Nodalix
ES·EN

// PRIVATE AI AND GDPR COMPLIANCE

Private AI and GDPR Compliance for Companies

Using ChatGPT with client or employee data without a signed DPA is a GDPR violation. Many companies do it without knowing. Nodalix is the alternative: a completely private, isolated AI instance, with your data in Europe and the legal contract signed before first use.

Isolated Docker stack · Hetzner DE · AES-256 · GDPR art. 28 · EU AI Act 2024/1689 · ISO 27001 · Declared SCCs

Check my current compliance situation See the portal

// THE RISKS NOBODY TALKS ABOUT

What happens when you use public AI with company data

ChatGPT sends your data outside Europe

Without a signed DPA Art. 28 with your AI provider, any client or employee data you enter into a public tool violates GDPR. Fines reach 4% of annual turnover.

Shared instances between companies

Most AI portals for companies operate on shared infrastructure. Your data coexists with other clients of the same provider. That is not real privacy.

EU AI Act — August 2026 is close

EU Regulation 2024/1689 requires transparency, human oversight and documentation of AI systems in use. Companies that do not prepare now will have to do so under pressure.

// HOW NODALIX SOLVES IT

Privacy and compliance by design, not as a patch

We don't add a compliance layer on top of an existing product. It's built this way from the first commit.

Isolated Docker stack per client

Your Nodalix instance is unique. No shared infrastructure. Hetzner servers in Germany, within the EU, ISO 27001 certified.

Docker Compose · Tenant isolation · Hetzner DE · AES-256

DPA Art. 28 signed before first data point

The Data Processing Agreement is a prerequisite, not a follow-up formality. We sign before any of your data enters any system.

GDPR art. 28 · Declared sub-processors · SCCs with Anthropic/OpenAI/Google

EU AI Act 2024/1689 by design

Articles 12 (logging), 13 (transparency), 14 (human oversight) and 15 (robustness) covered by default in all plans. Ready for August 2026.

Auditable logs · Explainability · Human override · Technical documentation

Full export and portability

GDPR Art. 20 in 1 click. If you decide to leave, you take all your data in standard formats. No retention, no small print, no penalty.

JSON/CSV export · Art. 20 portability · No data lock-in

// FREE COMPLIANCE DIAGNOSTIC

Does your company comply with GDPR in its use of AI?

In 1 hour we review which AI tools your company uses, what data they handle, and whether there are compliance gaps. No commitment.

Free compliance diagnostic See pricing
DPA art. 28 signed · Data in EU · EU AI Act ready
Back to home