AI is only valuable if it is safe.

Processing exclusively in EU data centers or on-premise at your premises. The rms. AI Bot was developed from the ground up for the European legal area - uncompromising, transparent and demonstrably compliant.

What that means in concrete terms:

✅ Processing exclusively in EU data centers
✅ No use of services outside the EU without explicit consent
✅ GDPR-compliant order processing (AV contract)
✅ Option for complete on-premise hosting
✅ Deletion concepts & data minimization in accordance with GDPR Art. 17 & 25
✅ Avoidance of any personal data transfer

An AI solution that does not promise data protection, but anchors it architecturally

Your content remains in your systems - without detours, without copies, without exceptions.

✅ No training of models with customer data
✅ No storage with third-party providers
✅ No transfer to external AI systems without your express consent
✅ All data exclusively in your own vector databases and storage locations

Security is not a function for us, but a principle.

Flexible hosting models with uncompromising security. Choose the setup that suits your IT strategy - we take care of the security.

✅ RMS Cloud (EU, GDPR-compliant)
✅ Private Cloud (Azure / AWS / GCP - EU region)
✅ On-Premise (own server / data center)
✅ Hybrid setups (e.g. bot in the cloud, data locally)

Integrated security measures:

🔒 TLS-encrypted communication
🔒 Encryption of data at rest (optional AES-256)
🔒 Strict firewall rules
🔒 Dedicated environments for enterprise customers

Enterprise-level security architecture. Without compromise.

Only authorized persons are granted access - precise, role-based and controllable down to document level.

✅ API key & token-based authentication
✅ Role & rights management for teams
✅ Admin, editor & viewer roles
✅ Access restriction down to document level
✅ Optional: SSO / OAuth2 / Azure AD integration

Full transparency and control over who can see, use and manage what.

Every action is traceable. Every event is documented.

✅ Complete logging of all API calls & chat interactions
✅ Audit trails for security-relevant processes
✅ Monitoring & technical logs for support & compliance
✅ Error analysis without access to personal user data

The basis for auditing, IT security and compliance audits - verifiable at any time.

Data security over the entire life cycle - controlled, transparent and traceable.

✅ Deletion of chats, knowledge objects and logs after defined intervals
✅ Immediate manual deletion possible at any time
✅ Automated re-indexing when data is updated
✅ No shadow copying and no hidden storage
✅ TR-03108-compliant security procedures possible

Your data is only stored for as long as you wish - and not a moment longer

You decide which models are used - and under which security conditions.

✅ Use of leading models such as OpenAI, Gemini, Mistral, Llama, Phi-3
✅ Alternatively: use of your own model (e.g. Llama 3, Mistral 8x7B)
✅ Option for fully isolated inference servers (air-gapped)
✅ No automatic model forwarding or external model connection
✅ Optional rate limits, safety filters and individual content policies

Maximum control over model selection, access and safety levels.