Prometrica
AI policy

Emoji icon 1f510.svg
Prometrica - Declaration of Compliance with EU Regulation 2024/1689 on Artificial Intelligence

DECLARATION OF COMPLIANCE WITH REGULATION (EU) 2024/1689 ON ARTIFICIAL INTELLIGENCE

Effective date: January 09, 2026

Version: 2.0

PREAMBLE

Prometrica as a Provider of artificial intelligence systems pursuant to Regulation (EU) 2024/1689 of the European Parliament and of the Council of June 13, 2024 (hereinafter "AI Act" or the "Regulation"),

WHEREAS:

  • Prometrica develops and provides services based on artificial intelligence systems, namely the services called "Prometheus", "Pro Sales Scan" and "Ai.D.A.", intended for B2B markets.
  • The AI Act entered into force on August 2, 2024 with progressive application of the various provisions.
  • Art. 6, paragraph 3 of the Regulation provides for specific exceptions for systems that, while potentially falling abstractly within the categories of Annex III, do not pose significant risks and perform merely preparatory or accessory functions.
  • In Italy, Law No. 132 of September 23, 2025 (hereinafter "Law 132/2025") introduced national provisions complementary to the AI Act, defining the competent authorities and specifying obligations in key sectors such as work and intellectual professions.
  • Prometrica intends to ensure full compliance of its systems with the European and national regulatory framework on artificial intelligence.

HEREBY DECLARES THE FOLLOWING:

1. SCOPE OF APPLICATION AND DEFINITIONS

1.1 Scope of application

This Declaration applies to the following artificial intelligence systems ("Services") provided by Prometrica:

  • Prometheus: conversational AI system expert in a specific domain, based on large language models (LLM).
  • Pro Sales Scan: online assessment system for the analysis of commercial performance, with AI functionalities currently dedicated to verification and support for the completeness of the entered data.
  • Ai.D.A.: online assessment system for the analysis of the operational and strategic context preparatory to the adoption of artificial intelligence technologies ("AI readiness"), with AI functionalities currently dedicated to verification and support for the completeness of the entered data.

1.2 Definitions

For the purposes of this Declaration, the definitions set out in Art. 3 of the Regulation and in the contractual terms apply, including:

  • "AI System": an automated system designed to operate with varying levels of autonomy and that may exhibit adaptability after being placed on the market.
  • "Provider": Prometrica as it develops and places on the market AI systems under its own name or trademark.
  • "Deployer": the customer who uses an AI system under their own authority.
  • "Input": any data, text, information or other material that the user or customer provides, uploads or enters into the Services.
  • "Output": content, analyses or reports generated by the AI system in response to an Input.
  • "Preparatory action": pursuant to Art. 6, par. 3 of the AI Act, internal preliminary assessment activity prior to a final human decision.
  • "Non-significant risk": absence of significant impact on the final decision or on the fundamental rights of natural persons.

2. RISK CLASSIFICATION AND APPLICABLE OBLIGATIONS

2.1 Prometheus - limited risk system

Prometrica declares that the "Prometheus" system is classified as a limited risk system pursuant to Art. 50 of the Regulation, as:

  • It constitutes an AI system that interacts directly with natural persons.
  • It does not fall within the high-risk categories referred to in Annex III of the Regulation.
  • It is designed exclusively to provide non-binding informational and advisory support.

Implemented transparency obligations:

  • Users are explicitly informed that they are interacting with an AI system through a clear and unambiguous notice.
  • The generated Output or part of it is identified as artificially produced.
  • The contractual terms specify the limits of the system and the non-deterministic and non-guaranteed nature of the Outputs.

2.2 Pro Sales Scan - limited risk system with specifications for the Italian market

Prometrica declares that the "Pro Sales Scan" system is classified as a limited risk system and, even if it were used in contexts potentially attributable to Annex III, point 4 (employment and management of workers), it benefits from the exception provided for by Art. 6, paragraph 3 of the Regulation.

2.3 Ai.D.A. - limited risk system with specifications for the Italian market

Prometrica declares that the "Ai.D.A." system is classified as a limited risk system and, even if it were used in contexts potentially attributable to Annex III, point 4 (employment and management of workers), it benefits from the exception provided for by Art. 6, paragraph 3 of the Regulation.

Application of the exception (Art. 6, par. 3 AI Act) in the Italian context:

The system is not to be considered high risk since it performs a merely preparatory function to any subsequent decisions and constitutes an accessory tool that does not materially replace human assessment. Its intrinsic characteristics and contractually imposed usage modalities guarantee a non-significant risk to fundamental rights. Prometrica recognizes the "anthropocentric" approach of Law 132/2025 and confirms that the system design is aligned with the principles of worker protection, avoiding individual assessment and promoting an ethical and supportive use of AI.

Relevant technical and functional characteristics:

  • Purely preparatory action: provides exclusively analyses and insights to support business assessments.
  • Absence of individual profiling: operates only at an aggregate level (function, sales area, role) without creating performance profiles or assessments of individual subjects.
  • Non-binding Output: produces informational reports that always require human interpretation, assessment and decision.
  • Technical impossibility of automated decisions: the system is not designed to make decisions automatically.
  • Human control: every Output must be subjected to human review before making any decision according to the "human in the loop" principle.

Additional information obligations for the Italian market (Art. 11, Law 132/2025):

Prometrica recognizes that Art. 11 of Law 132/2025 imposes specific and detailed information obligations on employers (customers/Deployers) towards workers. To enable its customers to fulfill these obligations, Prometrica undertakes to provide the necessary information, including:

  • The purposes and objectives of the system in the work context.
  • The operating logic and key steps of the analysis process.
  • The categories of data and main parameters used for the analysis.
  • The control measures and human supervision mechanisms.
  • Information on the level of accuracy and cybersecurity.

Implemented guarantees:

  • Contractual obligations: the contractual terms clearly specify that the Output is informational support, must not be the sole basis for business decisions and always requires human interpretation and final decision, for which the customer is solely responsible. For Italian customers, the terms include an explicit reference to their information duties pursuant to Art. 11 of Law 132/2025.
  • Technical design that prevents profiling and performance assessment at the individual level.

3. DATA GOVERNANCE AND PRIVACY

3.1 Purpose of processing

Prometrica processes user content (Input) for the exclusive purpose of providing, maintaining, improving and developing its Services, as specified in the contractual terms.

3.2 Data quality and security

In compliance with the principles of the Regulation and Regulation (EU) 2016/679 ("GDPR"), Prometrica guarantees that:

  • Data is processed in an aggregated and anonymized manner where possible, particularly for the Pro Sales Scan service.
  • Training datasets are relevant and managed to avoid systematic errors and bias.
  • Data is processed in full compliance with the GDPR.
  • The technical infrastructure relies on first-level partners to ensure security and reliability (Google Generative AI, Firebase, Amazon AWS), duly appointed as data processors pursuant to Art. 28 GDPR.

4. HUMAN OVERSIGHT AND RESPONSIBILITY

4.1 Principles of oversight and control

The systems are designed to ensure that human control always remains effective and central. In particular:

  • Outputs are designed to be interpretable and allow a full understanding of the capabilities and limitations of the system.
  • The user always has the option not to use, ignore or discard the system's Outputs.

4.2 Allocation of responsibilities

  • Prometrica, as Provider, is responsible for the design and compliance of the system with the characteristics described in this Declaration and in the technical documentation.
  • The Deployer, as established and accepted in the contractual terms, is responsible for:
    • The compliant use of the Services.
    • Maintaining substantial and mandatory human control over any Output, ensuring that final decisions are never automated.
    • Not altering the merely preparatory and supportive nature of the system, recognizing that the Output is not binding.
    • Fulfilling information obligations towards their workers pursuant to Art. 11 of Law 132/2025.
  • Final decisions that may have an impact on workers, based even partially on the Outputs of the Services, remain the exclusive human responsibility of the Deployer.

5. POST-MARKET MONITORING

Prometrica undertakes to maintain an active post-market monitoring system to:

  • Monitor the performance of systems to ensure compliance over time.
  • Collect and analyze user feedback to identify potential risks or areas for improvement.
  • Implement necessary updates to maintain compliance and security with regulatory and technological evolution.

6. POINT OF CONTACT

For any request relating to compliance with the AI Act, please write to: info@prometrica.ai

For issues relating to the Italian market, Prometrica will interface with the designated national authorities, namely the National Cybersecurity Agency (ACN) as the supervisory authority and the Agency for Digital Italy (AgID) for promotion and notification functions.

English 🇺🇸🇬🇧