Shadow IT Identification
We find unregulated tools like DeepL or ChatGPT and establish secure alternatives (e.g. Azure OpenAI).
Risk Mitigation
ConsultingServices.aiAI Consulting for SMEsRisk Mitigation & Security
The unregulated use of AI tools carries liability and privacy risks. We audit your AI usage, uncover Shadow IT, and develop GDPR and EU AI Act compliant guidelines for your team.
⏱ Audit Duration
~ 2 - 4 Weeks
(Analysis & Policy)
Initial Audit
from ~3,500 €
(Consulting)
Running Costs
None
(Fixed Price)
Download management summary as a compact fact sheet (PNG/PDF).
Target Audience
Application Areas
We find unregulated tools like DeepL or ChatGPT and establish secure alternatives (e.g. Azure OpenAI).
Risk MitigationWe ensure your LLMs do not leak sensitive data into public training sets of global corporations.
Data ProtectionWe screen IT third-party vendors for compliance with the AI Act's transparency obligations.
Third-Party RiskYour Benefits
You document risks and avoid severe GDPR or EU AI Act fines.
Through corporate policy, employees know precisely which tools are permitted.
A transparent AI strategy is a prime competitive advantage during B2B audits.
With installed legal guardrails, the team can experiment without fear.
Approach
Which AI systems are productively or unofficially used? How do the data flows look currently?
Every app is classified according to the EU AI Act. High-risk systems receive strict control protocols.
We draft an AI policy in coordination with your DPO and implement private Enterprise environments.
The Backend
Sensitive material (credit cards, IDs) is blocked or masked by scanners before it ever reaches an AI.
The safest route: Hosting the AI infrastructure in fully sealed cloud instances (Azure Frankfurt) rather than public endpoints.
Frequently Asked Questions
Every company offering AI or using it intensively in core processes within the EU – regardless of employee count.
No. GDPR regulates personal data. The AI Act forces additional transparency ("Human Oversight") and risk documentation.
Extremely dangerous for companies: OpenAI trains on inputs. Confidential company secrets could become globally accessible.
Concrete Offer
Review sample deliverables before deciding: pilot report, implementation plan, prompt and fallback set, handover documentation.
View work examplesExternal licenses, large-scale data cleanup, major ERP/CRM rebuilds, and legal case-by-case advice are scoped separately before project start.