Legal

Terms of Service

Last updated: April 2026 · These terms govern your use of the RegShield platform and services.

Please read these Terms carefully. By accessing or using RegShield, you agree to be bound by these Terms of Service. If you do not agree, do not use our services.

1. Who We Are

RegShield is an AI-powered regulatory compliance platform designed for Luxembourg-regulated investment funds, including AIFs, ELTIFs, and private equity structures. The platform is operated by Lucas Carneiro, trading as RegShield, based in Luxembourg.

Contact: Regshieldlu@gmail.com

2. Services Provided

RegShield provides the following services to fund managers and compliance officers:

Regulatory intelligence monitoring (CSSF, ESMA, EBA, Legilux)
AI-powered investor suitability assessments (MiFID II Article 25)
Behavioural AML risk scoring
Investor onboarding workflow management
Immutable audit log and DORA compliance tools
Intelligent document processing
Investor communication management

RegShield is a technology tool and does not provide legal, financial, or regulatory advice. All compliance decisions remain the responsibility of the fund manager and their appointed compliance officers.

3. Eligibility

RegShield is intended exclusively for:

Licensed fund managers and management companies (ManCos) in Luxembourg
Authorised alternative investment fund managers (AIFMs)
Compliance officers and legal professionals acting on behalf of regulated entities

By using RegShield, you confirm that you are acting in a professional capacity on behalf of a regulated entity and that you have the authority to enter into these Terms.

4. Account Access and Security

Access to the RegShield platform requires account credentials provided by RegShield. You are responsible for:

Keeping your credentials confidential
All actions taken under your account
Notifying RegShield immediately of any unauthorised access
Ensuring only authorised personnel access the platform

5. AI-Powered Features and Human Oversight

RegShield uses artificial intelligence for suitability assessments, AML risk scoring, and regulatory impact analysis. In accordance with the EU AI Act and GDPR Article 22:

No fully automated decisions with legal effect are made without human review
Compliance officers retain full authority to override AI determinations
All AI decisions are logged with reasoning and confidence explanations (EU AI Act Article 13)
Investors have the right to request human review of any automated assessment

Important: RegShield's AI outputs are advisory only. Fund managers and compliance officers are solely responsible for final compliance decisions and regulatory submissions.

6. Data Protection and GDPR

RegShield processes personal data in accordance with Regulation (EU) 2016/679 (GDPR), Luxembourg data protection law, and CSSF data governance requirements. Key commitments:

All data is processed within the European Union (Hetzner data centre, EU jurisdiction)
Investor personal data is pseudonymised using a unique pseudo_id system
GDPR erasure requests are supported — personal data can be wiped while preserving the audit trail
No investor data is used for AI model training
Data Processing Agreements (DPAs) are available on request

For full details, see our Privacy Policy.

7. Audit Log and Immutability

RegShield maintains an immutable, cryptographically signed audit log of all compliance actions. This log cannot be deleted or modified once written, is protected by a hash chain, meets DORA Article 17 ICT record-keeping requirements, and may be used as evidence in regulatory inspections.

By using RegShield, you acknowledge that all actions taken on the platform are permanently recorded.

8. Acceptable Use

You agree not to use RegShield for any unlawful purpose, attempt to bypass security features, input false or misleading information, share credentials with unauthorised parties, or attempt to reverse engineer the platform.

9. Intellectual Property

All software, algorithms, prompts, user interface designs, and documentation comprising RegShield are the intellectual property of RegShield and its founders. You are granted a limited, non-exclusive, non-transferable licence to use the platform for your internal compliance purposes only.

10. Limitation of Liability

To the maximum extent permitted by Luxembourg law, RegShield is provided "as is" without warranties of any kind. RegShield shall not be liable for regulatory penalties arising from your use of the platform. RegShield's total liability shall not exceed the fees paid in the three months preceding the claim.

Regulatory responsibility: RegShield does not replace your obligation to maintain qualified compliance staff. The platform is a tool to assist compliance officers, not a substitute for professional judgement.

11. Governing Law

These Terms are governed by the laws of the Grand Duchy of Luxembourg. Any disputes shall be subject to the exclusive jurisdiction of the courts of Luxembourg City.

12. Changes to These Terms

RegShield may update these Terms from time to time. We will notify active users by email at least 14 days before significant changes take effect.

13. Contact

RegShield · Luxembourg · Regshieldlu@gmail.com