Legal document

AI Act compliance

Version 1.0 · Effective from May 1, 2026

EU Regulation 2024/1689 on Artificial Intelligence (AI Act). GPAI obligations apply from August 2, 2025.

Tessera provides inference of general-purpose AI models (GPAI). Under the AI Act, Tessera assumes the role of downstream provider offering access to third-party GPAI models (Qwen, Whisper, Kokoro). This document describes our formal compliance posture.

1. Tessera’s role under the AI Act

Tessera does not train its own models. It serves GPAI models developed by third parties under open-source licenses (Apache 2.0, MIT). Under the AI Act, Tessera acts as downstream provider and, in some cases, as deployer when integrating the models into its own automated flows.

2. GPAI models used

Tessera maintains a public catalogue of the models served, their versions, licenses and training origin. The current list is available at /#modelos. Tessera does not fundamentally modify the models; customisations (LoRA, on-demand fine-tuning) are documented case by case.

3. Transparency obligations

Tessera provides customers with the technical documentation needed to meet their own transparency obligations: model capabilities and limitations, training data documented by the model provider, known biases, and specific warnings on use in regulated sectors (health, legal, financial).

4. Systemic-risk assessment

The models currently served do not exceed the training-compute threshold that classifies a model as GPAI with systemic risk (10^25 FLOPs). If this changes with a future model in catalogue, Tessera will assess and meet the specific obligations (red-teaming, mitigation, notification to the European Commission).

5. Prohibited use cases

Tessera expressly prohibits in its terms the use of the service for AI Act-prohibited cases: real-time biometric identification in public spaces, social scoring by public authorities, subliminal cognitive manipulation, individual predictive policing based solely on profiling, and any other case from Annex III without the required safeguards.

6. Cooperation with authorities

Tessera cooperates with the European AI Office and with national authorities of each Member State on any request for information, audit or investigation, pursuant to Article 89 of the AI Act. Formal requests should be addressed to legal@tesseraai.cloud.

7. Post-market monitoring

Tessera maintains an internal monitoring system to detect serious incidents arising from use of the service. Customers may report incidents at abuse@tesseraai.cloud or via standard support with the [AI Act Incident] tag.

Contact

AI Act matters:: legal@tesseraai.cloud
Incident reporting:: abuse@tesseraai.cloud

Changelog

Version	Date	Changes
1.0	2026-05-01	Initial publication.