Understand your AI Act obligations.
Prove compliance.
Keep it aligned as AI evolves.

A practical compliance platform for companies deploying AI in the EU and the consultants who support them. Built around real deployments, not abstract models.

Join 300+ professionals already exploring AI Act compliance with Aigolex

The real AI Act problem

Companies don't know if they are AI providers, deployers, or both.

Obligations depend on how AI is used, not on the model itself.

Documentation becomes outdated as soon as systems or vendors change.

Audits, enterprise customers, and boards expect immediate answers.

AI Act compliance is not a one-time exercise.
It's an operational problem.

Compliance attaches to deployments, not to AI models

That's why the platform mirrors the structure of the AI Act itself

Company

the legal entity ultimately responsible for compliance

Workspaces

distinct operational perimeters where AI is developed, tested, or used

AI assets

the underlying AI systems or models, independent from any single feature

Deployments

how those AI assets are actually used in practice, by whom, and for what purpose

Under the AI Act, obligations, risk classification, and roles attach to deployments not to AI models in isolation. This ensures compliance decisions reflect real-world AI use, not theoretical system descriptions.

Scope

Define where AI exists, how it's used, and who is responsible.

•Maps AI usage across companies and workspaces
•Identifies AI assets and their concrete deployments
•Determines your role under the AI Act (provider, deployer, or both)

Misclassifying your role means misapplying every obligation that follows.

Obligations

Know exactly what the AI Act requires, per deployment.

•Assigns regulatory requirements at the deployment level
•Based on role, risk classification, and usage context
•Generates clear, trackable checklists
•Separates applicable obligations from irrelevant ones

The AI Act is obligation-driven. Guessing is not a strategy.

Evidence

Always-ready documentation to prove compliance.

•Centralizes compliance documentation per workspace and deployment
•Includes system descriptions and risk assessments
•Tracks human oversight measures and monitoring controls

Static documents fail the moment reality changes.

Continuity

Stay compliant as AI systems, vendors, and uses change.

•Monitors changes to AI assets, deployments, and operational perimeters
•Flags when obligations or risk levels must be updated
•Alerts when documentation needs to be refreshed

Most compliance failures happen after the first assessment.

AI Act compliance readiness assessment

Identify your AI Act obligations, classify risk exposure, and uncover compliance gaps — with a guided interactive assessment.

Built for teams that can't ignore regulation

EU-based or EU-operating

Active AI deployments

Exposure to audits

Legal & compliance leaders

Risk & trust teams

Engineering leaders accountable for AI systems

Built by people who've done this before

Experience in legaltech and regulated environments

Built with legal and technical teams

Not Big-4 complexity

Prepare now. Don't scramble later.

Privacy Policy

Pursuant to Regulation (EU) 2016/679 ("GDPR")

Last updated: Feb 25 2026

1. Data Controller

The Data Controller is:

Aigolex
VAT number: IT04292571208
Email: hello@aigolex.com

Aigolex operates the website relating to the "aigolex" project.

No Data Protection Officer (DPO) has been appointed, as the conditions set out in Article 37 GDPR do not apply.

2. Categories of Personal Data Processed

The following personal data may be processed:

First name
Last name
Company name
Email address
Information voluntarily provided through contact forms
Technical and usage data (including IP address, browser type, device data)
Website interaction data collected via analytics tools

Where applicable, business-related information may be enriched using publicly available sources or third-party providers for lead qualification and profiling purposes.

The website is intended exclusively for business users. It is not directed to individuals under the age of 18.

3. Purposes and Legal Bases of Processing

Personal data is processed for the following purposes:

a) Management of waiting list registrations and checklist downloads

To provide requested materials and manage early access registrations.

Legal basis: Article 6(1)(b) GDPR (pre-contractual measures) and, where required, Article 6(1)(a) GDPR (consent).

b) Management of consultancy or commercial requests

To respond to information requests and evaluate potential business relationships.

Legal basis: Article 6(1)(b) GDPR.

c) Marketing communications

To send newsletters, updates, product information, and promotional communications related to aigolex.

Legal basis: Article 6(1)(a) GDPR (consent).

Consent may be withdrawn at any time without affecting prior lawful processing.

d) Profiling and lead qualification

To analyze user interactions, segment contacts, assess potential business interest, and improve commercial strategy.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in developing business activities) and, where required, Article 6(1)(a) GDPR.

e) Website analytics

To monitor performance and improve website functionality and user experience.

Legal basis: Consent, where required under applicable legislation.

4. Data Retention

Personal data is retained for the following periods:

Non-converted leads: up to 24 months from the last interaction.
Marketing contacts: until withdrawal of consent or 24 months of inactivity.
Consultancy requests: up to 36 months for commercial and administrative purposes.
Analytics data: in accordance with tool configuration, typically up to 24 months.

Upon expiration of the applicable retention period, data will be deleted or anonymized.

5. Processing Methods and Security Measures

Personal data is processed using electronic and organizational measures designed to ensure confidentiality, integrity, availability, and resilience of processing systems, in accordance with Article 32 GDPR.

6. Recipients and Data Processors

Personal data may be processed by:

Authorized personnel of Aigolex
IT service providers
Cloud infrastructure providers
Analytics providers

Aigolex currently relies on:

Amazon Web Services (AWS) — cloud hosting services
Mixpanel Inc. — analytics services

Such providers act as Data Processors pursuant to Article 28 GDPR under appropriate contractual arrangements.

7. International Data Transfers

Certain service providers may process personal data outside the European Economic Area (EEA), including the United States.

Where applicable, transfers are carried out in compliance with Chapter V GDPR, including the use of:

Standard Contractual Clauses (SCCs),
Adequacy decisions adopted by the European Commission,
Additional safeguards where required.

8. Cookies and Tracking Technologies

The website uses:

Technical cookies necessary for its operation;
Analytics tools (including Mixpanel).

Where required by applicable law, analytics technologies are activated only upon user consent.

A dedicated Cookie Policy provides further details.

9. Rights of Data Subjects

Data subjects may exercise the rights provided under Articles 15–22 GDPR, including:

Right of access;
Right to rectification;
Right to erasure;
Right to restriction of processing;
Right to data portability;
Right to object to processing;
Right to withdraw consent at any time;
Right to lodge a complaint with a competent supervisory authority.

Requests may be submitted to: hello@aigolex.com

10. Amendments

This Privacy Policy may be updated at any time. The updated version will be published on this page with a revised date.

Understand your AI Act obligations.Prove compliance.Keep it aligned as AI evolves.