CapabilitiesHow it worksSecurityPricingContact
Book a demoGet started
Security • GDPR-aligned compliance AI

Normax is a secure compliance AI workspace for company documents, GDPR policies, contracts and operating procedures. It combines EU data services*, HTTPS/TLS, platform-managed encryption, source-cited answers and transparent AI processing so teams can use AI for compliance without losing control of their files.

Get startedBook a security walkthrough

Data services

EU*

Transport

HTTPS/TLS

Answers

Source-cited

Training

No third-party training

Security foundations

Designed for trust.
Written without smoke.

Security is not a badge on the footer. In Normax it is a product architecture: controlled workspaces, protected transport, document-grounded retrieval, visible sources and clear terms on how AI providers process data.

GDPR-aligned by design

Normax is built for Italian and European organizations that need to manage compliance documents, personal data procedures and audit history with clear privacy roles.

EU data services*

Application data and files use European services selected by Normax. Provider details, limits and locations are documented in the Terms, DPA and Privacy Policy.

Encrypted transport

Every browser session and document exchange uses HTTPS/TLS, reducing exposure while files, prompts and responses move between the user, Normax and integrated services.

Platform encryption at rest

Files and application data hosted on Firebase and Google Cloud benefit from platform-managed encryption at rest and hardened cloud infrastructure.

No third-party training

Your documents are processed to answer your requests. They are not used by third-party AI providers to train general-purpose models.

Source-cited AI answers

Normax answers from the documents you upload and cites the relevant source. If the answer is not in your files, the product is designed to say so.

Transparent AI processing

When AI generation is needed, document extracts may be processed by integrated providers over protected channels, with details explained in legal documents.

Human-readable controls

Security choices are expressed in product language your legal, HR, finance and operations teams can understand before they rely on an answer.

Operational controls

A safer path
from upload to answer.

The security model follows the real workflow: upload the document, protect the workspace, retrieve only relevant passages, generate a grounded answer and keep the user in control of what is cited.

Access surface

Workspace-first

Company documents live in structured workspaces rather than scattered chats or personal drives.

Knowledge source

Your documents

Answers prioritize uploaded files and distinguish internal sources from optional public web search.

Verification

Citation visible

The user can trace key claims back to the file and section used by the assistant.

Security control stack

A living model of how Normax keeps context, sources and processing visible.

monitored
01

Workspace boundary

Documents are organized inside a product workspace built for teams, roles and shared compliance context.

02

Protected transport

User sessions, uploads and AI requests move over HTTPS/TLS and use the security controls of the underlying cloud platforms.

03

Grounded retrieval

The assistant searches your indexed documents for relevant passages before generating a compliance answer.

04

Visible answer trail

The final response stays connected to sources, so teams can review what the AI relied on before acting.

AI processing

Clear about
what happens.

Normax is deliberately explicit about AI processing because compliance teams need more than a black box. The flow below explains the security-relevant steps in plain language.

01

Upload

You upload contracts, privacy policies, GDPR records, procedures or internal manuals into a controlled Normax workspace.

02

Index

Documents are parsed and indexed so Normax can retrieve the exact passages that matter for a question.

03

Generate

Relevant extracts may be sent to integrated AI providers over protected channels to produce a structured answer.

04

Verify

The answer returns with sources and operational context, helping the user decide whether it is complete enough to use.

Security FAQ

Questions security-minded teams ask first.

Normax is designed for sensitive compliance documents: HTTPS/TLS in transit, platform-managed encryption at rest on Firebase and Google Cloud, EU data services*, source-cited answers and transparent processing terms. Final suitability depends on your internal risk assessment and contractual requirements.

No. Customer documents are processed to provide the Normax service and answer user requests; they are not used by third-party AI providers to train general-purpose models.

Normax data services are hosted in the EU*. The exact providers, locations, limits and related terms are documented in the Terms of Service, DPA and Privacy Policy.

Any AI system can be imperfect, but Normax reduces the risk by grounding answers in uploaded documents and showing sources. If the answer is not in your files, the product is designed to say so rather than invent a source.

No. Normax helps teams read, organize and query compliance documents faster. It does not replace professional advice, legal review or final responsibility for decisions.

Security you can read.
Compliance you can verify.

Test Normax on a real policy, contract or GDPR procedure and see how secure document-grounded AI changes daily compliance work.

Get startedBook a demo

2-minute setup · No credit card · EU data services*