This statement explains how the Digital Worker platform, operated by Apex Academy d.o.o. (trading as Digital Apex), is deployed under Regulation (EU) 2024/1689 (the "EU AI Act"). It describes our role, how we handle the obligations that apply to us, and what customers must do to remain compliant when they publish agents.

1. Our role under the AI Act

Digital Worker is a general-purpose AI deployment platform. We are:

• a deployer of third-party general-purpose AI models (OpenAI, Anthropic) for the platform's built-in features;
• a provider of the platform infrastructure that customers use to deploy their own AI systems — customers are deployers (and in some cases providers) of the agents they build.

We do not train or fine-tune foundation models on customer data. Customers retain control over agent behaviour through prompts, tool configuration, and grounding sources they themselves manage.

2. Article 50 transparency — chatbots and synthetic media

Under Article 50, AI systems intended to interact directly with natural persons must inform those persons that they are interacting with an AI system, unless that fact is obvious. Synthetic audio, video, and image content must be labelled as artificially generated.

The Digital Worker chat and voice embeds therefore render an AI-disclosure banner by default, visible to every end user before the first exchange. The banner can only be suppressed when the customer can demonstrably show the AI nature is already obvious from the surrounding context (for example, a page that already introduces the experience as an AI assistant). Customers remain liable for ensuring the disclosure is adequate for their deployment.

3. Prohibited practices

The platform must not be used for practices prohibited under Article 5 of the AI Act, including:

• subliminal techniques or manipulative practices that materially distort behaviour and cause harm;
• exploitation of vulnerabilities (age, disability, social or economic situation) that causes harm;
• social scoring by public authorities;
• real-time remote biometric identification in public spaces for law-enforcement purposes;
• predictive policing based solely on profiling;
• untargeted scraping of facial images from the internet or CCTV;
• inferring emotions in the workplace or in education (except for safety and medical reasons);
• biometric categorisation that infers race, political opinion, religion, sexual orientation, or trade-union membership.

Use of the platform for any of the above is a material breach of our Terms of Service.

4. High-risk AI use cases

If a customer deploys an agent in any of the high-risk areas listed in Annex III of the AI Act (e.g. employment, credit scoring, access to essential services, education grading, law enforcement, migration control), the customer is responsible for completing the provider obligations in Title III (risk management, data governance, human oversight, accuracy, robustness, cybersecurity, fundamental-rights impact assessment, registration).

Customers planning a high-risk deployment should contact us at privacy@apexacademy.hr so we can confirm in writing what platform features and documentation we can supply to support those obligations.

5. Risk classification of built-in features

Feature	Risk class	Reasoning
Text chat agents	Limited risk	Art. 50 transparency requirement met by the disclosure banner
Voice agents	Limited risk	Synthetic audio labelled as AI-generated; Art. 50 transparency applied
Image / file generation via tools	Limited risk	Output must be labelled by the deploying customer as AI-generated where applicable (Art. 50(2))
Agent self-improvement and tool authoring	Minimal risk	Sandbox-bounded; not autonomous beyond the platform
Customer high-risk deployments (Annex III)	High risk — customer responsibility	Provider obligations fall on the customer; we supply supporting documentation

6. Human oversight

Every agent on the platform can be paused, stopped, or deleted at any time by an account holder. Audit logs record agent actions for review. We recommend customers configure an escalation path so end-users can request a human contact when the AI agent cannot help adequately.

7. Accuracy and robustness

Foundation-model output can be inaccurate, incomplete, or out of date. Customers should not rely on AI output for decisions with legal or significant effect on a person without human review. Where the platform provides built-in grounding, the customer is responsible for the quality of the data sources they connect.

8. Reporting concerns

Report safety incidents, suspected AI Act violations, or fundamental-rights concerns to privacy@apexacademy.hr. We will acknowledge within five working days.