The public service
that delivers
in two days.

Decisions in minutes instead of hours. Citizen inquiries answered in real time. NIS2-ready, GDPR- and ISO 27001-aligned.

anymize is the AI workplace for authorities, municipalities and public institutions that want to use GPT, Claude and Gemini – without handing citizen data to US providers.

The compliance frameworkStart for free

The promise

Who you
could become.

The case worker who sends the decision in two days – not two months. The department head who has the policy opinion ready in an hour – not a week. The municipality whose residents say: “They answer my inquiry within 24 hours – and I can actually understand what they wrote.”

The tools exist. Claude drafts decisions in the correct official style. GPT understands what a citizen actually asked in their email – even when it wasn't phrased in bureaucratic language. Gemini reads scanned historical files. But IT security and data protection have blocked adoption – for good reason. Social data, tax data, immigration files must not flow into a US provider's cloud.

anymize removes that block. You upload decisions, files, applications; the anonymization pipeline replaces names, addresses, birth dates, tax IDs, case numbers and social data with semantic placeholders; the frontier model responds with full context; the re-translation gives you back the result with the original data. From the AI provider's perspective, no citizen became visible. From yours, you get a sound, well-prepared administrative output.

The hard compliance lines

What the public sector
has to navigate.

AI use in public authorities and municipalities operates within a dense regulatory web. anymize is built so these requirements are addressed through product design and the right contract framework.

EU NIS2 Directive

Mandatory cybersecurity for public entities

The EU NIS2 Directive (effective October 2024) classifies government bodies, healthcare, energy, and water utilities as essential entities subject to mandatory cybersecurity requirements — including supply chain security, incident reporting within 24 hours, and governance obligations. AI tools used in public administration are part of the ICT supply chain and subject to NIS2 risk management requirements.

Requirements for an IT service provider

  • Supply chain and service-provider risk management under NIS2
  • Reporting of significant security incidents within 24 hours
  • Evidence of technical and organizational measures implemented

anymize provides

  • A Data Processing Agreement (DPA) under GDPR Art. 28 — required for any processor of public sector data, effective automatically on account creation, meeting public sector procurement requirements.
  • EU-hosted infrastructure — all data processed and stored in Germany, with no exposure to US Cloud Act or FISA 702 jurisdiction; meeting EU digital sovereignty requirements.
  • NIS2-ready security documentation — including security assessment package, incident response procedures, and supply chain risk documentation for NIS2 compliance requirements.
GDPR & Data Sovereignty

Citizen data requires maximum protection

Public authorities processing citizen data are bound by GDPR with the full weight of public accountability. Data minimization, purpose limitation, and the prohibition on unnecessary data sharing are core obligations. Any AI tool used in citizen-facing processes must be documented, assessed for DPIA (Data Protection Impact Assessment) requirements, and operated under strict contractual controls.

EU AI Act (2024/1689)

Government AI is inherently high-risk

The EU AI Act classifies AI systems used by public authorities in law enforcement, benefits administration, education, and essential services as high-risk AI. Public sector organizations deploying AI tools must conduct conformity assessments, maintain technical documentation, and register AI systems in the EU database. Anonymization of citizen data before AI processing significantly reduces the risk profile.

Public Procurement & Digital Sovereignty

EU-hosted infrastructure & open standards

Public sector procurement frameworks across Europe require preference for EU-hosted services for sensitive data processing, and mandate open standards compatibility. anymize runs exclusively on EU infrastructure (Germany), maintains no US Cloud Act exposure, and integrates via standard APIs — meeting digital sovereignty requirements across EU member state procurement rules.

Five everyday scenarios

Concrete workflows,
concrete tool chains.

01

Draft a decision – building permit office

Tool chain

Upload (anonymized): application, site plan, neighbor statements · Claude Deep · knowledge base “House decision templates + state building code” active · “Draft the decision based on the current case file.”

Outcome

Decision draft with correct statutory citations, in official style, delivered as an artifact

02

Answer a citizen inquiry

Tool chain

GPT (Smart) · project “Inquiry Mr. X” with anonymized file notes · “Write a plain-language response to the citizen inquiry, without bureaucratic jargon.”

Outcome

Reply in citizen-friendly language, referencing the legal basis – two clicks to send

03

Meeting minutes for councils and committees

Tool chain

Live transcription (council or committee session) · transcript imported as a document · Claude · “Produce the minutes per our house template and list all resolutions.”

Outcome

Finished minutes with a resolutions list as an artifact, exportable as Word

04

Technical research, internal position paper

Tool chain

Project “Policy question X” · Perplexity for current case law · knowledge base “Internal directives” · “Evaluate the question with reference to the applicable rules and our internal practice.”

Outcome

Structured position paper as an artifact, with source citations

05

Internal budget analysis

Tool chain

anymize Fountain (internal, no anonymization needed) · upload the budget Excel · “Compare actual vs. planned values per product line, flag deviations above 10%.”

Outcome

Analysis artifact, no data leaves the authority

Every workflow works today. No “coming in Q4” – the toolset is live.

Model recommendation

Which model for
which administrative task.

Drafting decisions, case-law referencing, position papers

Claude (Deep)

Precise official style, structured argumentation

Citizen communication in plain language

GPT (Smart)

Modern, accessible writing, strong for citizen emails

Research on current case law and administrative rules

Perplexity

Web-native research with reliable sources

Multimodal files (scans of historical documents)

Gemini

Strong OCR quality, handles scanned administrative documents well

Very large file sets, extensive meeting materials

Kimi (Deep)

Very large context windows, all briefing papers in a single pass

Internal Excel, budget and statistics work

anymize Fountain

EU-based inference, no anonymization required

Strategic domain analysis, multi-step reasoning

anymize Waterfall

EU-based inference, frontier-grade reasoning depth

Details on all international modelsDetails on Waterfall & Fountain

Feature set for the public sector

The tools that
actually land in the office.

Five features that deliver the biggest leverage in daily administrative work:

01

Knowledge bases

A dedicated database per department (building code, public order, social services, citizen service) – house decision templates, current administrative rules, commentary excerpts, relevant court decisions. Case workers always operate on the same, current baseline.

02

Projects

One project per complex case (land-use plan, policy question, complaint procedure). Context grows with every chat. Especially valuable when responsibilities change – the next case worker inherits the context at the push of a button.

03

Live transcription

Record council meetings, committee sessions and citizen office hours via smartphone (QR code), transcribed on self-hosted infrastructure in Germany. Relieves meeting staff and structures the minutes.

04

Artifacts

Decisions, position papers, council briefings and citizen replies emerge as artifacts – WYSIWYG-editable, exportable as Word, PDF or Markdown. Export with original data for dispatch, anonymized export for cross-authority coordination.

05

Compliance controls

Admin controls: anonymization requirement cannot be overridden, four-eyes review for specific decision types, audit log for IT security baseline documentation (ISO 27001, ENISA guidelines) and AI Act evidence, review countdown.

Integration with existing administrative software

Where anymize
plugs in.

The anymize API is OpenAI-compatible (drop-in replacement) – any application or automation that already talks to OpenAI also talks to anymize:

01

Automation platforms

Zapier, Make.com, n8n with native anymize nodes: pull applications from the e-file system, review them anonymized, write back a decision draft.

02

Line-of-business applications via connector

Common administrative systems (VOIS, newsystem, OK.FIS, Anoma, Schleupen) via an API middleware layer and low-code tools.

03

E-file and DMS

d.3 ecm, VOIS DMS, ELO public sector, nscale eGov via API.

04

Email pipelines

Outlook automations (e.g. “incoming citizen email → analyze anonymized → draft reply into drafts folder”).

Integration guides:n8nMake.comZapierMCP Server

On-premise relevance

When your IT
forbids the cloud.

For authorities with a strict no-cloud policy – typically ministries, critical infrastructure operators under NIS2, law enforcement – we offer on-premise deployments: the anonymization pipeline and our small model anymize Spring on your own infrastructure. Hybrid variant: local anonymization plus anonymized requests to international frontier models – no citizen data leaves the public data center.

For many municipalities and smaller public agencies our cloud offer is sufficient – IT security baseline documentation (ISO 27001, ENISA guidelines), a DPA under Art. 28 GDPR and a sensitive public sector data appendix cover it. Operation via government-owned data centers is also possible.

Which plan fits

From the small municipality
to the federal ministry.

Small municipality / office (< 20 people)

Team Business

Full feature set, simple administration, contract framework compatible with standard public sector IT procurement terms

Mid-sized municipality / county administration

Team Business + Enterprise add-ons

SSO (Microsoft Entra), extended audit logging, dedicated account manager

Large municipality / regional authority

Enterprise

NIS2 individual contract, SLA, on-premise option, incident-reporting pipeline to the national cybersecurity authority

National authority / ministry

Enterprise (on-premise recommended)

IT security baseline alignment (ISO 27001, ENISA guidelines), custom contract framework, dedicated data-residency cluster

Social-benefit authorities (social services, employment agencies)

Enterprise

Sensitive public sector data appendix, special social-data protection workflows

Public sector IT procurement: Our contracts map cleanly to standard government IT procurement terms; individual adaptations are available on the Enterprise plan.

All plan details

How you start in three steps

From kick-off
to production use.

1

Step 1

Clarify procurement, sign the contract

At certain usage volumes a public tender under public procurement regulations may be required. For many pilot scenarios the order value stays below the direct-award threshold. We provide procurement-ready template contracts, including clauses aligned with standard public sector IT procurement terms and a GDPR data processing agreement. Social-benefit authorities additionally get a sensitive public sector data appendix. Timeline depending on the procurement path: 2–8 weeks.

2

Step 2

Pilot in one department

Start with a clearly scoped department (e.g. citizen service or a unit with high decision volume). First knowledge base: in-house decision templates and the relevant administrative regulations. First workflows: which prompts go to Claude, which stay internal on anymize Fountain.

3

Step 3

Rollout and compliance documentation

After a successful pilot: roll out across further departments. Admin policies (mandatory anonymization, four-eyes review for sensitive decisions). The audit log provides the documentation basis for IT security baseline evidence (ISO 27001, ENISA guidelines), NIS2 reporting obligations and AI Act requirements.

Who inside the administration

Six roles,
six angles.

01

Case worker

Decisions in minutes instead of hours; more cases per day, more thoroughly prepared

02

Department head

Policy opinions in hours instead of weeks; knowledge preservation across staff changes

03

IT security / authority CISO

NIS2-reportable, ISO 27001-aligned documentation, clean supply chain, on-premise option

04

Data protection officer

Social data protection processes covered, anonymization as a technical safeguard, audit log as evidence base

05

Mayor / municipal administration

Faster citizen service, lighter load on council work, procurement aligned with standard public sector IT terms

06

Compliance / internal audit

AI Act audit log, NIS2 incident dashboard, outsourcing register

What public administrations often ask.

Frequently asked questions

anymize is built so that your risk management can address the NIS2 requirements on service providers under the EU NIS2 Directive. We provide a NIS2-compatible contract framework, including incident-reporting processes and audit rights. Formal NIS2 compliance is ultimately your organization's duty – NIS2 is an obligation on the entity. We deliver the building blocks for a solid implementation on the anymize side.

Legal note

The information on this page regarding the EU NIS2 Directive, GDPR and related sensitive public sector data protection obligations, IT security baseline standards (ISO 27001, ENISA guidelines), the EU AI Act (Regulation 2024/1689) and EU public procurement and digital sovereignty rules reflects an assessment based on the versions currently in force (as of April 2026; sources: eur-lex.europa.eu, enisa.europa.eu). It does not replace individual advice on procurement, data protection or IT security law. For a binding assessment of your specific situation please consult your IT security team, your data protection officer, your procurement lead and/or external counsel.

Start now.
14 days free trial.

All models. All features. No credit card.

Start for freeHow it works

We stand behind anymize. And we know – when an AI tool touches client, patient or employee data, a demo video isn't enough. That's why we give you 14 days of full access – all models, all features, no credit card. Enough time to be certain, before you trust us.

Your AI workplace awaits.