What is ActHub
ActHub is a turnkey toolkit for EU AI Act compliance, designed for small businesses, agencies, and SaaS founders. It maps each obligation under Article 50 to a practical tool you can use today. ActHub is part of the SevinHub product family.
It is built in PHP 8 and MySQL. Frontend is Tailwind CSS plus Alpine.js. No build step is required at runtime. No mandatory external services.
Install
Requirements: PHP 8.1 or later, MySQL 5.7 or later (or MariaDB 10.4+), the pdo_mysql, zip, gd, curl, and mbstring extensions.
- Upload the ActHub folder to your web root, for example
/var/www/acthub/orpublic_html/acthub/. - Create a MySQL database and user. Note the credentials.
- Edit
config.local.phpwith your database credentials, app URL, and secrets. The installer generates these for you on a fresh install. - Visit
/acthub/install/install.phpin your browser. The installer creates 11 tables, seeds 15 templates, creates the admin account, and creates a demo account with a fully populated example organisation. - Log in at
/acthub/login.php.
For nginx, copy the route block from the dual-deploy guide into your sites-enabled/default, then run nginx -t && systemctl reload nginx.
Accounts and roles
ActHub ships with three account types after install.
| Role | Notes |
|---|---|
| admin | Full access. The installer generates the admin password and shows it once at the end of the install. Change it after first login. |
| demo | Read-only try-out account (demo@sevinhub.com / demo2026). Writes are intercepted with a friendly flash message. |
| user | Regular accounts created through signup. |
Demo mode
Any user with role=demo goes into demo mode. Auth::blockDemoWrites() intercepts every POST and shows a flash that says "Demo mode: your changes are not saved." The demo account is intended for prospects to try the product without committing.
AI Inventory
The Inventory is the heart of the product. Each AI system you use becomes one row.
Fields recorded per system: name, vendor, category, role (provider, deployer, distributor, importer, end user), purpose, triggers (interacts with humans, generates content, deepfake, emotion or biometric, public interest), data types, user count, risk tier, status, evidence URL, notes.
You can quick-add from a library of 35 preset vendors (ChatGPT, Claude, Gemini, Midjourney, Intercom, Notion AI, and so on). Each preset arrives with sensible defaults for category and role, which you can refine after.
Risk Wizard
Per system, six guided questions in three blocks.
- Article 5 prohibited uses. Any tick makes the system prohibited.
- Annex III high risk categories. Any tick makes the system high risk.
- Article 50 transparency triggers. Any tick makes the system at least limited risk.
Output is one of four tiers (prohibited, high, limited, minimal) plus a plain-language action list and the relevant deadline.
Article 50 Checklist
25 items across six categories: inventory, classification, transparency, governance, evidence, people. Each item can be marked pending, in progress, done, or not applicable. You can attach an evidence URL and notes per item. The dashboard shows your overall percentage.
Disclosure Widgets
Generate a JavaScript embed for any of the four Article 50 triggers: chatbot, voice, content, deepfake, emotion. The widget is one line of code that you paste in the footer of your site.
<script async src="https://sevinhub.com/acthub/embed/disclosure.js" data-acthub="YOUR_EMBED_KEY"></script>
It fetches the widget config from /api/widget-data.php?key=<key>, injects styles, renders a floating badge in the configured position, and counts shows.
You can change the message, position, language, theme, and status from the admin Widgets page without re-pasting the snippet.
Transparency Page
One public page per organisation, generated from your inventory. URL pattern: /acthub/t/<your-slug>. Customise the slug, the brand colour, and the contact emails. Toggle published on or off.
Compliance Dossier
The dossier is a print-ready HTML view containing your organisation overview, every AI system, every active disclosure, every checklist item with evidence and notes, plus a signature panel. Use your browser's Print menu and pick "Save as PDF" to export. The print stylesheet is optimised for A4 with 18mm margins.
Templates Library
15 templates across five EU languages. Categories: disclosure (chatbot, voice, content), policy (employee AI, training), vendor questionnaire, dossier (cover letter, incident report), page (transparency intro). Each template has a copy button and ASCII-clean placeholders you replace with your details.
BYOK AI Drafter
Bring your own key for OpenAI (gpt-4o-mini), Anthropic (Claude Haiku 4.5), or 1min.ai (Gemini Flash). Keys are stored AES-256-GCM encrypted at rest. Calls go server-to-provider with your bearer header. No content logged.
Useful prompts: "Write a chatbot disclosure for a Polish boutique in formal Polish.", "Draft an internal AI usage policy for an 8 person agency.", "Compose a customer notice about adding AI-drafted support replies."
Admin panel
Available to users with role=admin. Shows top-line KPIs, the latest 50 users with plan switcher, the global settings editor, recent leads from the free self-check, and the audit log.
Settings
Per-user: name, password. Per-org: display name, legal name, domain, country, industry, employees, role flags (provider, deployer, EU-offering).
Global settings: per-plan system limits, public_signups, maintenance, eu_deadline.
Audit log
Every meaningful action is logged: login, logout, password change, signup, system added, system updated, system deleted, risk classified, checklist updated, disclosure created, transparency updated, dossier saved, AI draft generated.
Updates
Visit /install/update.php?token=<your update_token>. The token is in config.local.php. The endpoint will, in a future release, fetch the next version from a remote channel, back up the install, extract preserving config + uploads + data, and run additive migrations.
URL routes
| Route | What it serves |
|---|---|
/acthub/ | Public landing page with countdown, features, FAQ. |
/acthub/check.php | Free 10 question AI Act self-check. |
/acthub/pricing.php | Plans and pricing. |
/acthub/features.html | Sales/marketing feature page. |
/acthub/learn/ | Long-form guides (5 articles). |
/acthub/login.php | Login form. |
/acthub/signup.php | Signup form. |
/acthub/app/dashboard.php | Logged-in dashboard. |
/acthub/app/inventory.php | AI inventory list and quick-add. |
/acthub/app/inventory_edit.php | Add or edit a single system. |
/acthub/app/wizard.php | Risk tier wizard. |
/acthub/app/checklist.php | Article 50 checklist. |
/acthub/app/widgets.php | Disclosure widgets management. |
/acthub/app/transparency.php | Public page settings. |
/acthub/app/dossier.php | PDF dossier viewer and snapshot. |
/acthub/app/templates.php | Templates library. |
/acthub/app/ai_assistant.php | BYOK AI drafter. |
/acthub/app/settings.php | User and org settings. |
/acthub/app/admin.php | Admin panel (admin role only). |
/acthub/api/widget-data.php | Widget configuration and event endpoint. |
/acthub/embed/disclosure.js | Public widget script for customer sites. |
/acthub/t/<slug> | Public transparency page per organisation. |
/acthub/sitemap.xml | Sitemap for search engines. |
/acthub/robots.txt | Crawler rules. |
/acthub/llms.txt | Compact summary for AI search engines. |
Database tables
All tables use the ah_ prefix. InnoDB. utf8mb4.
ah_users(id, email, password_hash, name, role, plan, org_id, remember_token, reset_token, reset_expires, last_login, created_at)ah_organizations(id, owner_id, name, legal_name, domain, country, industry, employees, is_eu_offering, is_provider, is_deployer, transparency_slug, transparency_published, brand_color, contact_email, contact_dpo, created_at)ah_ai_systems(id, org_id, name, vendor, category, purpose, role, interacts_humans, generates_content, emotion_or_biometric, is_deepfake, is_public_interest, data_types, user_count, risk_tier, status, evidence_url, notes, created_by, created_at, updated_at)ah_disclosures(id, org_id, system_id, type, language, location, message, position, theme, status, embed_key, shows_count, created_at)ah_checklist_items(id, org_id, item_key, category, status, evidence_url, notes, completed_at, created_at)ah_dossiers(id, org_id, version, file_path, generated_by, snapshot_json, generated_at)ah_templates(id, slug, category, language, title, body, variables_json, is_premium, created_at)ah_settings(id, scope, scope_id, k, v, is_encrypted, updated_at)ah_audit_log(id, org_id, user_id, action, target_type, target_id, ip, meta_json, created_at)ah_leads(id, email, source, exposure_score, answers_json, ip, created_at)ah_widget_events(id, disclosure_id, event_type, page_url, user_agent_hash, created_at)
File permissions
| Path | Owner | Perms |
|---|---|---|
config.local.php | www-data | 600 |
data/ | www-data | 755 |
install/installed.lock | www-data | 644 |
Troubleshooting
Page renders unstyled, only text shows
Tailwind CSS did not load. Check that assets/css/tailwind.css returns 200. If you changed the theme, rebuild with npm run build:css.
Login redirects back to login
Session cookies are not being set. Check that session.cookie_secure is not forcing HTTPS on a plain HTTP install. Inspect the cookie header in your browser's network panel.
Widget script is loaded but no banner appears
The widget config might be in draft or disabled status. Check the Widgets page and set it to Active.
Dossier print page is blank
The route /app/dossier.php?print=1 needs to render only the print body. Confirm the script tag with browser print fallback shows the print button.
FAQ
Is ActHub legal advice?
No. ActHub is a preparation tool. For binding legal opinions, especially on high risk systems, consult a qualified lawyer.
Do I need to deploy anywhere special?
Standard LAMP or LEMP works. The Hub ships dual-deploy notes for VPS plus cPanel in the SevinHub family.
Where is data stored?
Wherever you host. ActHub by SevinHub runs on European infrastructure by default.