Data handling & privacy (RODO)

EU-first & privacy-by-design.  Predictura is designed in accordance with European regulatory standards: privacy by design, a full audit trail, and a clear division of responsibilities between platform and client. We support regulatory expectations (e.g., KNF/EIOPA) and GDPR as standard.

Data residency & transfers. Data can be stored and processed in the EU (SaaS — EU region by default). An on-prem deployment is available. Work with subprocessors is governed by DPAs; SCCs are used where required.

Auditability & explainability. Every calculation is versioned and reproducible (data, parameters, user, timestamp). Model documentation (model cards) and drift monitoring strengthen compliance with the EU AI Act / DORA / NIS2.

Data security. Role-based access (RBAC), activity logging, and encryption in transit/at rest are baseline controls; the platform follows Security & Privacy by Design principles.