AI Transparency Notice
Last updated: 12 February 2026How We Use Artificial Intelligence
Varangian Group Ltd uses artificial intelligence (AI) and large language models (LLMs) as part of our cybersecurity services and internal operations. This notice explains how AI is used, in compliance with the EU AI Act (Regulation 2024/1689) Article 50 transparency obligations.
AI in Our Services
Cyber Threat Intelligence
We use locally-hosted AI models to assist with:
- Language translation — Translating dark web content from Russian, Chinese, Arabic, and other languages into English
- Classification — Categorising threat intelligence by type, severity, and relevance
- Entity extraction — Identifying indicators of compromise (IOCs) such as IP addresses, domains, and malware hashes within unstructured text
- Summarisation — Generating draft summaries of threat intelligence for analyst review
- TTP mapping — Mapping observed threat activity to the MITRE ATT&CK framework
All AI-generated intelligence products are reviewed by a human analyst before dissemination to clients. AI assists our analysts; it does not replace them.
Security Assessments
AI tools may be used to assist with:
- Code analysis and vulnerability identification
- Automated reconnaissance during authorised assessments
- Report drafting assistance
All findings are validated by qualified security professionals. AI-identified findings that cannot be manually verified are not included in deliverables.
AI on This Website
- This website does not use an AI chatbot or virtual assistant
- Website content is authored and reviewed by human professionals. Where AI tools assist in content drafting, the content is reviewed and approved by a human before publication
- We do not use AI for automated decision-making that produces legal or similarly significant effects on website visitors
[If a chatbot is later added, update this section to state: "This website uses an AI-powered chat assistant to help answer your questions. You are interacting with an artificial intelligence system, not a human. A human team member is available upon request."]
Data Protection
AI models used in our operations are hosted locally on our own infrastructure in the United Kingdom. No personal data is sent to third-party AI providers (such as OpenAI, Google, or Anthropic cloud APIs) for processing.
Data processed by our AI systems is subject to the same data protection safeguards described in our Privacy Policy, including encryption, access controls, and retention limits.
Limitations of AI
We acknowledge that AI systems:
- Can produce inaccurate or misleading outputs (sometimes called "hallucinations")
- May not fully understand context, nuance, or the implications of their outputs
- Require human oversight to ensure quality and accuracy
- Are tools that augment human expertise, not substitutes for it
This is why human review is a mandatory step in all our AI-assisted workflows before any output is delivered to clients or published.
Your Rights
If you have concerns about how AI is used in processing your personal data, you have the right to:
- Request information about how AI was used in processing your data
- Object to AI-assisted processing under UK GDPR Article 21
- Request human review of any decision that significantly affects you
Contact: privacy@varangian.ai
Updates
As AI technology and regulation evolve, we will update this notice. The EU AI Act's Article 50 transparency obligations become fully enforceable in August 2026. We are committed to compliance ahead of this deadline.