---
title: "Govern AI agents with shared operating model for compliance"
description: "Govern production AI agents with Duale AI's model for security, legal, audit and platform teams, covering data ownership, provider contracts, policy routing and audit signals."
lang: en
lastUpdated: 2026-06-07
url: https://dev.duale.ai/en/solutions/governance
---

## AI-generated summary

The page outlines Duale AI’s governance framework for AI agents, detailing shared responsibilities, data hosting, provider selection, audit event logging, and compliance signals for security, legal, audit, and platform teams.

- Defines a shared operating model where customers set policies, provider contracts, and review paths, while Duale AI handles task routing, tenant isolation, and audit logs.
- States that managed application data is hosted by Hetzner Online GmbH in Germany, Duale AI is a French company, and customers can choose and contract with any model provider.
- Clarifies that Duale AI does not currently hold formal certifications such as SOC 2, SOC 3, ISO/IEC 27001, or EU AI Act certification, and no audit report is published.
- Describes the runtime’s audit events: tenant‑scoped records for create, update, delete, and access actions, each with action type, before/after state, and a content hash in a log.
- Explains that the platform provides signals—task context, policy decisions, incident readiness—so engineering, security, audit, and business teams have a view of agent tasks.

Summaries were generated by AI. Generative AI is experimental.

---

<Hero
  eyebrow="For security and governance teams"
  title={
<>
  Govern AI agents while they <AccentText>move to production</AccentText>
</>
}
  subtitle="Duale AI gives security, legal, audit, and platform teams a shared operating model for agent work: data movement, provider choices, policy decisions, available operating signals, and project-specific review paths."
  primaryCta={{ label: "Review the control model", dialog: "contact" }}
  secondaryCta={{ label: "Security Trust Center", href: "https://dev.duale.ai/en/product/security.md" }}
/>

<Section title="Governance as production enablement" subtitle="The goal is not to block agent projects. The goal is to make them understandable enough to run, review, and improve.">
  <CardGrid columns={3}>
    <Card title="See the work boundary" icon="file-text">
      Define what an agent can receive, what it can return, which tools it can use, and which outputs require
      project-specific review.
    </Card>

    <Card title="Review provider choices" icon="layers">
      Understand which model providers may be used, which policy inputs affect routing, and what data movement follows
      from that selection.
    </Card>

    <Card title="Define review paths" icon="eye">
      Identify which results should stop, retry, use a safer route, or move into project controls before the workflow
      expands beyond a pilot.
    </Card>
  </CardGrid>
</Section>

<Section title="Where Duale runs and what stays customer-owned" subtitle="For the managed service, application data is hosted by Hetzner in Germany, and Duale AI is a French company. Customers choose and contract with model providers; customer-managed deployment remains a design-partner roadmap topic.">
  ```mermaid
  flowchart LR
      %% WHAT: Governance posture: customer-owned policy and provider choices, Duale-managed infrastructure, and requestable review inputs.
      %% WHO: Security, audit, privacy, and legal teams evaluating hosting and processing fit.
      %% WHY: Lead with bounded current posture: managed application data hosted in Germany, French company, tenant isolation, access controls, audit events, scoped retention, and customer-selected providers.
      %% NOT: Certification attestation map, vendor-named nodes inside the diagram, long autonomous-run claim, or customer-managed deployment as shipped.
      accTitle: Duale AI governance posture
      accDescr {
        Your team owns policy choices, provider contracts, and retention
        requirements. Duale AI is a French company operating the managed
        service with application data hosted in Germany, tenant isolation,
        access controls, audit events, and scoped retention options. Model-provider traffic follows the
        providers selected and contracted by the customer.
      }

      Consumers(Your audit and SIEM consumers)
      subgraph Duale[Duale AI platform]
          subgraph Configured[Configured by your team]
              Policy(Policy choices, retention requirements, provider selection)
          end
          subgraph Managed[Managed by Duale; Germany-hosted application data]
              Iso(Tenant isolation and access controls)
              Audit(Audit events and scoped retention)
          end
      end
      ModelProvider(Selected model providers)

      Consumers <-.-> Duale
      Configured --> Managed
      Duale --> ModelProvider
  ```
</Section>

<Band>
  <Section title="Shared operating signals for all teams" subtitle="Engineering, security, audit, and business teams should not maintain separate narratives about the same agent task.">
    <CardGrid columns={3}>
      <Card title="Available task context" icon="commit">
        Use task submissions, retries, failures, terminal results, and review handoff context where captured by the
        integration.
      </Card>

      <Card title="Policy decisions" icon="mixer-horizontal">
        Review the policy inputs that shaped routing, provider selection, review paths, and operating context.
      </Card>

      <Card title="Incident readiness" icon="exclamation-triangle">
        Give the teams responsible for risk and reliability enough context to understand degraded providers, failed
        executions, and recovery paths.
      </Card>
    </CardGrid>
  </Section>
</Band>

<Section title="Regulated work without certification overclaim" subtitle="The platform is designed to expose available review inputs for security and governance reviews, but this page does not claim current product certification.">
  <CardGrid columns={3}>
    <Card title="European Union AI Act readiness" icon="reader">
      Use available review inputs to discuss risk management, logging, transparency, and human oversight expectations
      where those rules apply.
    </Card>

    <Card title="Data protection review" icon="id-card">
      Use documented processors, hosting, retention, and deletion paths as the starting point for privacy and
      data-processing reviews.
    </Card>

    <Card title="Operational resilience" icon="lock-closed">
      Make dependency, provider, recovery, and exit questions visible before a critical workflow becomes hard to
      replace.
    </Card>
  </CardGrid>
</Section>

<Section title="A better relationship with delivery teams" subtitle="Security and audit teams are rarely the primary buyer. They become more effective when the product already exposes the answers they need.">
  <CardGrid columns={2}>
    <Card title="For platform teams" icon="code">
      Build once with the review inputs, routing, and governance context that reviewers will ask for later.
    </Card>

    <Card title="For security teams" icon="lock-closed">
      Review the product boundary early, then monitor the available runtime signals engineering uses in production.
    </Card>
  </CardGrid>
</Section>

## Governance questions

### What stays customer-owned versus Duale-managed

Shared responsibility. The customer owns agent code, prompts, tools, task inputs, expected result schema, routing
policy and deadline, model-provider contracts, and project-specific review paths. Duale AI operates the managed
runtime: task submission and identity, policy-mediated routing, tenant isolation, audit events, and the
Germany-hosted application data boundary. Retention scope, subprocessor list, and incident-disclosure paths live in
the data-processing agreement.

### Where is managed application data hosted, and what changes the subprocessors

Managed application data is hosted by Hetzner Online GmbH in Germany. Duale AI is a French company. The current list,
the change-notice windows (30 days for European Economic Area subprocessors, 90 days otherwise), and the objection
channel live on the [subprocessors page](https://dev.duale.ai/en/legal/subprocessors.md).

### Does Duale AI hold any formal certifications today

No. Duale AI does not currently claim formal certification under SOC 2 (American Institute of Certified Public
Accountants Trust Services Criteria), SOC 3, ISO/IEC 27001 (information security management), or the European Union
Artificial Intelligence Act. No audit report, attestation, or certificate from a third-party auditor is published
today. Readiness work on the security and privacy roadmap is not an audit and is not presented as one.

### Which signals does the runtime expose for audit and incident review

The managed runtime records tenant-scoped audit events for create, update, delete, recover, and access actions on the
resources it owns. Each event carries the action, resource type and identifier, before and after state, and a content
hash anchored in an append-only Merkle-tree log; sensitive user fields are encrypted per tenant. Customer-visible task
trace, per-run inspection, and reviewer-facing artifact lists are not part of this page's claims today. Event scope
and retention duration are defined in the data-processing agreement and the commercial agreement.

### What is the role under the European Union AI Act

Duale AI operates the managed runtime that executes your agents. The role under the European Union Artificial
Intelligence Act — provider under Article 3.3, deployer under Article 3.4, or both — depends on the agent's purpose,
the system it integrates with, and who places it on the market. The role is fixed for each workflow during the
deployment review with your legal team, not asserted in advance by Duale AI.

<Cta title="Make governance a production capability." primaryCta={{ label: "Review the control model", dialog: "contact" }} secondaryCta={{ label: "Open Trust Center", href: "https://dev.duale.ai/en/product/security.md" }} />

<JsonLd
  data={{
"@type": "SoftwareApplication",
name: "Duale AI",
applicationCategory: "BusinessApplication",
audience: {
  "@type": "BusinessAudience",
  audienceType: "Security, legal, audit, and platform teams",
},
offers: {
  "@type": "Offer",
  priceCurrency: "EUR",
  availability: "https://schema.org/PreOrder",
},
description:
  "Governance view for production AI agents covering data movement, policy decisions, provider choices, available operating signals, and project-specific review paths.",
}}
/>

## Related content

- [Review security posture for production AI agents](https://dev.duale.ai/en/product/security.md)
- [Deploy durable AI agents with stable contracts and routing](https://dev.duale.ai/en/home.md)
- [Privacy policy governing data collection and use](https://dev.duale.ai/en/legal/privacy.md)
- [Turn AI pilots into a production portfolio](https://dev.duale.ai/en/solutions/business.md)
- [Terms of Use for AI Agent Platform Services](https://dev.duale.ai/en/legal/cgu.md)
- [Role-based solutions for production AI agents](https://dev.duale.ai/en/solutions.md)

---

## Sitemap

See the full [Markdown sitemap](https://dev.duale.ai/sitemap.md) for all pages.
