No tracking. No cookie wall.·EU-hosted (Hetzner) · Cloudflare edge under SCCs
For compliance, legal & security teams

Do regulated work in the AI you already use. Defend every finding.

Ansvar grounds Claude, Microsoft Copilot Studio, Cursor, and your own agents in verified law, standards, and threat intelligence — then runs the work: DPIAs, threat models, TARAs, gap analyses. Every claim cites its source. Where no verified source exists, the gap is marked, not papered over.

€0 to start · no card · business email · connect in minutes. Paid plans from €29/mo.
Cited or unresolved. Never quietly guessed.
29Jurisdictions, licensing-audited
262Security frameworks
4.2MLegal provisions, citable
the deliverable

Every line, anchored.

This is what lands back in your AI client — prose you can defend, line by line.

DORA / NIS2 gap analysis — incident response10 verified · 1 marked
Report major ICT incidents within regulator deadlinesDORA Art. 19(4)
Classify incidents against harmonised materiality thresholdsDORA Art. 18(1)
24-hour early warning for significant incidentsNIS2 Art. 23(4)
Test ICT response and recovery plans annuallyDORA Art. 11(6)
Personal-data breach notification within 72 hoursGDPR Art. 33(1)
Sector regulator guidance (DE) — no verified sourcemarked unresolved
+ 5 more requirements in the exported report

The unresolved row is the product working: when no verified source exists, Ansvar marks the gap instead of writing prose around it.

Read the full samples: Threat model · DPIA · Gap analysis · AI Act readiness · Deferral dossier

How it works

Three ways in.

Ansvar is a gateway your AI client connects to — Claude, Microsoft Copilot Studio, Cursor, over MCP — with the same citation contract at every depth. No new chatbot to learn, and the platform core is EU-hosted. Pick the depth the job needs.

1

Ask — a cited answer across the sources in your scope

"Which incident deadlines apply to us under DORA and NIS2?" One question reaches law, regulation, and standards together; every result carries its source, and failed lookups stay visible.

2

Run — a structured assessment of your system or documents

Describe a system and get a STRIDE or LINDDUN threat model, or an automotive TARA. Upload your own documents and run a DPIA, gap analysis, or tender review with paragraph-level, tamper-evident citations — the exportable document itself, not a chat transcript.

3

Deliver — an Ansvar practitioner signs it

When an audit, a customer, or a regulator needs a named expert behind the document: fixed scope, a quote and a date in writing after one 30-minute call. Same gateway, same refusal discipline — a senior reviewer validates and signs every finding.

New module · ISO standards · Available now

ISO/IEC 27001, 42001 and more — cited, not paraphrased

Ansvar serves selected clause and control text of five ISO standards through the gateway, licensed from SIS — the Swedish Institute for Standards. Your AI client cites the controls in gap analyses, threat models, and audits, attributed to the source standard. Any standard SIS publishes can be licensed in on request.

SS-EN ISO/IEC 27001:2023 · SS-EN ISO/IEC 27002:2022 · SS-EN ISO/IEC 27005:2024 · SS-EN ISO/IEC 42001:2026 · SS-ISO/SAE 21434:2021

See the standards module →
Who does what

The judgment stays yours.

You scope ityour assistant works it Ansvar grounds ityou sign it.

Not another chatbot, and not a replacement expert — the evidence layer under the assistant your team already uses.

Wire it into the agents you run.

One MCP endpoint over OAuth 2.1 — no SDK, no scraping, no server-side model. Quotas are sized for agents: a seat can belong to a person or to an agent. Quickstarts for Claude, Microsoft Copilot Studio, Azure AI Foundry, and Cursor.

Machine-readable: llms.txt · coverage.json · .well-known/mcp.json — and every served row carries its citation envelope: source, publisher, license.

Built for your field

The evidence and workflows your sector depends on.

Each sector pack combines the law and regulations that bind you, the standards mappings and live threat intelligence your field runs on, and the workflows that turn them into cited, exportable evidence — for compliance, privacy, and security teams, and the consultants who serve them.

Why Ansvar

What auditable actually means

We do not answer without sources. We do not hide failed lookups. The product is the audit trail.

01

Complex reasoning, not keyword search

Threat models, gap analyses, and legal questions that span standards, regulations, and internal policies — answered across jurisdictions in one pass, with every claim tied to the exact source.

02

Auditability is the product

Every answer carries its sources. Every workflow carries its trace. When a source is unavailable, we show it — we do not invent. Every corpus reports its content freshness and the fleet is monitored daily, so stale law surfaces instead of hiding. The gateway guarantees the evidence; your client writes the prose around it.

03

EU-hosted core. Licensing-audited. Private.

Production and primary data storage run in the EU (Hetzner, Germany & Finland); edge and encrypted off-site backups are fully disclosed on our subprocessors page. Every source we serve is licensing-audited — text we have the right to serve, cited verbatim. Nothing you send Ansvar trains anyone’s model; your assistant’s own model traffic never passes through us.

04

Your documents, cited like law

Upload a policy, contract, or tender and every claim about it cites the exact paragraph — hash-anchored, so it stays provable months later, even after the document changes. Evidence, not chat-with-your-PDF. Counsel, DPOs, and bid teams run their own files through the same citation contract as the statutes.

Design partners

The engine works today. We take on a few teams per sector to tune it to their world — hands-on, with a direct line to the founders.

See the program →

Run the work. Defend the result.

Use Ansvar yourself, or have a practitioner deliver the completed assessment.

Compare plans

Fixed-scope expert engagements — a quote and a date in writing after one 30-minute call.