A defensive position, exportable for the DPO.

Transparency obligations, by design.

EU Reg. 2024/1689 Art. 50 enters into force on 2 August 2026. The transparency obligations apply to every AI system used in the EU: disclosure of human-machine interaction, synthetic-content marking, disclosure of biometric recognition and deep-fake labelling.

Lemnia is classified as a limited-risk AI system. Every dossier, every report and every voice answer carries an AI-generation footer, and every query is logged in a BLAKE3-signed processing register, exportable for the auditor or the court. Strict-pack outputs (dunning, quotation, supplier-risk brief) admit no hedging, while hedged-pack outputs (customer dossier, business-knowledge dossier) use a per-pack whitelist of marker phrases.

A cybersecurity surface ready for the ACN audit.

• Access log

  Every login, every dossier read and every report export is captured with timestamp, device id and user attribution. Exportable per the access-log schema published by Agenzia per la Cybersicurezza Nazionale.

• Patch management

  Lemnia engine updates ship signed (Ed25519). The update cadence is 24h or less for critical security and 14d or less for regular updates. The verifier shows the patch chain back to the binary on disk.

• Separation of duties

  Tenant-scoped RBAC inherited from the source systems. The admin role, the DPO role and the operator role stay distinct, and action attribution is preserved in the signed register.

• BCP / DR

  A local backup of the graph store and the blob store runs nightly to a tenant-controlled volume. Restore-test artefacts are surfaced quarterly through the GDPR + AI Act compliance report.

A pre-signed template, tailored by sector.

Lemnia ships a per-niche DPIA template (Garante Provv. 467/2018 schema) pre-filled with the data flows, the retention windows, the sub-processor list and the risk-mitigation measures specific to the sector: manufacturing, distribution, services, professional studios and e-commerce.

The DPO reviews and signs the document, with no drafting from scratch. The signed DPIA enters the company's GDPR Art. 30 documentation set, alongside the BLAKE3-signed processing register that Lemnia exports on demand.

BLAKE3 per query, exportable in one click.

Every interrogation Lemnia handles enters an append-only log. Each entry carries timestamp, tenant id, operator id, query text (or voice transcription), retrieval graph path, source citations, output text and model hash, and the entire entry is sealed BLAKE3.

The export formats are PDF (signed) for the auditor, JSON-LD (signed) for the DPO's records system and CSV (signed) for spreadsheet review. The register satisfies GDPR Art. 30 record-of-processing requirements and the evidentiary standard suggested by Tribunale di Siracusa 338/2026.

Nobody sees what they could not already see.

Lemnia indexes the documents, emails, messages and operational records the company already holds. Each document carries a document-level access-control list mirrored from the source system that owns it, whether the file share, the mailbox, the e-commerce back office or the ticketing platform.

That ACL is enforced at retrieval, before ranking. No result, snippet, citation or dossier sentence reaches an operator who lacks the corresponding permission in the source system. The company-wide knowledge graph does not widen any individual's reach, since it makes accessible, in one place, only what each operator was already entitled to read (CST.494).

Ingested content is data, never instruction.

Every document indexed in the operational mind is treated as a potential injection vector. Ingested and retrieved content (connector payloads, email, WhatsApp and Zendesk threads, OCR text, content drawn from external MCP sources) is data only, never an instruction Lemnia executes.

Untrusted content is delimited at retrieval. The cloud agentic planner never executes directives found inside retrieved text, and tool-call arguments are never sourced verbatim from document content. A hostile sentence buried in a supplier email or a scanned invoice cannot redirect the system (CST.496).

A self-scoped decision journal, never a monitoring tool.

Each operator has an optional Personal Decision Graph: a local-only, self-scoped journal of the decisions that operator recorded. It is cryptographically isolated to its owner, and no employer console and no HQ console reads it.

It is descriptive only. It never feeds scoring, evaluation or task allocation, and it is excluded from any process bearing on a worker. The operator purges it under GDPR Art. 17 at will. The design holds the limited-risk AI Act perimeter and is compatible with the Statuto dei Lavoratori art. 4 prohibition on remote worker monitoring (CST.495).

Empty by design, save for cloud-burst (Pro mode).

In its default deployment (T1 standalone, T2 LAN, T3 sovereign on-prem) Lemnia has no sub-processors. Data never leaves the customer's hardware and the sub-processor list stays empty.

When the customer opts in to cloud-burst (Pro mode, ingest and long-generation only), the sole sub-processor is the EU-hosted GPU provider (currently RunPod EU, with migration to Hetzner SEV-SNP planned per CST.91). Each cloud-burst batch requires explicit per-batch consent, captured in the signed register.

ISO 27001 and SOC 2 Type II, in progress.

Lemnia s.r.l. has begun the ISO/IEC 27001:2022 certification process, with a Stage-1 audit scheduled for Q3 2026 and Stage-2 for Q1 2027. The SOC 2 Type II observation window opens in Q2 2026 with a 12-month observation closing in Q1 2027.

As interim assurance, the full Trust Center pack (sub-processor list, security policies, key-rotation policy, retention schedule, audit-log sample) is available under mutual NDA. Contact: dpo@lemnia.app.