📄 AI Risk Assessment
EU AI Act Compliance Documentation — v2.1
AI RISK ASSESSMENT — ZIZKA.AI
1. SYSTEM IDENTIFICATION
2. SYSTEM DESCRIPTION
Purpose:
Allow founders to manage tasks, emails, calendar events, invoices, CRM records, and project management tools using natural language. The AI interprets intent — humans confirm and execute.
5-Layer AI Pipeline:
Data Storage Architecture:
3. RISK ASSESSMENT
| Risk | Likelihood | Impact | Mitigation | Residual |
|---|---|---|---|---|
| AI misinterprets user intent | Medium | Low | Hardcoded guardrails, semantic routing, human confirmation for sensitive actions | LOW |
| Incomplete parameters sent to tool | Low | Medium | Guardrails validate 100% of parameters before dispatch. AI blocked from calling tools directly. | VERY LOW |
| Unauthorized data access | Very Low | High | OAuth 2.0 per integration, userId isolation in all queries, session token enforcement | VERY LOW |
| Third-party PII stored in Pinecone | Mitigated | High | Full content kept for last 40 messages (context window); older messages dropped. Vectors expire after 7 days (TTL). | LOW |
| AI-generated email not disclosed | Mitigated | Medium | AI disclosure footer appended to all outbound emails. User-toggleable, on by default. | VERY LOW |
| User cannot delete their data | Mitigated | High | DELETE /api/user/delete-data wipes Pinecone + PostgreSQL on demand. 7-day TTL also enforced. | VERY LOW |
| No consent recorded before AI use | Mitigated | High | First-time-only consent: modal when no consent in DB; backfill on first use. POST /api/user/consent logs timestamp. | VERY LOW |
| Tool failure goes unrecorded | Mitigated | Medium | IncidentLog auto-captures TOOL_FAILURE on MULTI_ACTION errors. User flagging via /api/user/flag-response. | LOW |
| Stale conversation data beyond 7 days | Mitigated | Medium | expiresAt metadata on all Pinecone vectors. Weekly (Sunday 00:00) CRON_SECRET-protected cleanup endpoint. | VERY LOW |
| Excess data fetched from integrations | Mitigated | Medium | Gmail uses format=metadata (headers only). Integration calls use field-level filtering where APIs support it. | VERY LOW |
| Sub-processor data extraction or training | Mitigated | High | OpenAI and Pinecone contractually bound not to extract or use data for training. No secondary use. | VERY LOW |
| Service disruption | Low | Medium | Graceful error handling, never exposes raw errors, fallback responses, rate limiting | LOW |
| Data breach | Very Low | High | AES-256 token encryption, TLS 1.3, no raw secrets in logs, per-user data isolation | VERY LOW |
Overall System Risk: LIMITED RISK (Article 52 — Transparency obligations)
No high-risk use cases (no employment decisions, no credit scoring, no biometric surveillance, no critical infrastructure). Strong human oversight, comprehensive validation layers, data minimisation, and active incident logging.
4. EU AI ACT & GDPR COMPLIANCE MEASURES
Article 52(3) — AI-Generated Content Disclosure
All emails sent via Gmail by the AI automatically include a one-line AI disclosure footer. Toggleable per user via aiDisclosureFooter flag in PostgreSQL. No AI-generated email reaches a third party without attribution.
✅ ImplementedArticle 14 — Human Oversight
AI interpreter never has direct tool access. All actions pass through hardcoded guardrails and backend validation. No autonomous execution. User confirmation required for MULTI_ACTION and ambiguous requests.
✅ ImplementedArticle 13 / Article 52(1) — Transparency to Users
Users are fully aware they interact with an AI assistant. Consent modal shown before first use. Product identity is unambiguous. AI system capabilities and limitations documented in Technical Documentation.
✅ ImplementedGDPR Article 7 + EU AI Act — Consent Management
consentAcceptedAt timestamp recorded per user on first use (first-time-only consent). Consent modal shown when backend has no consent recorded; no 403 enforcement. POST /api/user/consent logs timestamp. Single source of truth is database.
✅ ImplementedGDPR Article 17 — Right to Erasure
DELETE /api/user/delete-data wipes all Pinecone vectors, conversation records, AI request logs, and incident logs for a user on demand without deleting their account.
✅ ImplementedGDPR Article 20 — Right to Data Portability
GET /api/user/export-data returns full structured JSON of all stored user data (profile, conversations, integrations, AI usage logs, incident logs). OAuth tokens excluded from export.
✅ ImplementedGDPR Article 5(1)(c) — Data Minimisation
Gmail is send-only (gmail.send scope); we do not read or store email content. AI response content sanitised before Pinecone storage — raw tool data never persisted. Only intent summaries and user-facing content with 7-day TTL stored.
✅ ImplementedArticle 12 + GDPR — Record-Keeping & Audit Trail
AiRequest table logs every chat turn with tool, action, responseTimeMs, tokenEstimate, estimatedCost, wasRejected, integrationsAccessed, flaggedByUser. IncidentLog table captures tool failures and user-flagged responses. Full audit trail available to admin.
✅ ImplementedArticle 9 — Risk Management & Incident Reporting
IncidentLog model in PostgreSQL (types: TOOL_FAILURE, USER_FLAG, GUARDRAIL_BLOCK). Tool failures in MULTI_ACTION auto-logged. POST /api/user/flag-response lets users report problematic AI responses, marking AiRequest.flaggedByUser and creating an incident entry.
✅ ImplementedGDPR Chapter V — Data Retention & TTL
All Pinecone vectors carry expiresAt metadata (7-day TTL). cleanupExpiredVectors() in conversation-memory.service.ts. POST /api/cron/cleanup-expired-context (CRON_SECRET protected) runs weekly Sunday 00:00. User-level on-demand deletion also available.
✅ ImplementedGDPR Article 28 — Sub-Processor Data Governance
OpenAI and Pinecone are contractually bound not to extract, retain beyond processing, or use our data for training. Data processing terms and/or DPAs in place. AWS infrastructure in EU (eu-central-1) with appropriate agreements. No data sharing beyond instructed processing.
✅ ImplementedArticle 11 — Technical Documentation
Comprehensive BRD (4,296 lines), Competitive Analysis, Technical Documentation page, and this AI Risk Assessment. Architecture, data flows, guardrails logic, and model selection rationale all documented.
✅ ImplementedArticle 15 — Accuracy, Robustness & Security
Guardrails validate 100% of TOOL_CALL intents. OAuth 2.0 for all integrations. AES-256 token encryption. Rate limiting (60 req/min per user). Input validation and injection protection on chat API. Session token enforcement.
✅ Implemented5. GDPR USER RIGHTS — API ENDPOINTS
| GDPR Right | Endpoint | Method | Status |
|---|---|---|---|
| Right to Consent (Article 7) | /api/user/consent | POST / GET | ✅ Live |
| Right to Erasure (Article 17) | /api/user/delete-data | DELETE | ✅ Live |
| Right to Portability (Article 20) | /api/user/export-data | GET | ✅ Live |
| Right to Account Deletion (Article 17) | /api/user/delete-account | DELETE | ✅ Live |
| AI Incident Reporting | /api/user/flag-response | POST | ✅ Live |
| Data Retention Enforcement | /api/cron/cleanup-expired-context | POST (CRON) | ✅ Live |
6. MONITORING & REVIEW SCHEDULE
Monthly
- AI metrics dashboard review
- Incident log audit
- Flagged response review
Quarterly
- Risk assessment update
- Guardrails effectiveness review
- Data minimisation audit
Annually
- Full EU AI Act compliance audit
- Sub-processor DPA renewal check
- Technical documentation update
Automated Weekly:
Pinecone TTL cleanup runs weekly Sunday at 00:00 (server time) via EC2 cron → POST /api/cron/cleanup-expired-context (CRON_SECRET protected). 7-day retention; deletes all vectors where expiresAt < Date.now().
7. KEY PERFORMANCE METRICS
Guardrails Validation Rate
100%
Pinecone Data TTL
7 days
AI Interpretation Accuracy Target
>95%
Security Incidents Target
0
Email Body Fetched in List Operations
Never
Third-Party Content in Pinecone
None
GDPR Rights Endpoints Live
6 / 6
Sub-processor extraction/training
Contractually prohibited
8. OUTSTANDING ACTIONS
Ongoing: consent modal and Privacy Policy visibility
Privacy Policy and consent flow are live. Ensure new users see consent and can access the policy from signup and settings.
9. ASSESSMENT CONCLUSION
⚙️ EU AI ACT: ~92% COMPLIANT
All 13 compliance items implemented. OpenAI and Pinecone contractually bound not to extract or use data.
zizka.ai is classified as a LIMITED RISK AI system under the EU AI Act (Article 52 — transparency obligations). Engineering and contractual controls are in place: data minimisation, consent gate, GDPR rights endpoints, incident logging, Pinecone TTL enforcement, AI disclosure footer, sanitised storage, and sub-processors legally bound not to extract or train on our data.
13/13
Compliance items done
6/6
GDPR rights endpoints live
~92%
EU AI Act alignment
Document Version 2.1 — Updated February 25, 2026 — Next review August 25, 2026