Claude Code · AI Security · EU AI Act
We Build the AI Agents Your Business Runs On.
Custom AI agents and automations, built with Claude Code in weeks, not quarters. We harden the AI you ship and keep you compliant with the EU AI Act, and we can train your engineers to do it too. Production-grade, not a prototype: we run our own company on a 200+ component agent stack. Fixed-price builds from EUR 10k.
We Build It, You Run It. Built With Claude Code.
You bring the workflow that wastes hours, we build the AI agent or automation that runs it and ship it to production. Claude Code is the engine, which is why we move at 5x speed an...
- Claude Code workshops for your engineering team (1-day and 3-day)
- Production agent stacks: sub-agents, hooks, MCP, skills
- Integrations with your stack (Gmail, Jira, CRM, internal APIs)
Find and Fix AI Vulnerabilities
Your AI systems are under attack. Prompt injection, data poisoning, model extraction, and adversarial inputs are real threats that most organizations are not prepared for. We provi...
- AI security audits and vulnerability assessments
- Prompt injection detection and defense
- LLM red teaming and penetration testing
Automate Your Compliance Workflows
Manual compliance is expensive and error-prone. We build automated systems that handle documentation generation, audit trail creation, monitoring alerts, and compliance reporting s...
- Automated compliance documentation generation
- Continuous AI system monitoring and alerting
- Audit trail automation and evidence collection
How We Work
Assess
Map your AI systems and identify which fall under regulation
Classify
Determine risk category for each system per Art. 6 + Annex III
Document
Build technical documentation, risk assessments, audit trails
Monitor
Ongoing compliance monitoring, drift detection, regulatory updates
Frequently Asked Questions
Common questions about our services, process, and pricing
40 days until EU AI Act Article 50 transparency obligations apply, with penalties up to EUR 15M or 3% of global revenue
EU AI Act Risk Categories
Prohibited
Social scoring, real-time biometric ID in public, emotion recognition at work. Banned since Feb 2025.
High Risk
HR/recruitment, healthcare, credit scoring, law enforcement, critical infrastructure. Full compliance by Dec 2027 (Annex III standalone), Aug 2028 (Annex I embedded).
Limited Risk
Chatbots, content generation, deepfakes. Transparency obligations - users must know they interact with AI.
Minimal Risk
Analytics, recommendations, internal tools. No mandatory requirements, voluntary codes of conduct.
EU AI Act Implementation Timeline
Feb 2025
Already in effect
Prohibited practices banned + AI literacy (Art. 4) required for all companies
Aug 2025
Active now
GPAI model obligations + sanctions framework active
Aug 2026
Approaching
Article 50 transparency: chatbot disclosure, deepfake labelling. Watermarking follows Dec 2026
Dec 2027
Upcoming
High-risk standalone (Annex III) applies Dec 2, 2027; embedded safety components (Annex I) Aug 2, 2028
EU AI Act vs GDPR
You already dealt with GDPR. Here is how EU AI Act compares and what additional work is needed.
| Aspect | GDPR | EU AI Act |
|---|---|---|
| Scope | Personal data processing | AI systems placed on EU market or used in EU |
| Risk approach | Data Protection Impact Assessment (DPIA) | 4-tier risk classification + Fundamental Rights Impact Assessment (FRIA) |
| Documentation | Records of processing activities | Technical documentation, training data records, performance logs |
| Oversight | Data Protection Officer (DPO) | Human oversight mechanisms (Art. 14) |
| Max penalty | EUR 20M or 4% revenue | EUR 35M or 7% revenue |
| Deadline | In effect since 2018 | Art. 50 transparency Aug 2, 2026; high-risk Dec 2, 2027 |
NIS2 + AI Act: Double Compliance
If your company falls under NIS2 (OUG 155/2024), you likely need AI Act compliance too. The same systems that process critical data often use AI. We map the overlap and build a unified compliance framework - one audit process, not two.
15,000+
Romanian entities under NIS2
10M EUR
Maximum NIS2 fine
2%
Of global revenue penalty
Who Enforces the AI Act in Romania
Romania designated national competent authorities in March 2026. We help you prepare for their oversight.
ANCOM
Market Surveillance + National Contact Point
Primary enforcement authority for AI Act. Oversees AI systems on the Romanian market.
ASF / BNR
Financial Sector Oversight
High-risk AI in banking, insurance, capital markets. Joint supervision with ANCOM.
ANSPDCP
Data Protection Authority
AI systems processing biometric data, used in justice, law enforcement, migration, democratic processes.
Ready to build the AI your business runs on?
Book a free 30-minute call to scope what you want built. Not ready yet? Check your AI risk level first.