English

Deutsch

English

Deutsch

Appearance

Getting started

Welcome to NADOVO. This page gives you an overview of the platform and the recommended order for getting started. Answers to specific questions are in the FAQ; a detailed description of each area is under Modules.

What is NADOVO?

NADOVO is the AI compliance platform for the DACH Mittelstand. It helps you meet the requirements of the EU AI Act in a structured, verifiable way and without legal jargon — from capturing your AI systems to ongoing monitoring.

The NADOVO framework

NADOVO implements the NADOVO AI Compliance Framework — a practical lifecycle approach. EU AI Act compliance is not a one-time project but a continuous cycle that adapts to change (new systems, changed use cases, new requirements). You work through the phases step by step — not all at once.

NADOVO 5-step framework

In 5 steps to safe AI use — four core phases (understand and implement), framed by continuous monitoring:

  1. DiscoverWhat is already in use? Capture all AI tools, uncover shadow AI, clarify responsibilities.
  2. DefineWhat is AI used for? Define purposes, understand data, define risks.
  3. AssessWhat risks exist? Assess risks, set priorities, define measures.
  4. ImplementHow do we put it in place? Create rules, implement measures, train the team.
  5. MonitorHow do we stay on course? Monitor AI usage, document changes, review regularly.

The core formula

Asset + application area = AI process — and from that the risk class follows. An AI system alone says nothing about the risk; only the use case determines the classification. The same system can be minimal or high-risk depending on its use.

Full guide

A detailed explanation of the framework, the risk classes and the obligations is in the free guide "EU AI Act Compliance for SMEs": download the PDF.

How the platform is structured

The navigation on the left is organized into:

  • Dashboard — overview of your compliance progress, open tasks and important notices (e.g. critical incidents).
  • Compliance journey — the 5 phases (Discover, Define, Assess, Implement, Monitor) with their respective modules.
  • AI Models — the catalog of AI models (e.g. GPT-4, Claude) that your AI systems select from.
  • Organisation — your team, roles and the company profile (visible to company admins).
  • Settings and Help & Support.

You can find details on each area under Modules.

Your first steps

Recommended order to get started:

  1. Set up your team & company (Organisation): invite employees, maintain your company profile and define the person responsible for EU AI Act compliance.
  2. Select AI models: add the models you use to "My models" from the model catalog. Do this before creating an AI system — you cannot add a model from within the AI system wizard.
  3. Capture your first AI system (Phase 1): create an AI system, assign the models used (or "unknown" if not yet added or known) and set the status to "In operation".
  4. Define an AI process (Phase 2): for the AI system, describe the use case (intended purpose and scope) — NADOVO classifies the process automatically.
  5. Perform an assessment (Phase 3): for high-risk processes, a risk assessment is mandatory before you can release the process.
  6. Measures & training (Phase 4): implement the defined measures and document your employees' AI competence (training).
  7. Monitoring (Phase 5): capture AI incidents and review your compliance regularly.

Tips for getting started

  • Start with the most important systems, not with completeness. An inventory that captures your five to ten most important AI systems is worth more than a claim to perfection — you can add the rest step by step.
  • Ask across all departments which AI tools are in use. Often there are more than expected: many standard applications (Microsoft 365 Copilot, CRM, accounting) now contain AI, and employees use services like ChatGPT or DeepL on their own — so-called shadow AI.
  • Clarify your own role early. Most SMEs are deployers for all of their AI systems. That is a relief, because deployer obligations are more manageable than provider obligations.
  • Tackle high-risk systems first. They require the most extensive measures — begin with what matters most: organize human oversight and set up the documentation.
  • Implement quick wins right away. Some things take little effort: add a notice when customers interact with an AI, or set up an internal AI usage policy that governs which tools are allowed and which data must not go into external AI services.
  • Appoint a responsible person. A central point of contact coordinates the topics — this can be the data protection officer with an extended mandate, the IT lead or a specifically designated person.
  • Treat compliance as a continuous cycle. Schedule regular reviews (e.g. quarterly) and run through the cycle again whenever something significant changes. The AI inventory is a living document, not a one-time project.
  • Plan realistically. You don't have to manage status changes and version numbers yourself; NADOVO guides you through the necessary steps and points out open items.
  • The FAQ answers specific questions; each module is described in detail under Modules. Background on the EU AI Act and further best practices are under Knowledge & Best Practices; the guide (PDF) goes deeper into the methodology.

As of June 2026

© 2026 CONTORO SOLUTIONS OÜ. All rights reserved.
NADOVO - nadovo.ai