AI in Mirox — Frequently Asked Questions

Running AI on top of critical infrastructure raises fair questions, and a cautious plant operator deserves precise answers rather than reassurance. This page explains where your data goes, whether the AI learns from it, what the assistant can and cannot do, and how every action it takes stays bounded by your own permissions. For how the features work day to day, see the AI Assistant & Wizards page.

1. Who or what is accessing my data when I use the AI?

By default, the model runs on the Mirox AI infrastructure — models hosted on Mirox-operated infrastructure in Germany (EU). When you ask the assistant something, it borrows your permissions and nothing more. It can read and propose exactly what you could yourself, and it can never see another customer's data or a plant you are not authorized for. The same access checks that govern the interface and the REST API govern every action the AI takes.

2. Where does my data go — does it leave Europe?

With the default configuration, requests are served from Mirox-operated infrastructure in Germany, so your data stays within the EU. Your data leaves this default path only if your organization's administrator deliberately configures an external provider (OpenAI or Anthropic). In that case requests go to the chosen provider under that provider's own terms. The choice is yours to make and yours to reverse; until you make it, the Mirox AI is what answers.

3. Is my data used to train the AI? Will it get smarter from my data?

The default Mirox AI is a fixed, off-the-shelf model that is never trained or fine-tuned on your data. It does not learn from your plants, your documents, or your conversations. When the assistant becomes more capable over time, that comes from better platform integration — new tools and cleaner data the model can draw on — not from learning on your content. (For external providers you configure yourself, training and retention are governed by that provider's agreement, not by Mirox.)

4. Can the AI change anything on its own?

No. Every change the AI prepares follows a propose-then-apply pattern: it stages a proposal, and nothing is written until you explicitly review and approve it. You stay the decision-maker. A small set of background helpers do run automatically — file auto-tagging (deriving a category, summary, and keywords for an uploaded document), access-session summaries (short activity notes on browser-proxy sessions), and device identification (recognizing equipment from packaged fingerprint evidence). These only add non-destructive metadata; they never delete or overwrite your records, and their results are reviewable afterwards.

5. Can the AI operate my plant equipment — inverters, PLCs, switches, routers, dataloggers?

No. The AI's capability catalog simply contains no function that commands a field device. There is no tool to switch, reboot, restart, curtail, set a setpoint on, or otherwise control an inverter, PLC/SPS controller, network switch, router, or datalogger. The assistant can read measurements and draft changes to platform records — that is the full extent of what it can do. Even the VPN diagnosis helper described below edits a configuration record for your approval; it does not send a command to any hardware.

6. Does the AI have a direct line to my plant network?

No. The AI has no network connection to your site. It works only with data the platform has already collected and stored — metrics, events, documents, configuration records. It cannot open a tunnel, reach a device's web interface, or touch your local network. Remote access to a plant network is a separate, human-operated capability with its own strict controls; see the Personal VPN and Browser Proxy features.

7. Can the AI see passwords, VPN keys, or device credentials?

Never. Secrets are excluded from every AI capability. No tool returns a private key, a password, a preshared key, an API token, or any other credential to the model. The VPN diagnosis helper works from connection logs and a small allow-list of configuration fields only — it never sees the keys behind the connection.

8. How can I see what the AI did?

Every wizard run is persisted together with its full reasoning transcript, the list of actions it proposed, and your accept-or-reject decision on each one. You can revisit a completed run and read exactly how the AI reached its proposals. Your chat conversations are likewise saved to your account so you can scroll back through them. Where AI work runs automatically in the background, it also runs as a reviewable wizard, and its activity surfaces in the access audit trail.

9. Will the AI run unsupervised?

Interactive work is supervised — propose-then-apply, with you approving each change. The named background helpers (file auto-tagging, access-session summaries, device identification) do run automatically without you starting them, but they are non-destructive metadata enrichment and remain reviewable. Nothing that changes your plant records is applied without a human decision.

10. What does AI usage cost?

Using the default Mirox AI is included in your plan — no separate AI account or key is required. If your organization instead configures its own external provider, that provider's token usage is paid by your organization additionally, on top of the plan, billed by the provider on your organization's account.

11. Can I see how much AI my organization uses?

Yes. Each member can see their own usage — requests, input and output tokens, and the resulting spend — for any time window. Organization administrators get an organization-wide overview: total successful and failed requests, tokens in and out, spend, the top members and top plants by usage and spend, and the total number of conversations. This keeps adoption and cost transparent across the whole organization.

12. Can I choose which model is used?

Yes, at the organization level. An administrator selects the provider and, optionally, a specific pinned model in the organization's AI settings; leaving the model blank uses the provider's default, and changing the provider resets any pinned model. This is a central, admin-only choice that applies to every member — there is no per-chat model picker for individual users.

13. How do I restrict the AI from my data?

There is no dedicated "AI off" toggle, and that is by design: the AI has no access of its own. It only ever borrows the permissions of the person using it, so the lever is the person, not a separate switch. Restrict someone's organization role and per-plant job roles and the AI is restricted in exactly the same way. An administrator can additionally choose not to configure any external provider, keeping AI on the default Mirox path. Role mechanics live on the permission system page.

14. How does the AI know my data when I ask something?

It calls the same platform functions your browser uses, carrying your identity and your permissions. The assistant has a curated set of read capabilities — your plants, portfolios, devices, events, tickets, metrics, documents, and storage — plus the propose-only draft tools described above. When it needs something not covered by a dedicated capability, it can reach the rest of the platform only in read-only mode, and only for data you are allowed to see. The deeper mechanics are described on the Agentic Access (MCP) page.

15. Can I just chat with it?

Yes. You have private conversations that only you can see, with full history you can browse, rename, and delete at any time, plus a bulk cleanup to clear all of your own chats at once. You can attach a document — a datasheet, a screenshot, a report — and ask the assistant about it. Attachments are stored securely and tied to your conversation.

16. Can the AI automate my workflows?

Yes, through guided wizards, each with approval gates. The platform offers wizards to onboard a new plant from its documents, verify a plant's information against its paperwork, file and tag uploaded documents into storage, and diagnose a misbehaving plant VPN by proposing a safe configuration fix. Every wizard that changes data proposes its work for your review first; the VPN wizard in particular never regenerates keys or certificates. See the wizard catalog on the AI Assistant & Wizards page.

17. Is Mirox AI aligned with KRITIS and NIS2 requirements?

The platform is designed to meet German KRITIS and EU NIS2 remote-access logging requirements. Because the AI operates only within your permissions and through the platform's normal functions, its activity is captured by the same controls as the rest of the platform: wizard transcripts record what was proposed and approved, and remote access to plant devices is recorded in the access audit log. Audit records cannot be edited or deleted by users.

  • AI Assistant & Wizards — the chat assistant and the guided wizards, and how they stay within your permissions
  • Agentic Access (MCP) — how external AI tools reach your data under your exact access rights
  • Permission System — the roles and cooperations that bound everything the AI can see and do
  • Audit Logging — where automated AI activity and remote access surface for compliance review
MIT Licensed | Copyright 2026 Mirox Verwaltungs GmbH | Privacy