Quick tips
A 3-minute read for new subscribers. Once your agent is connected through Setup, the snippet below tells it to query the Ansvar Gateway instead of answering from training data — and the rest of the page covers what to ask, how to verify the agent is grounded, and where to send feedback when a source is missing.
1. Paste this into your agent's system prompt
Drop the block below into your system prompt, custom instructions, or agent-instructions field. One snippet works across Claude (web + Desktop), Claude Code, VS Code Copilot, and Cursor — no per-agent variant is needed.
For any question about EU/EEA law, regulatory compliance, or
cybersecurity controls (GDPR, NIS2, AI Act, DORA, ISO 27001,
sector-specific regulation, national implementations), call the
Ansvar Gateway tools before answering — never from memory.
Quote article numbers, paragraph numbers, and authority names
verbatim from the tool output. For questions that touch both an
EU framework and a Member State (e.g. "Swedish law on…", "how
does Germany implement…"), issue at least one Gateway call per
regime — one for the EU instrument, one for each national
jurisdiction — before composing the answer.
If the Gateway returns no result, state which queries you ran,
that they returned zero results, and that you will not
substitute training-data recall. Do not name supervisory
authorities, statute numbers, or timelines unless they appear
in a tool result.2. Which question goes to which tool
Tier links go to pricing.
| Question | Tool | Tier |
|---|---|---|
| What does Art. 32 GDPR require? (and any other lookup across 29 audited jurisdictions) | search / get_provision | Free + |
| How do courts and regulators apply this rule? | search_case_law / search_agency_guidance / search_preparatory_works | Premium + |
| Where am I non-compliant with X regulation? | gap_analysis | Team + |
| What can go wrong with this system? | threat_model | Team + |
| What privacy risk does this processing carry? | dpia | Team + |
| Does this tender let us bid? | tender_review | Team + |
| Prove to an auditor what was asked and answered | tamper-evident audit ledger | Company |
The tier ladder behind the table:
- Free — €0, B2B signup. Single-MCP search, 50 calls per day, one request at a time. No fan-out, no workflows.
- Premium — no daily quota, 4 concurrent requests. Multi-source fan-out: case law, preparatory works, agency guidance.
- Team — adds the workflow tools (
gap_analysis,dpia,threat_model,tender_review), 16 concurrent requests. Not self-serve — contact us. - Company — adds the tamper-evident audit ledger (the ledger is Company-only), 64 concurrent requests. Not self-serve.
Tools above your tier are absent from tools/list and return JSON-RPC -32601 if called anyway; quota and cap overruns return JSON-RPC -32000 with code cap_exceeded. If your agent reports "method not found" for gap_analysis, that's the tier gate, not an outage.
3. How to tell the agent did (or didn't) ground its answer
Grounded looks like: article numbers (GDPR Art. 32(1)(b)), authority names (Datatilsynet, EDPB), a source_url to a .gov, .europa.eu, or recognised publisher domain, and a named MCP in the response (via danish-law).
Not grounded looks like: hedge words (generally, typically, in most cases), no article numbers, no source URLs, no MCP name.
One-line check. Paste this if you're unsure:
Which Ansvar MCP did you query, and which article number is this from? If you didn't query the Gateway, say so explicitly.4. Report a missing source
Spot a law, regulator, or dataset Ansvar should cover and doesn't? Tell us — we triage source requests weekly.
- Email: team@ansvar.eu (suggested subject: Missing source)
- See what's already covered: /coverage — the "Open to new sources" section lists jurisdictions being scoped next.