Governance

Compliance
Framework

NanoToxi AI is committed to responsible operation across data protection, nanotechnology research ethics, responsible AI governance, and biosecurity.

Last updated: June 2026

GDPR

EEA Compliant

UK GDPR

DPA 2018

SOC 2

Via Infra Providers

OECD Aware

Nanotox Guidelines

Platform Standards

  • NanoToxi AI is designed and operated in alignment with internationally recognised data protection and information security standards.
  • Our infrastructure providers (Railway, Vercel) maintain SOC 2 Type II compliance, ensuring that our hosting environment meets rigorous standards for security, availability, and confidentiality.
  • We conduct internal compliance reviews quarterly and engage external auditors annually to verify that our controls remain effective.
  • All platform changes that affect data handling, security posture, or model behaviour undergo a compliance review before deployment to production.

Data Protection and Privacy Regulations

  • NanoToxi AI complies with the General Data Protection Regulation (GDPR) for users in the European Economic Area. This includes lawful basis for processing, data subject rights, and breach notification requirements.
  • For users in the United Kingdom, we comply with the UK GDPR and Data Protection Act 2018.
  • We maintain a Record of Processing Activities (ROPA) as required under Article 30 of the GDPR.
  • Data Protection Impact Assessments (DPIAs) are conducted for any new processing activity that may present a high risk to individual rights.
  • We do not transfer personal data outside the EEA without appropriate safeguards (Standard Contractual Clauses or adequacy decisions) in place.

Nanotechnology Research Compliance

  • NanoToxi AI prediction outputs are intended as computational pre-screening tools and do not constitute regulatory toxicological assessments under any jurisdiction's framework.
  • Users in regulated industries (pharmaceuticals, medical devices, agrochemicals) are responsible for ensuring that AI-assisted pre-screening is used in conjunction with, not as a replacement for, required regulatory submissions.
  • The platform has been designed in awareness of emerging OECD guidance on nanotoxicology testing and grouping frameworks, including OECD TG 318 and relevant Test Guidelines for nanomaterials.
  • We document all model versions, training datasets, and validation results to support transparency and reproducibility requirements in scientific research contexts.
  • Predictions generated by RF v16 are accompanied by confidence scores and uncertainty estimates to help users apply appropriate scientific scepticism.

Responsible AI and Model Governance

  • We maintain a model card for RF v16 documenting training data provenance, evaluation methodology, known limitations, and intended use cases.
  • Our model is evaluated not only on aggregate accuracy metrics but on performance across different nanoparticle types and cell lines to identify potential blind spots.
  • We do not use prediction outputs to make autonomous decisions that directly affect individuals without human oversight.
  • Model updates are version-controlled. Previous versions are retained and accessible so that research reproducibility is not affected by model improvements.
  • We are committed to flagging and addressing cases where the model may perform poorly — such as novel nanoparticle classes with limited representation in the training data.

Biosecurity Considerations

  • NanoToxi AI operates under a dual-use research awareness framework. Prediction capabilities are designed and monitored to ensure they cannot be meaningfully used to advance the development of harmful biological or chemical agents.
  • User activity is monitored for patterns consistent with misuse. Accounts found to be submitting queries consistent with weaponisation research are subject to immediate suspension and may be reported to relevant authorities.
  • We maintain a documented biosecurity policy and review it annually in light of evolving dual-use research of concern (DURC) guidance from organisations including the WHO and national science agencies.
  • Our team includes advisors with backgrounds in nanotoxicology and biosafety who review edge cases and escalate concerns through our governance process.

Legal and Regulatory Disclosures

  • NanoToxi AI Labs is incorporated and operates in compliance with applicable corporate and commercial law in its jurisdiction of registration.
  • We maintain records sufficient to respond to lawful requests from regulatory and law enforcement authorities, balanced against our obligations to protect user data.
  • We do not provide prediction services for nanoparticles that are subject to export control restrictions without appropriate licensing.
  • Users are solely responsible for obtaining any necessary institutional, ethics, or regulatory approvals for the research activities they use NanoToxi AI to support.
  • For compliance inquiries, regulatory engagements, or institutional procurement questions, contact contact@nanotoxi.com.

Compliance inquiries

Contact our compliance team at contact@nanotoxi.com