Patent pending

LegisGate™ is a proprietary compliance intelligence engine — deterministic regulatory rules with AI-assisted analysis layered on top. Not a chatbot. AI Tool Intelligence Reports your Data Protection Team can act on at the click of a button.

AI Transparency Notice

Last updated: March 2026

1. Introduction

LegisGate™ uses artificial intelligence to assist with regulatory compliance analysis, risk assessment, and document processing. We are committed to transparency about how AI is used in our Service.

This notice explains which AI systems we use, what data is processed, how decisions are made, and your rights under the EU AI Act and the General Data Protection Regulation (GDPR). It supplements our Privacy Policy and Terms of Service.

2. AI Systems Used

  • Provider: Anthropic (Claude). All AI processing is inference-only — your data is never used to train AI models.
  • Purpose: Regulatory compliance analysis, risk assessment, document analysis, and regulatory intelligence summarization.
  • EU AI Act classification: Limited Risk (Article 50). Transparency obligations apply, and this notice fulfills those requirements.

3. How AI is Used in LegisGate

LegisGate is a proprietary compliance intelligence engine. A deterministic mechanical rules layer identifies applicable frameworks, injects mandatory findings, enforces citation rules, and runs structured classification sequences as code. Anthropic Claude is used for AI-assisted natural language analysis layered on that foundation — for example nuanced finding text, document interpretation, and conversational follow-up. Outputs pass through an automated verification gate before delivery where applicable.

AI Tool Intelligence Reports

The intelligence engine researches vendor information, privacy policies, and regulatory context to produce structured intelligence findings and recommendations. Risk scores (0–100) are directional indicators informed by the analysis pipeline. Your Data Protection Team reviews outputs and records deployment decisions — LegisGate does not make compliance determinations on your behalf.

Ask LegisGate Assistant

A conversational interface that uses AI-assisted analysis to answer regulatory questions in your organizational context. Users are informed they are interacting with an AI-backed feature. Responses are informational only and do not constitute legal advice.

Regulatory Intelligence Summaries

AI-assisted summarization of regulatory updates from official sources, with impact framing relevant to your organization. Summaries are labeled as machine-assisted research aids, not primary legal authority.

Privacy Policy Analyzer

AI-assisted extraction of structured information from vendor privacy policies, including data collection practices, retention periods, and third-party sharing. Results feed into reports and are subject to human review.

Document Processing

AI-assisted classification and extraction from uploaded documents such as Data Processing Agreements (DPAs), SOC 2 reports, and vendor security questionnaires.

EU AI Act Classification

The EU AI Act mandatory five-step sequence runs as structured logic; AI-assisted analysis contributes nuanced reasoning within that scaffold. Known vendors may receive deterministic classification from an internal registry.

Breach Notification Drafting

AI-assisted drafting of breach notification letters based on incident details and applicable regulatory requirements. All drafts require human review and editing before use — they are starting points, not final documents.

4. Data Processing for AI

What data is sent to the AI provider

Assessment details, vendor information, privacy policy text, regulatory context, and user questions submitted through features that use AI-assisted analysis.

What is never sent

Passwords, authentication tokens, payment information, and raw personal data of data subjects are never transmitted to the AI provider.

Legal basis (GDPR)

  • Legitimate interest (Article 6(1)(f)) — for B2B regulatory compliance analysis where AI processing is necessary to provide meaningful compliance insights.
  • Contract performance (Article 6(1)(b)) — where AI-assisted features are part of the contracted Service.

Data retention

AI inputs and outputs are stored in your organization's LegisGate account and subject to our standard data retention policies. Anthropic does not retain data beyond the API request per their data processing terms.

Sub-processor

Anthropic PBC, San Francisco, CA, USA. Standard Contractual Clauses (SCCs) are in place for transfers of personal data from the EEA/UK to the United States.

5. Human Oversight

  • AI Tool Intelligence Reports require human review before deployment decisions are recorded.
  • Risk scores are directional indicators, not definitive determinations.
  • Users can override, edit, or reject machine-assisted content at any stage.
  • The workflow includes mandatory human review stages before a report can be finalized.
  • Where outputs are substantially machine-assisted, they are labeled appropriately in the Service.

6. Your Rights (GDPR Article 22)

Under the GDPR and the EU AI Act, you have the following rights in relation to AI-assisted processing:

  • Human intervention: The right to obtain human intervention in decisions significantly affected by automated processing.
  • Express your view: The right to express your point of view and to contest AI-assisted decisions.
  • Explanation: The right to an explanation of the logic involved in automated processing that affects you.
  • Opt out: The right to opt out of optional AI-assisted features by contacting our support team.
  • Access, rectification, and erasure: The right to access, rectify, and erase data that has been processed by AI systems.
  • Supervisory authority: The right to lodge a complaint with your data protection supervisory authority.

To exercise any of these rights, contact us at privacy@legisgate.com.

7. AI Limitations

  • AI outputs may contain errors, hallucinations, or outdated information.
  • AI analysis is based on information available at the time of processing and may not reflect the most recent regulatory changes.
  • Regulatory landscapes change frequently; AI analysis should always be verified against current law.
  • AI cannot replace qualified legal, compliance, or privacy professionals. LegisGate is a tool to assist — not substitute — professional judgment.

8. Contact

For questions about AI processing or to exercise your rights:

9. Updates

This notice may be updated as our AI capabilities evolve or as regulatory requirements change. We will notify you of material changes via the Service or email. The "Last updated" date at the top indicates when this notice was last revised.

← Back to home