- Who actually does the work?
- The research runs on the Ansvar gateway — the same cited engine our customers use — and every finding is validated and reviewed by the senior practitioner who delivers it. Nothing ships on model output alone.
- What do we need to provide?
- Enough to scope honestly: an architecture sketch or data-flow diagram for a threat model; processing records and the DPO's view for a DPIA; existing policies and evidence for a gap analysis. We work under your NDA, and intake runs over EU-hosted upload.
- How long does an engagement take?
- Scope drives it, so you get the delivery date in writing together with the fixed quote. The scoping call itself is 30 minutes.
- Is this legal advice?
- No. Ansvar is not a law firm and the deliverables are not legal advice — they are cited compliance analysis: every conclusion traces to the provision it rests on, and judgment calls are marked as judgment calls instead of buried in prose. That format is deliberate, so your counsel can check every line and take the legal position.
- Can we run these ourselves instead?
- Yes. The same workflows — gap analysis, DPIA, threat models, AI Act readiness — run self-serve on the Team tier and produce the same cited artefacts. The service exists for when you need it done, reviewed, and signed by someone who does this daily.
- What lands in our hands at the end?
- The deliverable itself plus a compliance-metadata package — the sources, validation, and provenance behind each finding — built for your own audit records. Everything is yours to keep.