Security & Compliance

Enterprise AI Learning - Secure, Governed, Ready to Scale

Deploy hyper-personalized AI-powered learning across your organization with the security, privacy, and governance foundation enterprise teams expect.

chunkx helps companies use AI for personalized corporate learning while keeping control over data processing, access rights, vendor review requirements, and internal compliance workflows.

Company Knowledge
Documents Policies
AI-Powered Learning
Personalization Microlearning
Security & Governance
EU SSO ISO Pentest EU AI Act
EU Data Processing ISO-Certified Cloud Infrastructure Single Sign-On Microsoft Entra ID Compatible No Customer Data Used for Model Training Regular Penetration Testing EU AI Act Documentation Available Security Review Support
Enterprise Readiness

Built for Enterprise Security Reviews

AI-powered learning can only scale when security, privacy, legal, procurement, IT, and compliance teams can trust how the platform is deployed.

chunkx is designed for corporate and regulated environments where internal knowledge, employee learning data, and AI-supported workflows need clear safeguards. Our setup helps enterprise teams answer the questions that matter before rollout:

  • Where is data processed and stored?
  • How is access controlled?
  • Can users authenticate through existing identity providers?
  • Are customer data and uploaded content used for model training?
  • Which contractual and technical safeguards are available?
  • How is AI governance documented?
  • What evidence can support procurement, legal, IT, and security reviews?

Enterprise teams can introduce personalized AI learning faster — without creating unnecessary governance risk.

Vendor Review SSO Setup Data Protection Review AI Governance Review Controlled Rollout Scaled Adoption
Data Protection & GDPR

AI Learning with Clear Data Protection Boundaries

chunkx is built for organizations that want to use company knowledge and AI-supported learning while maintaining clear control over data protection and processing responsibilities.

Customer-provided content can be used to create learning experiences, generate learning units, support learner interactions, and help employees retain knowledge within the defined course context. At the same time, chunkx applies data minimization and pseudonymization practices for selected AI processing scenarios.

Customer data is processed and stored in the European Union. Customer personal data is not used to train general AI models.

For enterprise customers, chunkx can provide contractual and technical documentation to support internal data protection assessments, including processing terms, technical and organizational measures, sub-processor information, and deletion and retention information.

  • GDPR-compliant processing setup
  • Data Processing Agreement available
  • Technical and Organizational Measures documented
  • Customer data processed and stored in the EU
  • No customer personal data used for model training
  • Documented sub-processor management
  • Defined retention and deletion practices
  • Privacy and security documentation available for enterprise review
Controlled Data Flow
Customer Content Input
EU Processing EU
Personalized Learning AI
Governed Reporting DPA TOM

Personalization Without Losing Control

chunkx enables AI-powered learning based on company knowledge and defined learning objectives — while keeping data processing, governance, and reviewability clear for enterprise teams.

Authentication

Enterprise Access Through Your Existing Identity Provider

For larger rollouts, secure and seamless access is essential. chunkx supports Single Sign-On standards such as SAML 2.0 and OpenID Connect, including compatibility with Microsoft Entra ID.

This allows organizations to connect chunkx to existing identity and access management processes, reduce password friction for employees, and support centralized access governance.

SSO can help enterprise teams improve both user adoption and security:

  • Users access chunkx through familiar corporate login flows
  • IT teams can manage access through existing identity systems
  • Organizations can apply their own authentication policies
  • Onboarding and offboarding can be aligned with internal access processes
  • Enterprise rollouts become easier to administer across teams and regions
Identity Flow
Employee
Microsoft Entra ID / IdP
chunkx
Central Access Corporate Login Controlled Rollout

SSO-Ready for Enterprise Rollouts

Connect chunkx to your existing identity environment with SAML 2.0 or OIDC — including Microsoft Entra ID compatibility.

Infrastructure

Trusted Infrastructure for Enterprise-Grade Learning

chunkx runs on established cloud infrastructure and processes customer data in the European Union, with primary hosting in Frankfurt, Germany. AI functions and supporting services use EU regions.

Customer data is processed on trusted cloud and AI infrastructure operated by providers with established security and compliance programs, including ISO-certified environments and provider assurance documentation where available.

This gives enterprise teams a strong infrastructure foundation for security and procurement reviews — without relying on vague security claims.

For internal assessments, chunkx can provide relevant documentation such as:

  • Data Processing Agreement
  • Technical and Organizational Measures
  • Sub-processor information
  • Deletion and retention information
  • Access control documentation
  • High-level security evidence where applicable
  • Available provider assurance documentation, subject to confidentiality and disclosure rules
Infrastructure Overview
EU Processing Active
Primary Hosting Frankfurt
ISO-Certified Verified
Security Review Support Available

EU Processing on ISO-Certified Infrastructure

chunkx processes customer data in the European Union on established cloud infrastructure with ISO-certified environments and documented security controls. Security, legal, procurement, and IT teams can review the relevant contractual, technical, and provider documentation as part of their assessment.

Access Control

Access Is Restricted, Reviewed, and Accountable

Enterprise security depends on who can access what, when, and why.

chunkx applies role-based access principles, least-privilege access, MFA for administrative and high-risk access, and periodic reviews for privileged roles. Access to customer data by chunkx personnel is limited to what is necessary for service delivery, support, and troubleshooting.

For customer organizations, product roles help separate responsibilities between admins, creators, report recipients, and users. This supports controlled administration of learning programs without giving every stakeholder unnecessary access.

chunkx also conducts regular penetration testing and maintains documented measures for vulnerability management, incident handling, supplier management, and continuous improvement.

  • Role-based access control
  • Least-privilege access principles
  • MFA for administrative and high-risk access
  • Restricted production access
  • Privileged access reviews
  • Controlled support access
  • Logging and monitoring of security-relevant events where available
  • Regular penetration testing
  • Vulnerability and patch management
  • Incident response procedures
Role Read Write Admin
Admin
Creator
Report Recipient
Learner
AI Governance & EU AI Act

Governed AI Use Within Defined Learning Boundaries

chunkx is not a generic AI chatbot. It is a learning environment where AI is used within defined course structures, learning objectives, approved content sources, and organizational boundaries.

Companies can provide internal documents, policies, training materials, and product information as context. chunkx can then generate and adapt learning content based on this approved context and the learner's interaction with the course.

This supports AI-powered learning while keeping the most important governance questions visible:

  • Which content sources are used
  • Which learning objectives define the course
  • How learning experiences are structured
  • How reports are used for learning management
  • Which AI providers and sub-processors are involved
  • How data protection and security requirements are documented
  • How the AI use case is assessed under the EU AI Act

chunkx provides EU AI Act documentation to support customer reviews. This includes documentation on the intended purpose of chunkx, the role of the customer as deployer, the standard use case assessment, and relevant provider information for AI-supported learning scenarios.

In its standard configuration, chunkx is designed for learning support, personalization, and learning organization. It is not intended for formal examinations, admission decisions, gatekeeping, HR decisions, sanctions, promotions, compensation decisions, or other employment decisions.

AI Governance Flow
Approved Company Knowledge
Course Boundaries Defined
AI-Supported Learning Purpose-Bound
EU AI Act Documentation Available
Learning Management Reporting

AI Learning with Enterprise Guardrails

chunkx helps companies make AI useful for learning — not by giving employees an unrestricted chatbot, but by embedding AI into structured, reviewable, and purpose-bound learning experiences with documented AI governance.

Operational Readiness & Resilience

Designed to Support Recurring Enterprise Learning Programs

Training becomes business-critical when it supports compliance, product launches, regulated sales conversations, onboarding, or large-scale transformation.

chunkx maintains documented measures for availability, backup, recovery, vulnerability management, penetration testing, incident handling, supplier management, and continuous improvement. This helps organizations treat chunkx not as an isolated AI experiment, but as a platform for recurring enterprise learning programs.

  • Encrypted data in transit and at rest
  • Backup and recovery procedures
  • Vulnerability and patch management
  • Regular penetration testing
  • Controlled production changes
  • Incident response procedures
  • Supplier and sub-processor reviews
  • Documentation for customer assurance
Continuous Readiness Cycle
Protect
Test
Monitor
Review
Improve
Evidence
Continuous Cycle
Enterprise Review Package

Faster Answers for Legal, Procurement, IT, Security, and AI Governance Teams

Security and compliance reviews should create trust — not unnecessary friction.

chunkx helps enterprise teams move faster by providing structured documentation and clear answers to common vendor assessment questions. This supports internal stakeholders who need to evaluate the platform before rollout, including security, legal, privacy, procurement, IT, HR, L&D, compliance, and AI governance teams.

This page gives a high-level overview. For detailed reviews, chunkx can provide a security and compliance information package depending on the scope of the customer engagement.

Data Location

Customer data is processed and stored in the European Union, with primary hosting in Frankfurt, Germany. AI functions and supporting services use EU regions.

AI Model Training

Customer personal data is not used to train general AI models. Additional safeguards are documented in the relevant contractual and technical documentation.

Single Sign-On

chunkx supports SSO standards such as SAML 2.0 and OIDC, including compatibility with Microsoft Entra ID.

GDPR Documentation

chunkx can provide a Data Processing Agreement, Technical and Organizational Measures, sub-processor information, and deletion and retention information for enterprise review.

Access Control

chunkx uses role-based access principles, least-privilege access, restricted production access, and additional safeguards for administrative and high-risk access.

ISO-Certified Infrastructure

chunkx processes customer data in the EU on established cloud infrastructure with ISO-certified environments and provider-backed security assurance where available.

Penetration Testing

chunkx conducts regular penetration testing and uses the results to support continuous improvement of its security posture.

EU AI Act Documentation

chunkx can provide EU AI Act documentation for customer review, including information on intended purpose, deployer guidance, standard use case assessment, and AI-supported learning boundaries.

Vendor Assessment Support

chunkx can support enterprise assessments with security questionnaire responses, technical documentation, provider information, and high-level evidence such as access review, backup restore, or incident readiness records, subject to confidentiality.

Security & Compliance Review

Need to Involve Security, Legal, IT, Procurement, or AI Governance?

We can provide a security and compliance information package to support your internal review and help your team move from assessment to rollout faster.

Request the Security Package
Ready to Start?

Ready to Scale AI-Powered Learning with Confidence?

Bring personalized corporate learning into your organization with the security, privacy, SSO, EU AI Act, and compliance foundation enterprise teams expect.

Book a Demo