Android Exploits — EU AI Act Compliance & Transparency

Statement

Introduction

At SarotecK Inh. Sascha Roth, we are committed to complying with all applicable laws and regulations, including the forthcoming EU Artificial Intelligence Act (AI Act). Our application, Android Exploits, provides tools and functionalities for ethical security testing on Android devices and URL content evaluation for potential risks. We recognize the importance of responsible AI development and usage, and our goal is to ensure that Android Exploits meets the highest standards of safety, transparency, and accountability.

Scope of the Application

Android Exploits is designed to enable general consumer users to detect vulnerabilities in Android applications and devices and to evaluate the content of URLs for security risks. This product is not intended for malicious exploitation. Consequently, we focus on:

• Security & Privacy – The application should only be used in compliance with relevant data protection laws and ethical guidelines to safeguard personal data.

Risk Classification (Under the EU AI Act)

The forthcoming EU AI Act categorizes AI systems by levels of risk (Unacceptable, High, Limited, or Minimal). While the final details are pending at the time of drafting, Android Exploits is designed to fall under a category that is likely to be considered limited or minimal risk, as it:

• Performs specialized tasks for general consumer use and provides non-autonomous AI analysis of URLs but just informs users about risk and doesn’t perform any action on its own.
• Does not make decisions that may impact fundamental human rights (e.g., law enforcement, medical decisions, etc.).
• Requires human oversight to interpret results and take action.

Ethical & Legal Use

Authorized Usage Only

• Users of Android Exploits must agree they have proper authorization (legal/contractual consent) to conduct security testing or analyze URLs.
• Unauthorized or malicious usage of the application is strictly prohibited.

Transparency & Explainability

• Android Exploits provides logs and evidence-based outputs describing potential security vulnerabilities, exploit details, and URL analysis results.
• The URL Content Evaluation feature evaluates URLs and provides a corresponding security score. The scoring methodology is transparent, enabling users to understand the results and take appropriate action.

Data Protection & Privacy

• We follow the principle of data minimization:
  • For security testing, only the minimum necessary data is collected and processed to perform the tests.
  • For URL Content Evaluation, only the host domain and resulting score are stored anonymously. Full URLs, query parameters, and paths are not stored.
• Logs and test data generated by the application are stored locally on the device unless the user exports it in an encrypted way only SarotecK Inh. Sascha Roth can decrypt.
• Any personal data encountered through usage of Android Exploits must be handled in compliance with GDPR and other applicable data protection regulations.

Human Oversight & Accountability

• Users must assume responsibility for any actions arising from the use of Android Exploits, including compliance with legal requirements for security testing and URL analysis.
• We maintain a clear and accessible channel for vulnerability disclosure and user feedback, and we strongly encourage ethical behavior within our user community.

Ongoing Compliance Efforts

Monitoring Regulatory Developments

• Continuously review updates to the EU AI Act and related guidance to ensure our compliance measures remain up to date.

Regular Risk Assessments

• Perform periodic audits of Android Exploits to identify potential risks and to update our control measures or disclaimers as necessary.
• Evaluate the AI-Powered Content Evaluation feature to ensure scoring models remain accurate, unbiased, and compliant with regulatory requirements.

Training & Awareness

• Provide resources (e.g., user manuals, code of conduct) explaining the ethical and legal implications of using Android Exploits.
• Offer training on the proper use of the AI-Powered Content Evaluation feature, emphasizing its limitations and the importance of human oversight.

Conclusion

SarotecK Inh. Sascha Roth recognizes the responsibility that comes with developing and distributing an AI-driven security testing and URL evaluation tool. Through ongoing compliance efforts, regular risk assessments, and clear user guidance, Android Exploits is committed to aligning with the spirit and letter of the forthcoming EU AI Act.

Last Updated: 01.12.2025