Compliance by Design.
Regulatory conformity is not an afterthought — it is an architectural principle.
Certifications & Standards
GDPR
SIMOSphere AI processes personal data exclusively within the EU. Data Processing Agreements (DPA) pursuant to Art. 28 GDPR are available for all plans. Technical and organisational measures (TOMs) include encryption in transit and at rest, role-based access control and a complete audit trail.
EU AI Act
As an orchestration platform, SIMOSphere AI classifies all deployed AI models by risk category. Risk registers and model documentation are maintained automatically. The platform supports the requirements for transparency, human oversight and technical documentation.
ISO 27001
ISO 27001 certification is in preparation (target: Q4 2027). The Information Security Management System (ISMS) is already implemented and continuously audited.
Data Residency
All data is processed and stored in German data centres. On-premise deployments enable full control over data location. No transfer to third countries without explicit consent.
Audit Trail
Every API request, every model call and every data query is logged. The audit trail is immutable, tamper-proof and exportable for external auditors.