Skip to main content

EU AI Act Compliance

HOW STATUSFORGE ALIGNS WITH REGULATION (EU) 2024/1689

1. Our Role Under the AI Act

StatusForge is a provider of structured data for AI systems, not a provider of an AI system itself. We supply consented, first-party professional data through an API that AI systems use as a data source. Under the AI Act, this places obligations on us as a data provider to AI system providers.

We do not develop, train, or deploy AI models. We are upstream of AI systems — we provide the ground truth that AI systems consume to improve accuracy about real people.

2. Risk Classification

StatusForge’s core service does not fall within the categories of prohibited or high-risk AI systems defined in Annexes I–III of the AI Act. Specifically:

  • Not a prohibited practice (Art. 5): We do not perform social scoring, exploit vulnerabilities, use subliminal techniques, or conduct real-time biometric identification.
  • Not a high-risk AI system (Art. 6, Annex III): We do not make automated decisions about employment, creditworthiness, education access, law enforcement, or migration. Our terms contractually prohibit partners from using our data for these purposes.
  • Limited risk (Art. 50 transparency): Our AI Coverage Index is an algorithmic score that measures profile completeness. It is informational and does not interact with natural persons in a way that requires disclosure as an AI system.

3. Data Quality Obligations (Art. 10)

As a data provider to AI systems, we take the following measures to ensure data quality:

  • First-party sourcing: All data comes directly from the data subject. We never scrape, infer, or fabricate information.
  • Consent verification: Every profile has a timestamped consent record. Consent is explicit and informed.
  • Content screening: Submissions are screened for harmful, fraudulent, or misleading content before publication.
  • Update mechanisms: Users can update their data at any time through their dashboard, ensuring accuracy.
  • Deletion propagation: When a user deletes their data, we notify all API consumers to purge cached copies.

4. Transparency (Art. 13 & Art. 50)

We maintain transparency through:

  • Algorithm documentation: The AI Coverage Index algorithm is fully documented, with each component (Visibility, Accuracy, Depth, Profile Strength) explained with its weight and calculation method.
  • Right to explanation: Users can request a detailed, human-readable explanation of their AI Coverage Index score via our API (/api/explain-score) or by emailing us.
  • Public transparency report: Monthly report at /transparency with profile counts, API queries, deletions, opt-outs, and incidents.
  • Provenance receipts: Every API response includes a cryptographically signed provenance receipt documenting the data source, consent status, and usage restrictions.

5. Human Oversight (Art. 14)

StatusForge is designed for human oversight at every level:

  • User control: Users decide what information to share, can edit or delete at any time, and individually approve each connection request.
  • No automated consequential decisions: The AI Coverage Index is advisory only. No automated system makes decisions about users based on it.
  • Partner restrictions: API terms contractually require human review before any decision affecting an individual’s legal rights, employment, credit, or access to services.
  • Override capability: Users can override any system output by editing their profile, requesting corrections, or opting out entirely.

6. Fundamental Rights Impact Assessment

We have assessed the impact of our processing on fundamental rights as required by Articles 26–27:

Right to Privacy and Data Protection

Impact: Moderate. Professional data is made available to third parties by design.

Mitigations: Explicit informed consent, granular control, real deletion, do-not-sell opt-out, 15-day deletion SLA, provenance receipts, partner contractual restrictions.

Right to Non-Discrimination

Impact: Low. We do not collect sensitive categories (race, religion, health, sexual orientation).

Mitigations: Content screening filters harmful content. Partners prohibited from using data for discriminatory purposes. Free tier ensures access regardless of ability to pay.

Right to Fair Working Conditions

Impact: Positive. StatusForge gives individuals control over their professional representation in AI systems, correcting inaccuracies and hallucinations that could harm career prospects.

Mitigations: No automated hiring decisions permitted. Users are paid for their data contribution.

Freedom of Expression and Information

Impact: Positive. StatusForge empowers individuals to speak for themselves in AI systems rather than having AI fabricate information about them.

7. Partner Compliance Requirements

All B2B API partners must agree to the following AI Act-aligned terms:

  • Do not use StatusForge data for automated decisions in high-risk categories (employment, credit, insurance, education, law enforcement, migration).
  • Maintain human oversight when StatusForge data informs any decision affecting an individual.
  • Honor deletion notifications within 30 days and purge all cached data.
  • Do not use StatusForge data to train AI models that produce social scores or discriminatory outputs.
  • Maintain records of data usage and provide them to StatusForge on audit request.
  • Report any suspected misuse of data within 48 hours.

Violations result in immediate API access revocation and may be reported to relevant authorities.

8. Record-Keeping and Audit

We maintain the following records as required by the AI Act:

  • Timestamped consent records for all data subjects
  • API query logs (retained 24 months)
  • Privacy request audit trail (retained indefinitely)
  • Partner compliance agreements
  • Incident reports and remediation records
  • Monthly transparency reports
  • DPIA and FRIA documentation

These records are available to supervisory authorities on request.

9. Ongoing Compliance

The EU AI Act is being implemented in phases through 2027. We are committed to:

  • Monitoring regulatory guidance and adapting as requirements clarify.
  • Participating in relevant industry standards development.
  • Updating this page as new obligations come into effect.
  • Maintaining open communication with users about compliance changes.

We welcome the AI Act and similar regulation. We built StatusForge to be ahead of these laws, not to evade them.

Contact

For AI Act compliance inquiries:

[email protected]

STATUSFORGE
PRIVACYGDPRDPA