indentia.ai

Solutions

Four audiences. One promise: your data stays yours.

Indentia helps different people in your organization work faster and better — without your data ever leaving your own environment. Here's what that means concretely, for each audience.

Knowledge workers

Stop searching. Start knowing.

People who spend their day looking up information lose hours hunting through documents, wikis and email. Indentia answers directly — in natural language, with a citation back to the exact paragraph the answer came from.

  • Natural-language Q&A across all your internal sources
  • Citations back to the exact paragraph, page or frame
  • Persistent memory — agents build understanding over time
  • Dutch as a first-class language, not a translation afterthought
  • Government Q&A — parliamentary questions, official decisions and Rijksoverheid.nl content available inline, linked to persons and dossiers

Management & decision-makers

Decide on the full picture.

Managers make decisions on a fraction of what the organization actually knows — because the rest is scattered across five systems. Indentia delivers holistic insight and proactive alerts, without you having to phrase the perfect query.

  • Cross-departmental insights in one view
  • Proactive alerts on signals, anomalies or new information
  • Trend analysis across all internal sources at once
  • Briefings with citations — never a claim without a source

Compliance & Legal

Auditable from question to answer.

For compliance and legal teams, "the AI said so" is not an acceptable answer to a regulator. Indentia keeps every claim tied to its source, with full lineage and an audit trail aligned with the EU AI Act, NIS2 and ISO 27001/42001.

  • Full audit trail of every question, retrieval and output
  • AI Act, NIS2 and ISO 42001 mapping out of the box
  • PII redaction in the ingest pipeline, not just in the prompt
  • DPA, ROPA, PIA templates and TOM documentation included

How we comply

Compliance isn't a checkbox — it's plumbing.

Below is what we've actually shipped for the two regimes that matter most in the EU: GDPR and the EU AI Act. Each item maps to a concrete architecture decision and to code in production today — not a roadmap promise.

EU AI Act

Indentia is a general-purpose platform with both limited-risk and high-risk use cases. We treat every agent as a registered system with its own risk class, documentation and audit trail.

  • Risk classification per agent — forbidden / high / limited / minimal, with a conformity-assessment flow on the high-risk track (Art. 6 + Annex III).
  • Transparency layer — every AI response carries an "AI-generated" label, a persistent UI badge and a transparency notice (Art. 50). Built into the response envelope, not bolted on per app.
  • Model registry — every model and agent is a first-class entity in the data catalog: name, version, training data lineage, performance metrics, bias scores (Art. 11 + Annex IV).
  • AI Decision Audit Trail — every question, retrieval and output written to Pulsar and replayable from PostgreSQL. Per-tenant, signed, tamper-evident.
  • Human-in-the-loop gates — high-risk agents pause on configurable checkpoints; a human approves or rejects before the agent continues (Art. 14).
  • AI-literacy framework — onboarding material, role-based training and an internal wiki on how each AI system works (Art. 4).
  • Post-market monitoring — fairness/bias metrics, drift alerts and a quarterly compliance dashboard per tenant (Art. 72).

GDPR

Personal data is detected, classified and access-controlled at every layer — ingest, storage, retrieval and prompt. The platform doesn't trust the LLM to behave; it enforces.

  • PII classification at ingest — Presidio + custom recognisers tag personal data with type, position and confidence during chunking, before content enters the index. Content stays intact, so legitimate searches still work ("emails from Jane Doe"); enforcement happens at the retrieval layer (see next bullets), not by destroying source data — privacy by design (Art. 5, Art. 25).
  • Column-level masking for agents — every agent has a pii_access scope (none / masked / full); the query engine masks or strips PII columns automatically.
  • Row-level ACL across the graph — security trimming means users and agents only see records they're entitled to, with live change subscriptions when permissions change (Art. 32).
  • Right to erasure protocol — quarantine, ordered purge across every store (graph, indexes, object storage, embeddings, audit), legal-hold support and a signed proof-of-erasure receipt (Art. 17). See ADR-086.
  • Data residency by tenant — each tenant runs in its own namespace, its own object-storage keys, its own IdP. EU residency is the default, with sovereign hosting options when the workload demands it.
  • Lineage end-to-end — every claim is linked back to the document, page, paragraph or frame. DSAR responses are reproducible from the lineage graph, not best-effort (Art. 15).
  • Templates included — DPA, ROPA, DPIA and TOM templates ship with the platform, pre-mapped to the Indentia control catalogue.

The same foundation covers NIS2, ISO 27001/42001, DORA and industry-specific frameworks. Auditor-ready evidence is generated from the same audit trail.

IT & Architecture

Runs on your infrastructure. No single-vendor dependency.

For the people who have to deploy, run and explain it to the CISO. Indentia runs entirely inside your environment — your data centre, your private cloud cluster, or even without an internet connection. If our partnership ends tomorrow, your data and processes keep working, because we build on open standards your team already knows.

  • Inside your environment — data centre, private cloud, or bare metal
  • Works without internet (air-gapped) — nothing leaves your network
  • Open standards — your team can adapt, audit and migrate themselves
  • Configuration as code — every change visible, traceable and reversible
  • NATS event mesh and signed edge agents for hundreds of remote sites
  • Or fully managed — we also offer Indentia as a SaaS service if you prefer to hand the operations to us

Sectors

Where Indentia truly belongs.

Defence & Government

Fully inside your perimeter, even without internet. Open and closed sources — including Rijksoverheid.nl and Tweede Kamer documents — brought together and strictly compartmented at role level. Parliamentary questions and ministerial decisions rendered inline, linked to persons and dossiers.

Banking & Insurance

AI without audit risk. Personal data is detected and shielded up front, every answer is traceable to its source, and evidence for regulators is ready on demand.

Healthcare

WGBO- and GDPR-compliant. Patient data stays in your environment, with automatic personal-data detection and strict role-based access.

Energy & Critical Infra

NIS2-compliant and suitable for the OT zone. AI supports operators with context from both office and process environments — without breaking the air-gap. Edge agents connect over a NATS event mesh with per-device credentials.

Research & R&D

Decades of papers, decks, recordings and code searchable in context. References down to the page or video frame.

Industry & IoT

Business concepts, asset models and live sensor signals linked in one ontology. Edge agents stream telemetry; the visual ontology editor lets engineers shape the model without writing RDF by hand.

Pilot in 2–4 weeks

Tell us what you really want to deliver.

Sketch what you actually want to deliver — we'll put on the table how Indentia would tackle it, which sources, on what timeline. And if we're not the right fit, you'll hear that in the same session.

Start the conversation