AI Governance & EU AI Act Compliance
Witboost provides enterprise-grade AI governance capabilities while ensuring full compliance with the EU AI Act (Regulation 2024/1689).
Witboost Is Not an AI System
Witboost is a data product lifecycle management platform — it handles governance, templating, and DevOps automation. AI features are entirely optional and additive. The core platform operates as a purely deterministic system.
AI Features: Witty Copilot
When enabled, Witboost's AI copilot ("Witty") assists with:
- Generating data product descriptions from metadata
- Suggesting governance policies
- Assisting with data contract authoring
- Natural language search across the catalog
Key Safeguards
| Safeguard | Implementation |
|---|---|
| Disabled by default | AI features are not active unless explicitly configured and enabled |
| Customer-controlled backend | All LLM calls route through the customer's own AI service (e.g., Azure OpenAI) |
| No Agile Lab intermediation | Agile Lab does not host, operate, or intermediate any AI model service |
| Human oversight | Every AI suggestion requires explicit human approval (Accept/Reject) |
| Full transparency | Users see complete diffs of proposed changes before applying them |
| No training on customer data | Enterprise AI deployments have training opt-out enabled by default |
EU AI Act Classification
| Criterion | Witboost Assessment |
|---|---|
| Risk Category | Minimal-risk |
| Agile Lab Role | Agile Lab is not an AI Provider — Witboost is a platform that can optionally integrate with customer-managed AI services |
| High-Risk (Annex III) | No Annex III use cases apply |
| GPAI Model | Witboost is not a General-Purpose AI model |
| Transparency Obligations | Met — AI-generated content is clearly labeled |
| EU Establishment | Yes — Agile Lab is based in Italy (EU) |
Why Minimal-Risk?
- Witboost is an orchestration/governance layer — it does not make autonomous decisions about individuals
- No personal data processing — AI features operate on metadata only (schemas, policies, lineage)
- No high-risk use cases — The platform is not used for biometric identification, credit scoring, employment decisions, or any Annex III category
- Complete human oversight — All AI suggestions require explicit human approval
- Optional and disableable — AI features can be fully disabled at any time
AI Data Flow
When Witty is enabled:
User Query → Witboost Platform → Customer's Azure OpenAI Instance → Response → Human Review → Accept/Reject
- Contextual metadata (data product descriptions, schema info) is sent to the customer's own Azure OpenAI instance
- Data stays within the customer's cloud tenant and chosen region
- No data sent to Agile Lab at any point
- Customer has full control over which data is included in AI prompts
AI Features Disabled = Zero AI Activity
When AI features are not enabled:
- No LLM calls
- No outbound AI traffic
- No model inference
- Platform operates as a purely deterministic governance system
AI Governance for Customer's AI Workloads
Beyond Witboost's own AI features, the platform provides governance capabilities for the customer's AI/ML workloads:
- AI model cataloging — Register and catalog AI models as data products
- Model lineage — Track data lineage from training data through model deployment
- Policy enforcement — Apply computational governance policies to AI workloads
- Quality gates — Enforce quality and compliance checks before AI model deployment
- Responsible AI metadata — Attach fairness, bias, and explainability documentation to AI products
This enables organizations to implement AI governance frameworks that comply with the EU AI Act across their entire AI landscape — not just within Witboost.