EU AI Act readiness
Technical controls and exportable evidence for AI governance workflows — scoped to supported runtime paths.
Readiness, not legal compliance
Quantlix provides runtime policy enforcement and exportable evidence on supported production paths to help teams build EU AI Act readiness and broader AI governance workflows. It is not legal advice, a conformity assessment, CE marking, or a guarantee of regulatory compliance. Risk classification, DPIAs, and legal interpretation remain your responsibility.
Supported runtime paths
| Path | Policy before model | Enforcement events | run_id link |
|---|---|---|---|
| POST /run | Yes | Yes | Yes |
| Playground (via /run) | Yes | Yes | Yes |
| Gateway /v1/chat/completions | Yes | Yes | Yes |
| Gateway /v1/messages | Yes | Yes | Yes |
| Gateway /v1/embeddings | Yes | Yes | Yes |
| Workflow model/agent nodes | Yes | Yes | When workflow run exists |
| POST /rag/run | Yes | Yes | Yes |
| K8s async worker | Yes (pre-inference) | Yes | When job has run_id |
| POST /demo | No | No | — |
Customer readiness checklist
Map typical Act themes to product capabilities and responsibilities your team still owns.
Risk management (Art. 9)
Quantlix: Policy manifest export; optional risk_tier / intended_purpose; enforcement events with policy version
You own: Risk register, classification, mitigation sign-off
Data governance (Art. 10)
Quantlix: Contextual packs; block/redact on supported paths; optional SHA-256 content hashes (no raw text)
You own: Lawful basis, minimization, training data governance
Record-keeping (Art. 12)
Quantlix: Enforcement events, runs, traces; JSONL + signed export; investigation API
You own: Retention policy, access control, audit archival
Transparency (Art. 13)
Quantlix: Structured policy decisions in API; masked contextual audit payloads
You own: End-user disclosures and deployer instructions
Human oversight (Art. 14)
Quantlix: Workflow approval nodes; block/warn outcomes
You own: Oversight procedures and escalation playbooks
Accuracy & robustness (Art. 15)
Quantlix: Eval hooks; observability metrics
You own: Validation methodology and production monitoring
Evidence APIs
GET /enforcement-events/export— JSONL (optionalsigned=true)GET /governance/investigations— bundle by request_id or run_idGET /governance/deployments/{id}/policy-manifest— effective policy snapshot
See also Security & compliance and the Trust center.
Approved wording for sales
Supports teams building EU AI Act readiness evidence through runtime controls, logging, and signed enforcement exports where enabled — not a conformity assessment or legal compliance guarantee.