Everything about NordClaw, the EU AI Act,
Shadow AI and GDPR-grade PII redaction.

NordClaw is a transparent proxy interceptor that sits between your organization and AI models to automatically redact personal data, build an immutable audit trail, and provide real-time visibility into all AI usage across the entire organization.

The core problem is not a documentation gap—it is a visibility and enforcement gap. Employees use AI tools without approval, personal data leaves the EU in every prompt, and there is no record of any of it. NordClaw is compliance infrastructure: it technically enforces your rules in the traffic path rather than relying on policies that employees may or may not follow.

Policies, registries, and training videos are "paper controls." They cannot physically stop an employee from pasting a customer's medical record into ChatGPT. The EU AI Act explicitly requires that human oversight and data controls be technically embedded into systems, not merely described in a document. NordClaw enforces compliance at the network layer, making it structurally impossible for personal data to reach an unapproved model.

Instead of relying on inaccurate employee surveys, NordClaw's proxy automatically discovers every distinct AI model being called across your network from live traffic. It surfaces tools IT may not even know are in use—including consumer-tier ChatGPT, Claude, and Gemini accounts, as well as AI features embedded overnight into approved SaaS platforms. Without this, classification is impossible; without classification, every other compliance obligation is unaddressable.

While large enterprises can afford complex custom builds, the EU mid-market (50–2,000 employees) is currently underserved by governance platforms. NordClaw is specifically designed to provide enterprise-grade protection without the six-figure "Consultant Tax." The product is also relevant for larger organizations that want to avoid the operational complexity of enterprise-only platforms.

US platforms are subject to the US CLOUD Act, which means US government authorities can compel access to data stored on US infrastructure regardless of contractual protections. This creates direct GDPR Article 44 exposure for EU customers. NordClaw is hosted entirely on Hetzner Frankfurt, ensuring complete EU data sovereignty. Additionally, US platforms do not provide the specific compliance outputs required by the EU AI Act—Article 26(6) log exports, FRIA templates, EU database registration support, and 24-language PII detection.

Traditional compliance implementations involve external consultants who charge €50,000–€150,000 or more for AI governance projects. NordClaw automates onboarding, AI inventory discovery, and compliance reporting, eliminating the need for expensive third-party engagements. The entire core interceptor can be activated in under an hour.

Once NordClaw sits between every AI tool and every LLM in an organization, it becomes the natural platform for model routing, cost optimization, access control, usage analytics, and a marketplace of approved tools. Compliance is the entry point; the long-term value is a complete AI control plane for the EU mid-market.

The fines are material and can apply simultaneously. EU AI Act high-risk violations carry penalties of up to €15 million or 3% of global annual turnover. Prohibited AI practices carry up to €35 million or 7% of global annual turnover. GDPR violations carry up to €20 million or 4% of global annual turnover. Both the AI Act and GDPR can apply to the same incident.

NordClaw is structurally EU-native, hosted entirely on Hetzner Frankfurt infrastructure. Because all PII is redacted before it leaves this EU perimeter, your data remains outside the jurisdictional reach of the US CLOUD Act. The EU data residency guarantee is technical, not contractual—a critical distinction that contractual Standard Contractual Clauses (SCCs) alone cannot provide.

GDPR Article 17 grants individuals the right to erasure. However, once personal data enters an LLM's parameters, it cannot be deleted without retraining the entire model—an operation costing millions of dollars for large models. NordClaw redacts PII at the source before the prompt reaches the LLM. The model never sees the personal data, so there is nothing to erase from the model. If a data subject requests erasure, the organization simply deletes the relevant entries from the NordClaw audit log—a standard database operation.

The system uses Microsoft Presidio to detect 50+ entity types across all 24 official EU languages. These include: full names, email addresses, phone numbers, national ID numbers (all EU member states), IBAN codes, credit card numbers, health data indicators, IP addresses, passport numbers, driver's license numbers, social security equivalents, and location data. Custom entity types can be added for industry-specific identifiers.

Yes. The platform's automated AI inventory surfaces every AI vendor processing your data from live traffic. This gives your legal team the complete list needed to audit DPA coverage. In Phase 2, NordClaw adds a dedicated Vendor DPA Register that tracks DPA status, data residency, and training opt-out status for each vendor, ensuring no data flows to uncontracted processors.

The AI Act (Article 10) demands representative, complete datasets to prevent bias, while GDPR Article 5(1)(c) requires data minimization. NordClaw resolves this tension by intercepting and redacting PII before it reaches the LLM, allowing the model to receive contextually complete prompts while stripping the personal identifiers that create GDPR exposure. Where the Article 10(5) exception applies (processing special category data to detect bias), NordClaw enforces strict pseudonymization and flags the data for immediate deletion after the bias correction is complete.

NordClaw processes audit log data under a Legitimate Interest basis (GDPR Article 6(1)(f)), supported by a documented Legitimate Interest Assessment (LIA) that demonstrates the necessity of the processing for regulatory compliance and balances it against data subject rights. The LIA is available to customers on request.

NordClaw detects and redacts special category data (health, biometric, racial/ethnic origin, etc.) before it reaches any LLM. The original prompt containing special category data is stored only in the encrypted EU audit log and is never transmitted externally. Access to the audit log is role-restricted and audited.

The immutable audit log is searchable by user identity. If a data subject submits a Subject Access Request (SAR), the compliance team can export all log entries associated with that individual's identity, providing a complete record of how their data was processed through AI systems.

All data in the audit log is encrypted at rest using AES-256 encryption. Data in transit is protected by TLS 1.3. The Hetzner Frankfurt infrastructure is ISO 27001 certified and operates entirely within EU jurisdiction.

The Walled Garden is a curated integration catalogue where every active "skill" (integration or AI model connector) has passed a three-layer security screening: repo-forensics (static code analysis), binary hash verification, and runtime sandboxing in rootless Docker containers. Only verified, secure integrations are available to your organization.

The interceptor uses a cryptographically signed manifest. If an app's code is modified (a supply chain attack), its SHA-256 hash will mismatch the manifest, and the interceptor will automatically drop the traffic. This provides real-time protection against compromised third-party integrations without requiring manual monitoring.

Yes. NordClaw is 100% OpenAI API-compatible. Developers can govern their internal scripts and tools simply by changing a single BASE_URL environment variable to api.nordclaw.eu. No code rewrites, no new SDKs, no disruption to existing workflows.

The interception and redaction process typically adds less than 50ms of latency, making the security layer entirely invisible to end users and applications.

No. NordClaw operates at the network level as a transparent proxy. Full visibility and control are achieved by routing API traffic through the gateway, without deploying endpoint agents or disrupting user workflows.

On day one, NordClaw supports: OpenAI (GPT-4, GPT-4o, GPT-4.1), Anthropic (Claude Sonnet, Claude Opus), Mistral (Mistral Large, Mistral Small), and any OpenAI-compatible endpoint (including Azure OpenAI and Copilot Studio custom agents). Additional providers are added through the Walled Garden process.

Each organization receives a unique NordClaw API key. When a request arrives, NordClaw resolves the key to an organization and a user identity via SSO integration with Microsoft Entra ID or Google Workspace. The user's name, department, and role are attached to every log entry. This is what OpenAI's own dashboard cannot do—it knows which API key was used, but not which human being used it.

NordClaw is deployed on Hetzner Frankfurt with high-availability configuration. In the event of a service interruption, organizations can configure a fallback policy: either fail-closed (block all AI traffic until the proxy is restored, maximizing compliance) or fail-open (allow direct traffic with an alert, prioritizing availability). The choice is configurable per organization.

In addition to redacting PII in prompts (input), NordClaw can be configured to scan LLM responses (output) for PII that the model may have generated or hallucinated. Any detected PII in the response is flagged in the audit log and, optionally, replaced with placeholders before the response is returned to the user.

Yes. The PostgreSQL database is configured as an append-only log at the application layer—records can be inserted but never updated or deleted through the NordClaw application. The database is hosted on dedicated Hetzner infrastructure with access restricted to the NordClaw service account. Log integrity is verified by SHA-256 request hashes stored in each record.

NordClaw maintains an immutable, append-only PostgreSQL log for at least six months. Unlike provider "receipts" that show only aggregate token counts per API key, these logs map every request to a named human and department via SSO, capturing: timestamp, user identity, department, model called, token counts, PII entities detected, policy applied, latency, and a SHA-256 request hash. A CISO can export the complete Article 26 audit trail in one click as CSV or PDF.

Yes. NordClaw automatically flags workflows involving Annex III categories, such as HR recruitment, performance evaluation, financial credit scoring, and law enforcement applications. It activates mandatory human-in-the-loop (HITL) approval gates, ensuring that consequential decisions require explicit human review and justification before execution.

NordClaw generates pre-populated templates for Fundamental Rights Impact Assessments (FRIAs) and Data Protection Impact Assessments (DPIAs) based on actual, discovered traffic patterns. This eliminates weeks of manual legal work and ensures assessments reflect technical reality rather than theoretical use cases. The integrated assessment approach follows Article 27(4) of the AI Act, which explicitly allows the FRIA to complement the DPIA.

NordClaw maps real-world AI usage data from the interceptor to training records, generating a compliance evidence report for regulators that proves every active user has completed role-specific literacy training. This is the most commonly overlooked and easiest violation for a regulator to identify.

By maintaining a continuous, real-time view of all AI traffic, NordClaw provides the foundational data needed for post-market monitoring. The dashboard surfaces model drift indicators, unexpected usage patterns, and emerging biases, enabling the compliance team to meet their ongoing monitoring obligations without building a separate MLOps pipeline.

NordClaw's real-time alerting system notifies the designated compliance officer immediately when a policy violation, PII breach, or anomalous AI behavior is detected. This enables the organization to initiate the correct reporting timeline: 72 hours for a GDPR data breach (Article 33) or 15 days for an AI Act serious incident (Article 73), or 2 days for a widespread AI infringement.

Article 6(3) allows an Annex III system to escape high-risk classification if it only performs a "narrow procedural task." NordClaw's AI inventory captures the intended purpose and input data categories for every discovered system, providing the factual basis for a legal team to formally document and sign off on the Article 6(3) exception where applicable.

NordClaw's AI inventory provides the complete list of AI systems in use, including their intended purpose, risk classification, and vendor details. This is the foundational data required for Article 49 registration. For deployers, NordClaw also supports the procurement check: verifying that any high-risk AI system being considered for purchase is already registered in the EU database before deployment.

Yes. NordClaw's compliance dashboard generates the documentation needed to demonstrate that affected individuals have been informed when AI systems are used in decisions about them (e.g., job applications, credit assessments). For chatbot deployments, NordClaw provides configurable disclosure banners that satisfy Article 50's requirement to inform users they are interacting with an AI system.

NordClaw's audit log provides the forensic record needed to investigate AI-related complaints. The system's policy violation alerts create a documented trail of how concerns were identified and addressed, supporting the investigation protocol required under Article 87 and the EU Whistleblower Protection Directive.

NordClaw eliminates the "Consultant Tax" through automated onboarding and a transparent subscription model. It provides per-trace cost attribution, tagging every AI request with its exact cost in cents, allowing accurate tracking and optimization of AI expenditure across departments. The cost of non-compliance (fines up to €35M or 7% of turnover) dwarfs the cost of the platform.

NordClaw ensures that AI used for applicant ranking, performance monitoring, or workforce planning—classified as "High-Risk" under Annex III—is technically governed. Mandatory approval gates require an HR professional to review and explicitly justify AI-generated decisions before they are executed, protecting the company from regulatory fines and discrimination claims.

Marketing teams can automate CRM workflows (HubSpot, Salesforce) and content generation without fear of leaking customer identities to unapproved US model providers. All PII is replaced with placeholders at the gateway, enabling powerful generative AI use while remaining strictly GDPR compliant.

Legal teams receive auto-generated, pre-populated DPIA and FRIA templates based on actual traffic data, eliminating weeks of manual assessment work. The vendor DPA register ensures complete coverage of all AI processors, and the immutable audit log provides the forensic record needed for regulatory defense.

IT teams achieve complete visibility into all AI usage across the organization from a single dashboard, without deploying endpoint agents. Security teams benefit from supply chain attack protection via the Walled Garden Manifest and automatic traffic blocking on hash mismatch.

Yes. Using sovereign geocoding (OpenRouteService) and route optimization (VROOM), NordClaw can automatically generate mileage records for staff while ensuring employee movement data never leaves the EU, maintaining strict privacy standards for location data.

The ROI calculation has three components. First, risk avoidance: a single GDPR or AI Act fine can reach tens of millions of euros. Second, cost elimination: NordClaw replaces €50,000–€150,000 in consultant fees with an automated platform. Third, operational efficiency: automated compliance reporting, AI literacy tracking, and vendor DPA management save hundreds of hours of legal and compliance staff time annually.

NordClaw is a three-layer architecture. Layer 1 is the Real-Time Interceptor: a FastAPI application on Hetzner Frankfurt that acts as a transparent proxy between your tools and any LLM. Layer 2 is the Governance Documentation layer: the compliance dashboard, DPIA/FRIA templates, and vendor DPA register. Layer 3 is the Sovereign EU Infrastructure and Identity Mapping layer: the immutable PostgreSQL audit log on Hetzner Frankfurt, with SSO-based user identity resolution.

On every request, the prompt is passed through Microsoft Presidio before being forwarded to the LLM. Presidio identifies PII entities using a combination of named entity recognition (NER) models, regular expressions, and context-aware rules. Detected entities are replaced with typed placeholders (e.g., [PERSON_1], [EMAIL_1], [IBAN_1]). The redacted prompt is forwarded to the LLM. The original prompt, with PII intact, is stored only in the encrypted audit log on Hetzner Frankfurt and is never transmitted to a US server.

No. Presidio is one component, not the product. NordClaw uses Presidio the same way a bank uses PostgreSQL—as a reliable, open-source library for a specific function. The value is the architecture around it: the proxy, the identity layer, the EU infrastructure, the compliance dashboard, and the regulatory output. Presidio alone cannot intercept traffic, map requests to named users, generate Article 26 audit logs, or produce DPIA templates.

The current MVP is a managed SaaS service hosted on Hetzner Frankfurt. Self-hosted / on-premise deployment is on the roadmap for Enterprise customers with specific data residency requirements beyond EU-level guarantees (e.g., single-country hosting requirements).

NordClaw integrates natively with Microsoft Entra ID (formerly Azure AD) and Google Workspace via standard OAuth 2.0 / OIDC protocols. This enables automatic user identity resolution, department mapping, and role-based access control without any manual configuration.

The original prompt is stored only in the encrypted audit log on Hetzner Frankfurt. It is never transmitted to the LLM or to any third-party service. Access to the original prompts in the audit log is restricted by role-based access control and is itself logged.

These platforms help organizations manage, classify, and document AI systems. They produce compliance evidence. They do not sit in the traffic path. If an employee pastes customer data into ChatGPT, none of these tools stop it, redact it, or log it. NordClaw provides the technical enforcement layer that these platforms lack, and can integrate with them as a complementary layer.

Radicalbit offers an enterprise AI gateway with PII masking and audit logging. However, Radicalbit does not provide the governance documentation layer—the impact assessments, the vendor DPA register, the AI inventory, the AI literacy tracking—that regulators also require. NordClaw combines both interception and documentation in a single product on EU-sovereign infrastructure.

No EU-native platform currently combines: (1) real-time API traffic interception, (2) governance documentation and compliance reporting, and (3) sovereign EU infrastructure with identity mapping via SSO. NordClaw occupies all three layers simultaneously.

No. Generic AI gateways (e.g., Kong AI Gateway, AWS Bedrock) provide routing and rate limiting but have no EU compliance layer, no GDPR-specific PII redaction across 24 EU languages, no Article 26(6) audit log, no FRIA/DPIA generation, and no EU data sovereignty guarantee. NordClaw is a compliance infrastructure product that happens to use a gateway as its enforcement mechanism.

Yes. NordClaw offers a 90-Day Compliance Readiness Sprint at €2,000–€5,000 per company. This delivers a complete AI inventory, risk classification, vendor DPA audit, log setup, and draft DPIA/FRIA—providing immediate compliance value while allowing the organization to evaluate the platform before committing to a subscription.

The Sprint delivers: a complete AI system inventory discovered from live traffic, risk classification of all discovered systems under the EU AI Act, a vendor DPA audit identifying gaps, a fully configured audit log satisfying Article 26(6), and draft DPIA/FRIA templates for high-risk systems. Most organizations complete the Sprint before the August 2, 2026 enforcement deadline.

NordClaw is offered on a monthly subscription basis with no minimum contract length for Starter and Professional tiers. Enterprise agreements are negotiated individually and typically include annual terms with SLA commitments.

Customers with hard deadlines can pay a priority audit fee to have new Walled Garden integrations reviewed and verified within 48 hours, rather than the standard review queue.

Snorre is NordClaw's voice-first AI onboarding consultant. Snorre handles authentication setup, department hierarchy configuration, and starter automation configuration, making a team productive within 45 minutes without requiring IT involvement.

The core interceptor can be activated and providing organizational visibility in under an hour by changing a single environment variable (BASE_URL=api.nordclaw.eu). Most organizations achieve full compliance maturity within the 90-Day Compliance Readiness Sprint.

The standard demo follows five steps: (1) Show the dashboard—"This is every AI interaction in your organization right now." (2) Send a test prompt containing a fake name and email address through the proxy. (3) Show the log entry—the PII was redacted, the LLM received clean data, the record is immutable. (4) Click the compliance export button—"This is what you hand to a regulator." (5) Show the model inventory—"These are all the LLMs your employees are currently calling. Did you know about all of them?" A non-technical CISO understands the value immediately.

Yes. All approved Walled Garden integrations are available to all customers. Customers with hard deadlines can pay a priority audit fee to have new integrations reviewed within 48 hours. Enterprise customers receive dedicated SLA-backed support.

NordClaw provides: a full technical integration guide, API documentation, SSO configuration guides for Microsoft Entra ID and Google Workspace, compliance export templates, and access to Snorre for voice-guided onboarding. A knowledge base and support portal are available to all customers.

The Walled Garden Manifest is a cryptographically signed, publicly verifiable declaration of which AI models are approved, which governance rules are active, and what data restrictions are in force at any given point in time. It is NordClaw's trust signal to enterprise customers and their own clients, providing verifiable proof of compliance posture.

The current MVP focuses on LLM API traffic, which represents the most urgent and widespread compliance risk. Support for non-LLM AI systems (including computer vision pipelines and recommendation engines) is on the Phase 3 roadmap, enabling NordClaw to govern the full scope of AI systems required under the EU AI Act.

Yes. Phase 2 compliance reporting will include mapping to ISO/IEC 42001 (AI Management Systems) and the NIST AI Risk Management Framework, enabling organizations to use NordClaw as the technical foundation for multi-framework compliance programs.

NordClaw's proxy governs API-level traffic routed through the organization's network. Consumer-tier AI tools accessed via a browser on a personal device are outside the proxy's scope. NordClaw addresses this through the AI literacy training tracker (Phase 3), which educates employees on acceptable use policies, and through the model inventory, which identifies when personal accounts are being used via the corporate network.

NordClaw's automatic model discovery from network traffic will surface new AI endpoints as soon as they begin receiving traffic, regardless of whether the vendor disclosed the change. The compliance officer receives an alert for any newly discovered model, enabling rapid classification and DPA review.

NordClaw supports any OpenAI-compatible endpoint, including self-hosted open-source models (e.g., Llama, Mistral). The proxy can be configured to route traffic to internal endpoints, providing the same governance, logging, and PII redaction capabilities for internally hosted models as for external APIs.

Fine-tuning a third-party model may legally reclassify your organization as a "Provider" under Article 25 of the EU AI Act, inheriting significantly greater compliance obligations. NordClaw's compliance dashboard flags this risk when fine-tuned models are detected, and the DPIA/FRIA templates include a Provider vs. Deployer classification assessment.

The NordClaw compliance export generates a formatted, regulator-ready Article 26 audit log as a CSV or PDF in one click. The log is immutable and timestamped, providing a legally defensible record of all AI usage. NordClaw's legal team can provide a supporting declaration confirming the log's integrity and storage location on EU infrastructure.

NordClaw's organization structure supports multi-country deployments with department hierarchies that map to legal entities in different jurisdictions. The compliance dashboard can be filtered by country, legal entity, or department, enabling jurisdiction-specific reporting for organizations operating across multiple EU member states.

NordClaw's audit log and incident reporting capabilities are directly relevant to DORA (Digital Operational Resilience Act) obligations, particularly around ICT incident reporting and third-party risk management. Phase 2 will include explicit DORA compliance mapping, enabling financial services firms to use NordClaw as a unified compliance infrastructure for AI Act, GDPR, and DORA obligations simultaneously.