contact us for security documentation.

Built to support AI governance requirements, including human oversight and transparency obligations under the EU AI Act. See our AI Governance page →

Governance & Oversight

As AI governance expectations rise, professional teams need more than secure infrastructure. They need a defensible process around AI-assisted work itself.

Human Oversight

Structured human review before AI-assisted outputs are shared or relied on. Named sign-off is built into every workflow, not optional, not ad hoc.

Record-Keeping

Per-inference audit trail with hash-chain integrity verification. Tamper-evident, append-only records. CSV and PDF export for compliance review and regulator reporting.

Transparency

Clear records of what was AI-assisted, what evidence was used, what conflicts were identified, and who approved the final output.

AI Literacy

Teams examine source quality, challenge model disagreement, and spot evidence gaps before work moves forward.

Risk Monitoring

Automated screening of every AI output for PII disclosure, harmful advice, fabricated sources, and security-sensitive content. Two-tier detection with structured risk verdicts.

Incident Reporting

Manual and automated incident reporting with admin triage, severity classification, and a full audit trail for regulator disclosure.

Relevant to organisations building internal governance processes under the EU AI Act framework.

Learn more on our AI Governance & EU AI Act page →

Governance & Compliance Documents

Qonera publishes its governance documentation openly. These documents are available for client assurance, procurement review, and regulatory inspection.

Fundamental Rights Impact Assessment

EU AI Act Art. 27 — how the system affects fundamental rights, and the safeguards in place.

Conformity Assessment

How Qonera meets the essential requirements for AI governance under the EU AI Act.

Responsibility Matrix

Split of responsibilities between Qonera (provider) and your organisation (deployer).

Data Processing Agreement

GDPR Art. 28 — how customer data is processed, retained, and protected.

Sub-processors

Third-party services that process customer data on Qonera's behalf.