Acta acta.ink
Art. 26 deployer obligations enforceable August 2, 2026

EU AI Act is here.
Are you ready?

Art. 26 deployer obligations are enforceable from August 2026. Acta helps you monitor AI usage, enforce data protection policies, and build the evidence trail regulators expect.

Try Acta free See how it works
Scans locally in the browser Zero prompts on our servers EU-hosted

Built for

ChatGPT
Claude
Gemini
Copilot
Perplexity
+ more

These things happen every day, everywhere.

And most organisations have no way to know.

Paralegals

paste client medical histories into ChatGPT to summarise for case files.

Art. 9 special category data reaching AI provider servers with no audit trail.

Recruiters

upload batches of CVs to Claude to screen candidates faster.

Names, addresses, nationalities, disability status sent without oversight or logging.

Developers

ask Copilot to debug code containing production database credentials.

Live secrets in a third-party model's context. No one notices.

A regulator will ask: "How do you monitor and control this?"

Acta gives you the answer, with evidence.

Why Acta

"We have ChatGPT Enterprise"
is not a compliance strategy.

Enterprise plans protect the provider's liability. Your deployer obligations under Art. 26 (oversight, monitoring, audit, data protection) remain entirely yours.

Enterprise AI plans Through Acta
Pre-send scanning None AI-powered, multi-layer, every prompt
Art. 9 data blocking None Hard block before send
Data used for training Opt-out varies by provider Never. Standard API policy, no training
Provider data retention 7-30 days (varies by provider) Standard API retention, zero-retention opt-in
Your audit data Provider's admin console Your private storage. You control retention
Works across AI tools One provider only All major tools + any API
Custom blocked terms No Client names, project codes, anything
Response integrity No Source attribution + opt-in dual-model verification
Blocked prompt escalation No Manager approval workflow for policy exceptions
Budget visibility Per-seat, opaque usage Per-request, every spend visible
AI literacy + training No Evaluate, train, and improve AI usage across teams
Agentic AI compliance No Full chain logging + policy enforcement

How it works

Two minutes to install. Immediate visibility.

01

Install the extension

Push to managed browsers via MDM/GPO, or install from Chrome Web Store. Starts scanning immediately on all major AI tools.

02

See what's happening

Employees get warned before sending sensitive data. Your dashboard shows every flag, the reason behind it, and who triggered it. Full visibility across all AI tools.

03

Enforce, log, and improve

Hard blocking, full audit trail, custom rules, manager approval workflows, and multi-model AI access. Replace scattered AI subscriptions with one compliant platform. Track how your team uses AI and help them get better.

The platform

One platform for AI compliance, control, and growth.

Enforce data protection policies on the AI tools your team already uses. Then consolidate to one compliant platform, cut duplicate subscriptions, and help your team get better at AI.

Policy enforcement

Blocked: Art. 9 health data

Cannot be sent. Logged to audit trail.

Request manager approval

Flagged: client name detected

Sending requires a reason.

Edit prompt Send anyway →

AI literacy insights

Prompt clarity
Model fit Overqualified for task
Task type Research summary

Invisible to employee. Saved for training plans.

Enforce policies. Build your audit trail. Help your team get better at AI.

Every prompt passes through multiple layers of AI-powered scanning before it reaches any AI model. Acta detects personal data across 17 EU jurisdictions, flags sensitive topics, understands context, and scores risk based on what it finds. Art. 9 special category data is hard-blocked. If an employee sends despite a warning, they must give a reason, and the event is logged. Blocked prompts can be escalated to a manager for approval. Every flag explains exactly what was detected and why.

  • AI-powered multi-layer scanning on every prompt before it's sent
  • Art. 9 + credential hard blocking with manager approval workflow
  • Send anyway requires a reason, logged with full context for audit
  • Detects personal data across 17 EU countries with smart verification
  • Response integrity: enforces source attribution and flags unverified claims
  • Opt-in dual-model verification: independent AI cross-checks every response
  • Risk scoring: escalates automatically when multiple data types appear
  • Custom blocked terms for organisation-specific data policies
  • Audit trail on your private storage, evidence a regulator can review
  • AI literacy evaluation, training insights, and usage improvement data
  • Multi-model AI access (ChatGPT, Claude, Gemini, and more) in one platform
  • Budget controls per team, zero prompt data on Acta servers

Agentic AI

Your team deploys AI agents.
Can you audit every decision they make?

Teams are deploying AI agents to automate their work. These agents make autonomous decisions across dozens of API calls, use tools, chain requests, and take actions without human review. The EU AI Act treats autonomous AI with the highest scrutiny. Acta gives you full accountability.

Full chain logging

Every API call, tool use, and model response is logged to your audit trail. If an agent processes sensitive data across 15 calls, you can trace the entire chain.

Same policies, automatic enforcement

The same multi-layer scanning, Art. 9 blocking, and custom rules that protect human conversations also run on every agent API call. No data slips through.

Works with any agent framework

Route agent traffic through the Acta API proxy. Compatible with OpenAI and Anthropic APIs, including Claude Code, Codex CLI, LangChain, and custom agents.

Human conversations get proportionate logging. Agent API calls get full logging. Because autonomous AI demands full accountability.

Free

Extension to start

All

Major AI tools covered

<3ms

Scanning latency

0

Prompts on our servers

Pricing

Free to warn. Pay to enforce.

Start with the free extension. Upgrade when you need enforcement, audit trails, and AI access.

Free Extension

Free

forever, no account needed

  • PII + credential detection
  • Sensitive topic flagging (health, legal, financial)
  • Clear reason shown on every flag
  • Anonymous warning count for admins
  • All major AI tools, 100% local
Install free extension
Usage-based

Acta

Based on usage

You only pay when you use Acta.

  • Everything in Free, plus:
  • Hard blocking (Art. 9, credentials, custom rules)
  • Manager approval workflow for blocked prompts
  • Full audit trail on your private storage
  • No model training on your data, ever
  • Zero data saved on Acta servers beyond billing
  • Standard API retention (7-30 days), zero-retention opt-in available
  • Response integrity with source attribution enforcement
  • Opt-in dual-model verification for critical outputs
  • AI literacy evaluation, training insights, and usage improvement
  • Multi-model AI (ChatGPT, Claude, Gemini, and more)
  • Agentic AI compliance (full chain logging)
  • Budget controls per team
Start with Acta

No per-seat pricing  ·  No monthly minimum  ·  No commitment  ·  How pricing works

Large team or enterprise? Let's talk

EU AI Act obligations Acta helps address

Acta provides technical controls and evidence. Compliance depends on your governance processes alongside these tools.

Art. 4 AI literacy: evaluate, train, and improve AI usage across teams
Art. 9 Special category data detection + blocking
Art. 14 Human oversight: escalation workflows
Art. 26 Deployer obligations: monitoring + audit

Questions? Get in touch

Common questions

What exactly is Acta?

Acta is a compliance platform for organisations that use AI. A browser extension scans every prompt through multiple layers of intelligent detection before it reaches any AI model. Art. 9 special category data is hard-blocked, employees who send despite a warning must give a reason and the event is logged, blocked prompts can be escalated to a manager for approval. Your audit trail lives on your own infrastructure. Acta also replaces scattered AI subscriptions with one multi-model platform (ChatGPT, Claude, Gemini, and more) and evaluates how effectively your team uses AI, giving you data for targeted training, better prompts, and measurable improvement.

How does AI literacy evaluation work?

When your team uses AI through Acta, the platform silently evaluates each conversation: prompt clarity, model fit, task patterns. This is invisible to the employee. Evaluations are saved to your audit log. Over time, Acta generates personalised training recommendations per employee or team, helping them write better prompts, choose the right models, and measurably improve their AI results. No emotional analysis, no personality profiling. Just AI usage competence data that also serves as Art. 4 compliance evidence and drives real improvement in how your organisation uses AI.

How does billing work?

Usage-based. You pay per flagged event (when Acta blocks, logs a send-anyway, or triggers a rule). Clean messages cost nothing. AI model access: token cost plus a small margin. No per-seat pricing, no monthly minimum, no commitment. Standard API data retention applies (7-30 days depending on provider), with zero-retention opt-in for organisations that need it.

What happens to my data?

Scanning happens locally in the browser, nothing leaves before it's checked. Flagged events and AI literacy evaluations are written to your private storage. Zero prompt data on Acta servers. Zero training on your data. We never see your prompts.

What about agentic AI and API traffic?

Teams deploy AI agents to automate their work, and those agents make autonomous decisions across many API calls. Acta's API proxy applies the same multi-layer scanning, Art. 9 blocking, and custom rules to every agent request. Full conversation chains are logged for accountability. Works with any OpenAI or Anthropic compatible agent framework.

Does Acta guarantee EU AI Act compliance?

Acta provides the technical controls and evidence trail: PII detection, audit logging, policy enforcement, AI literacy data. Compliance depends on how your organisation uses these tools alongside its own governance processes. Our docs cover the shared responsibility model.

Can employees bypass it?

Art. 9 and credential blocks cannot be bypassed, but employees can request manager approval for legitimate use cases. For other warnings, employees can choose to send anyway, but they must give a reason and the event is logged. Every flag always shows a clear explanation of what was detected, so employees understand why something was flagged.

Which AI tools are supported?

Acta works on ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, and more. Every prompt passes through AI-powered multi-layer scanning that detects personal data, sensitive topics, and risks. Every flag shows a clear reason. The API gateway supports any OpenAI or Anthropic compatible integration, including agent frameworks.

Art. 26 enforcement: August 2, 2026

Your team used AI today.
Do you know what they shared?

Install the free extension. See the warning count in 5 minutes. Decide what to do about it.

Try Acta free

Free forever  ·  No account needed  ·  Enforce when ready