Ask-Maria Compliance
Security & Compliance
More than just a chat – a professional foundation for Chat AI and Voice Mode.
When companies use chat and voice productively, good answer quality alone is not enough. The decisive factor is whether the solution is also properly set up in terms of data protection, access, operational stability, and regulatory requirements.
Secure Platform Foundation
Enterprise-grade reliability with 24x7 monitoring, multi-AZ infrastructure, disaster recovery tests, and encrypted data storage.
Structured Data Protection
GDPR for lawful, transparent processing, data rights, and organizational safeguards for personal data.
More Than a Chat Window
Frag-Maria is thus built on a professional security and compliance foundation – not on an isolated bot tinkering.
The Most Important Security and Compliance Modules
Audited Security Controls in Live Operation
SOC 2 Type II - Data protection, processing integrity and confidentiality as consistently relevant control areas.
Why this is important: For the customer, this means that Frag-Maria is not based on a makeshift solution, but on a platform with audited security and operational discipline.
Information Security with International Standard
ISO/IEC 27001:2022 as a standard for information security management as an organizational basis for keeping data private.
Why this is important: This builds trust for companies that want to use AI in a controlled, documented, and long-term responsible manner.
Data Protection with Transparency and Data Rights
GDPR compliance for transparent processing, data rights such as access, rectification, erasure, restriction, and data portability, as well as concrete security measures.
Why this is important: Especially with chat and voice data, data protection is central because it often involves the processing of personal content, support cases, or appointment data.
Protection of Sensitive Health Data
HIPAA - Systems for the protection of PHI, i.e., particularly sensitive health information.
Why this is important: This is particularly relevant for healthcare, MedTech, or life sciences and shows that Frag-Maria can also be considered compatible in more regulated environments.
Governance instead of Marketing Promises
Depending on the application, the EU AI Act requires, among other things, transparency regarding AI interaction, human oversight, and documentation obligations.
Why this is important: In the Enterprise solution, Frag-Maria is implemented in such a way that AI notices, logging, human oversight, role logic, and documented operational processes are thoroughly considered. The server location is in Europe.
More Than Just Compliance Logos
Security is not just a list of acronyms. For us, security means concrete technical and organizational measures, including WAF and DDoS protection, TLS/mTLS encryption, segmented network architecture, audit logging, code reviews, vulnerability scanning, external penetration tests, and enterprise access controls including SSO.
What This Specifically Means for Frag-Maria
With Frag-Maria, you're not just buying a chat. You're opting for a solution that is professionally built at the platform, process, and governance level. This creates better conditions for procurement, IT, data protection, and specialist departments – and only then makes chat & voice a reliable corporate channel.
Our Stronger Language
Frag-Maria is based on a professional security and compliance foundation – and is implemented with clear governance, transparency, and human oversight, depending on the use case.
Review Security and Compliance Setup
Let's review together which security and compliance requirements are relevant for your use of Frag-Maria – from chat & voice to enterprise governance.