EU AI Act (2024/1689)

grunden.ai is a deployer of the GPAI model GLM 5.1 (open-weight, MIT-licensed from Z.ai) and a provider of the AI system (the chat and API are AI systems built on top of the model). We run the model on our own NVIDIA H200 infrastructure in Sweden and do not train it ourselves — therefore we are not a GPAI provider.

This means the training-data summary (art. 53), technical documentation and copyright policy are Z.ai's responsibility. Links to model documentation are on /modeller.

Since 2 February 2025, art. 4 applies: personnel who develop and operate AI must have sufficient competence regarding the system's capabilities, risks and limitations. We continuously train our team and recommend you do the same for personnel building on our API.

When you build a service on our API, you become the provider of that service under the AI Act. That entails specific obligations depending on how your service is classified:

• High-risk systems (art. 6 + Annex III): if your service covers recruitment, credit, biometrics, education-assessment or law enforcement, you must comply with art. 9–15 (risk management, data governance, logging, human oversight, robustness, technical documentation).
• Transparency requirements (art. 50): if your service communicates with natural persons, the user must be informed they are interacting with AI.
• Synthetic content (art. 50.2): image, audio and video generations must be machine-readably marked. Text generation is exempt if it undergoes human review or is clearly artistic.

Since 2 February 2025, the following uses are prohibited under art. 5 — and may not happen via our API per our terms of service. Violation leads to immediate suspension and the full sanctions provided by applicable law.

• manipulation that causes physical or psychological harm,
• exploitation of vulnerabilities of specific groups (age, disability, socio-economic status),
• social scoring of natural persons,
• untargeted scraping of facial images from the internet or CCTV for biometric databases,
• emotion detection in the workplace or in education,
• biometric categorisation inferring sensitive attributes (ethnicity, political opinion, sexual orientation, etc.),
• prediction of crime based solely on profiling of an individual.

• 2 February 2025: art. 4 (AI literacy) and art. 5 (prohibited uses) apply.
• 2 August 2025: GPAI provider obligations (apply to upstream providers, not us).
• 2 August 2026: obligations for high-risk systems under Annex III enter into force.
• 2 August 2027: full application of the regulation.

For details on how we process personal data, see our privacy policy (section 9). For the full agreement and liability limitations, see the terms of service (section 11). Questions? hej@grunden.ai.