How TickAI works — and what we do with your data
A compliance tool has to be trustworthy itself. Here's exactly how we detect AI content, what we store, and the legal thinking behind our guidance.
How we detect AI content
Evidence first, a human always in the loop. We never guess from pixels alone.
1. We read provenance signals first
Before anything else, we read the hidden signals already inside a file: C2PA / Content Credentials manifests, EXIF/IPTC/XMP metadata that names a generative tool, and SynthID-style signals where a tool discloses them. These are the strongest, most objective evidence that AI was involved.
2. AI triage suggests — it never decides
Where provenance is silent, our analysis suggests whether an image looks realistic enough to matter, or is clearly stylised or only lightly edited. It's a suggestion with the reasoning attached, not a verdict.
3. A person confirms every call
Nothing is published on the strength of a guess. Your team reviews each flagged item, sees the evidence we found, and makes the final decision. Every decision is written to an append-only audit trail.
What we store, and for how long
The short version: as little as we can, for no longer than we need.
Free scans are kept for 14 days
A free scan runs against publicly accessible content only. We keep the report for 14 days so you can come back to it, then it's deleted. No account or email is needed to run one.
Your review history is append-only
Once you have an account, every review decision is logged and can't be edited or deleted — that log is your evidence that each asset was actually reviewed.
Live labels are reversible and in your control
The disclosure overlay is served by a lightweight snippet — no changes to your source files, fully removable at any time. You choose whether labels show to everyone or only to EU visitors.
Full details are in our Privacy Policy and Data Processing Agreement.
The legal thinking behind our guidance
TickAI is built around Article 50 of the EU AI Act — mainly Article 50(4), the duty to disclose certain AI-generated or AI-manipulated content. We deliberately don't push blanket labelling: the law is narrower than a lot of compliance marketing suggests, and the real question is which realistic, potentially misleading assets plausibly need a disclosure. Our job is to help you identify those, decide, and keep documented evidence of your decisions.
TickAI provides tooling and general information, not legal advice, and Article 50 isn't the whole picture — the UCPD, Consumer Rights Directive and DSA may also apply to your content. Read our note on this.

