AI systems are accessing sensitive data via external models, tools, and agents.

For DPO & CISO

Review AI access without
chasing scattered evidence.

Data categories, raw export flags, subprocessors, model exposure, agent boundaries, and Signal Receipts — one structured workspace for DPO and CISO review.

Privacy evidence per systemAgent tool boundariesRaw export flagsDPO-ready exportsNot legal certification

DPO Review

CISO Review

Procurement

Data categoriesPersonal data · No Art. 9

DPIA completedRequired for high-risk AI

DPA signedEU standard clauses

Raw export flagraw_data: off

SubprocessorsList not provided

2 gaps block clearanceReview Required

AI evidence is not a PDF. It is a structured decision record.

DPOs and CISOs are expected to sign off on AI access. Without structured evidence — per system, per reviewer role, per access decision — those sign-offs are not defensible.

For DPOs

Privacy evidence, structured per AI system.

Every AI system that processes personal data needs a structured privacy evidence record — not a vague vendor claim.

“Which AI systems process personal data — including special category or children's data?”

Every Evidence Passport maps data categories explicitly, including GDPR Art. 6 and Art. 9 legal basis. Filter across your entire AI estate by data type.

“Is there a DPIA? Is the DPA signed? Is data leaving the EU?”

Privacy evidence section in every Passport covers DPIA status, DPA signature, data residency, retention period, and right-to-erasure support.

“Does this vendor train on our data?”

Raw training use flag — on/off — is an explicit required field in every Passport. No ambiguity.

“Can I export a DPO-ready summary for board review?”

One-click export of a structured evidence pack (PDF or JSON) covering identity, data categories, legal basis, restrictions, Signal Receipts, and access decision.

Local evidence — no raw data upload required

Evidence without centralising raw data.

Data Boundary — RAG / Local Evidence

Stays inside your perimeter

Raw documents

Model weights

Prompts & completions

Personal data

Embeddings

→

Only receipts leave

Leaves as Signal Receipt

✓Metric score only

✓Ed25519 signature

✓Hash (not data)

✓Timestamp + metadata

raw_export: off

For CISOs

Agent boundaries, tool access, and egress — before production.

AI agents can call tools, write to systems, and export data. CISOs need to see those boundaries before agents reach production.

“Which AI agents have credentials? What tools can they call?”

Agent Passports define allowed tools, allowed systems, and credential scope before the agent runs. CISO approves or restricts from Compass Review.

“Is this vendor ISO 27001 certified? When was the last pen test?”

Security posture section in every Passport: ISO 27001, SOC 2, pen test dates, encryption standards, vulnerability disclosure, zero-trust posture.

“Can this RAG system expose overshared internal documents?”

RAG Signal Receipts cover groundedness and retrieval quality without exporting raw documents. Data boundary flags show whether raw content can be accessed.

“Can I revoke access to a risky agent immediately?”

One-click revocation from the Agent Passport. Runtime trace is suspended. Action logged with timestamp and actor.

Agent Boundary Map

passport: active

Research Agent

Owner: J. Moreau · Expiry: 30 Sep 2026

Allowed tools

✓ web_search

✓ pdf_read

✓ email_draft

✓ crm_read

Blocked

✗ email_send

✗ crm_write

✗ hr_system

✗ external_api

Human approval: required before send

Trace logging: all tool calls

Common CISO triggers

AI agent can send emails or write to CRM

Model API creates new data egress path

RAG system queries internal document store

Agent uses credentials for internal systems

Vendor uses third-party model sub-processors

Review workflow

From evidence request to access decision.

Evidence requested

Procurement or AI Lead requests a Passport from the vendor.

Passport completed

Vendor completes the structured evidence profile in Vendor Dock.

Routed to reviewer

Compass assigns the review to DPO, CISO, or both based on risk tier.

Review & decision

Reviewer checks evidence against role-specific checklist. Gaps are flagged.

Access decision logged

Cleared, limited, local-only, or blocked — with conditions and rationale.

Common questions

How AffectLog fits your current role.

“We already use Microsoft Purview / our own privacy tooling.”

Microsoft Purview helps classify data inside Microsoft 365. AffectLog helps you decide whether this specific AI supplier, RAG workflow, or agent should be allowed to access that data — and records the evidence behind each decision.

“We cannot upload raw data, prompts, or models for evidence collection.”

The Edge Capsule runs every diagnostic where the data lives. Only the signed Signal Receipt leaves — never raw data, prompts, model weights, or documents.

“Our DPO review process is already established.”

AffectLog structures the technical evidence that feeds your existing DPO review. It does not replace your DPO — it makes their review faster, more consistent, and auditable.

Get started

Know which AI systems need your review
before the next audit.

A Provena Scan maps your AI estate, identifies missing privacy and security evidence, and creates a review-ready list for DPO and CISO sign-off.

AffectLog provides technical and operational evidence to support AI access, supplier-risk, security, privacy, and governance review. Not legal advice, certification, or regulatory approval.

Review AI access withoutchasing scattered evidence.