Compliance

GENERAITR is operated by TOMLIN STUDIO AB, a Swedish company subject to EU law. We monitor the EU AI Act implementation closely and have taken the following positions as the regulation comes into force in 2026.

GENERAITR provides two modes of AI generation. Our Online plans access closed-source models via API, routed through ComfyUI Partner nodes. Our Local plans allow organisations to run open-source AI models on their own GPU hardware, on-premise or in a private cloud. Under the EU AI Act, we operate as a deployer of AI systems in both cases. The underlying models are classified as General-Purpose AI (GPAI) systems and are governed by the obligations placed on their providers.

We do not train models. We do not use customer-uploaded images to train or fine-tune any AI system. Generated outputs are owned by the customer organisation that produced them.

Compliance checklist: Article 50 checklist for your team → (Save as PDF from the page header.)

Every file exported from GENERAITR carries two layers of AI labelling applied automatically at generation time.

Invisible steganographic watermark: a DWT-DCT-SVD watermark is embedded in every image, encoding the generation timestamp, pipeline, and organisation. It survives JPEG re-saves and common image transformations. Video outputs are watermarked on every 30th frame.

C2PA Content Credentials manifest: every export is signed with a cryptographic manifest (ES256, ECDSA P-256) following the C2PA standard — the open specification backed by Adobe, Microsoft, Google, the BBC, and others. The manifest records the AI model used, marks the content as trainedAlgorithmicMedia, embeds a DigiCert timestamp, and chains back to any source media. It meets the machine-readable marking requirement of EU AI Act Article 50(2).

Signing certificate — current status: during Early Access, GENERAITR signs manifests with a self-issued certificate (CN=GENERAITR, O=TOMLIN STUDIO, C=SE). The manifest is valid C2PA and EU AI Act compliant. External verification tools such as contentcredentials.org/verify will show the content as Content Credentials found — not verified by trusted authority. Full external verification transitions to a CA-issued certificate with the Beta release (August 2026).

Visible watermark at export: the Export panel provides a configurable text overlay (font, position, opacity) and a GENERAITR-branded image overlay. Both are optional and persist per organisation as preferences. Turning them off does not affect the embedded C2PA manifest or steganographic watermark.

Provenance metadata download: the Export panel provides a Metadata button that downloads a machine-readable .meta.json file for each generated asset. This file records the pipeline, template, AI model, parameters, assembled prompt, and generation timestamp — providing a portable disclosure record you can attach to deliverables or share with clients.

GENERAITR collects the minimum data necessary to operate the platform. We do not sell or share personal data with third parties for marketing purposes.

User accounts and organisation data are stored in the EU. Images generated or uploaded are stored on servers in Germany (Hetzner Cloud, FSK-compliant data centres).

You can request deletion of your account and all associated data by emailing hello@generaitr.com. See our Privacy Policy for full details.

GENERAITR provides access to two categories of AI models:

Closed-source models (API-based):These run on GENERAITR’s partner infrastructure via API. Providers include ComfyUI Org, Stability AI, Kling, and others. Each provider operates under their own terms of service and acceptable use policies. By using these models you agree to comply with the applicable provider policies.

Open-source models (Local plan): GENERAITR Local gives organisations the ability to run open-source AI models on their own GPU hardware, on-premise or in a private cloud. Generation does not leave your infrastructure. Model weights are downloaded from their respective open-source repositories. You are responsible for compliance with the licence terms of each open-source model you run.

A full list of active models is available in the AI Model Library inside the app. See also: generaitr.com/models-short.

For compliance-related enquiries, contact hello@generaitr.com.