BlueDot AI

EU AI Act Compliance

EU AI Act

BlueDot is certified compliant with the European Union's landmark AI regulation — the world's first comprehensive, legally binding framework for artificial intelligence.

The EU AI Act establishes a risk-based approach to artificial intelligence — classifying AI systems from unacceptable uses that are banned outright, to high-risk applications subject to strict oversight, to limited-risk tools with transparency obligations. It sets binding standards for safety, accountability, and the protection of fundamental rights across the European Union, and applies to any provider whose AI systems are used within the EU regardless of where the provider is based.

BlueDot meets these standards. Our AI features are built for limited, supervised use: every interaction is user-initiated, all outputs are advisory, no personal data is retained, and human review is required before any AI-extracted information is saved to a client record. We treat regulatory compliance not as a checkbox, but as a continuous commitment to building AI that lawyers and their clients can trust.

AI transparency

How BlueDot uses AI — and how it doesn't

BlueDot integrates AI in a limited, purposeful, and transparent way. Here is a clear account of exactly what our AI does, what it never does, and the safeguards we maintain to protect your clients' data.

What BlueDot AI Does

  • Answers user questions using the BlueDot User Guide
  • Answers questions using documents uploaded by your firm
  • Extracts data from uploaded documents (Passports, I-94s, Visas, Notices)
  • Presents extracted data to the user for review before saving
  • Translates short text between languages on request
  • Summarizes short text into bullet points on request
  • Processes all requests through Microsoft Azure OpenAI with zero data retention
  • Clearly discloses AI involvement within the platform

What BlueDot AI Never Does

  • Train or fine-tune AI models using client or case data
  • Automatically commit AI outputs to records without user confirmation
  • Access the case database or client records during AI queries
  • Share data with public AI products or consumer AI services
  • Make autonomous legal or case decisions
  • Retain any user input after a request is completed
  • Allow AI to operate across tenants or access other firms' data
  • Use AI vendors other than Microsoft Azure OpenAI Service

How It Works

Every AI interaction in BlueDot is triggered explicitly by the user — nothing is processed passively. When a user asks a question, uploads a document for scanning, or submits text for translation, that input is sent to Microsoft Azure OpenAI Service over an encrypted connection. Azure processes the request and returns a response. No data from that interaction is stored, logged, or used for any purpose beyond generating that single response. The user then reviews the output and decides what, if anything, to do with it.

Human Oversight

AI supports BlueDot users — it does not replace professional judgment. All AI-generated outputs are advisory. For document scanning, extracted data is presented in a review screen and must be confirmed by the user before it is saved to any client record. No AI feature in BlueDot writes to a record, sends a communication, or takes any action autonomously.

Security & Compliance

SOC 2Certified
TX-RAMPCertified
GDPRCompliant
Azure OpenAIZero Retention
EU AI ActCertified