Layout, contracts, and data shapes are real. The data shown is illustrative. Real customer data flows live with our first design partner.
The Compliance Vault
One source of truth for AI-Act Annex IV, Article 53(1)(d), and DSAR-erasure attestation.
The Vault is the buyer-facing artifact behind every green CI run. Each tile below is a regulatory contract — proof or counterexample, signed at compile time, replayable in a regulator's browser.
- T8 · provenance-flowComing with first DP
Model Registry
One row per deployed model. Training run, dataset versions, last provenance proof, Annex IV pack, DSAR queue depth, erasure status.
- AI Act Art. 53(1)(d)Coming with first DP
Annex IV Pack
One-click PDF generation from the certificate ledger. Pre-populated to match Annex IV §1–§7 with embedded Sigstore signature.
- GDPR Art. 15Coming with first DP
DSAR Chain-of-Custody
Paste a user ID. Get every embedding, checkpoint, and fine-tune corpus that ever held data derived from that user.
- T7 · GDPR Art. 17Coming with first DP
Erasure-Completeness
Proof or counterexample for every Article-17 deletion request — refutations name the residual reachability path.
- T9 · audit-ledgerComing with first DP
Incident Replay
When a model misbehaves, replay the training lineage backward to find the responsible source. Every step signed.
- AI Act Art. 43Coming with first DP
Auditor Portal
Read-only, scoped, signed-export. The artifact a Notified Body can replay tomorrow without contacting you.
Compliance officer? Schedule a DP conversation.
We are onboarding our first design partner now. Bring an Annex IV deadline, a DSAR backlog, or a Notified Body audit — we will fit the Vault to the artifact you actually have to ship.
dp@veric.dev →