hremia
Trust & safeguards

Security, privacy & compliance

Built so people can trust it — and so you can prove it. Private by design, never surveillance.

Book a demo
Aligned with EU frameworks
  • GDPR (Art. 9 & 22)
  • EU AI Act
  • EU Whistleblower Directive
  • ISO 45003
Hosted in the EU

Our commitments to your people

Private by default

Managers cannot browse raw conversations. HR receives a case only when an employee submits a named/anonymous report, or a narrowly-defined legal/safety escalation applies — enforced at the database level.

No automated employment decisions

The system never recommends firing, discipline, promotion or performance actions. Outputs are advisory and reviewed by people.

Sensitive-data controls

GDPR Article 9-style data is minimised, separated, AES-256-GCM encrypted with per-tenant keys, retained for defined periods and available via DSAR workflows.

Anonymity thresholds

No dashboard for groups below a safe minimum; sensitive quotes are suppressed or redacted. Small teams roll up to larger groups.

Responsible AI

Human oversight, audit logging, intended-use limits and prohibited-use controls — aligned to high-risk AI governance in the EU.

Aligned with EU frameworks

GDPR (Art. 9 & 22)

Special-category data handling and protection against solely-automated decisions, by design.

EU AI Act

Worker-management AI treated as high-risk — logging, oversight and intended-use controls.

EU Whistleblower Directive

A confidential internal reporting channel with acknowledgement, SLA tracking and audit trail.

ISO 45003

Psychosocial-risk evidence and a risk register for occupational health & safety.

Want the DPIA & security pack?

We provide a DPA, DPIA support, a legal-basis matrix and audit materials for your DPO and security review.

Book a demo