TL;DR: dopomo.pl is a live AI assistant that helps migrants in Poland work through immigration procedures in their own language. The chat is the easy part. What makes it a system we can run, rather than a demo, is everything underneath: answers grounded in official Polish sources, a grounding check that flags anything it can't cite, EU data residency, GDPR and EU AI Act work done properly, encryption of sensitive IDs, monitoring, a retrieval-quality evaluation in CI, and a paralegal sign-off on legal content. It's our own product, and the clearest example of how we build for clients.
Picture arriving in Poland from Ukraine. You have a narrow window to register for temporary protection, your right to stay depends on a PESEL number you don't have yet, and the official guidance is written in legal Polish. The stakes are real. A missed deadline can cost you your legal status. The information exists, but it's spread across government sites, in a language you may not read, written for people who already understand the system.
That is the problem dopomo.pl was built to solve. It's a multilingual assistant that guides people through Polish immigration procedures: temporary protection and CUKR, residence cards, PESEL, work permits. It works in Ukrainian, Russian, Polish and English, and the user picks the language instead of the app guessing.
We built it, we own it, and we run it in production. On our own site we call it Client Zero, because before we sold this kind of work to anyone, we wanted to prove we could do it on a product of our own. What follows is the honest version of what that took.
The hard part isn't the chat
You can wire a language model to a chat box over a weekend. It will answer immigration questions fluently, and some of those answers will be wrong. In most products a wrong answer is an annoyance. Here it can send someone to the wrong office, with the wrong documents, against a deadline they can no longer meet.
So the decision that shaped everything came first: dopomo.pl gives information, not legal decisions, and it only says things it can back up.
Answers grounded in official sources
Every answer is drawn from a knowledge base built out of official Polish government sources, through retrieval. The model doesn't reply from memory. It pulls the relevant source material first, then answers from that.
On top of that sits a grounding check. After the model drafts a response, a second step audits it against the retrieved sources and flags any claim that isn't supported. If something can't be cited, it isn't presented as fact. The user gets guidance they can trace back to where it came from, instead of a confident guess.
We track how well this holds up with a retrieval-quality evaluation harness, which I'll come back to. The design goal is plain: the system would rather say less than say something it can't support.
It refuses what it shouldn't touch
Knowing the limits of the product was part of the build, not a patch afterwards. Asylum is a legal process with serious consequences, and it sits outside what an information tool should handle. So dopomo.pl declines asylum questions and refers people to the bodies meant to handle them, such as UNHCR and the Office for Foreigners (UdSC). A tool that knows what it is not for is safer than one that tries to answer everything.
What turns it from a demo into a system
This is the part we are proud of, and the part most "AI products" skip. The chat interface is a small fraction of the work. Underneath it is the same engineering we bring to client projects.
Data stays in the EU
People using dopomo.pl share sensitive details about their immigration status. That data shouldn't leave the EU, so it doesn't. The AI runs on two EU-hosted providers, Google Vertex with Gemini and AWS Bedrock, both serving from EU regions. Running two also means the product isn't hostage to a single vendor's outage.
Compliance, with the paperwork to back it
GDPR here is real work, not a banner. There's a data protection impact assessment (DPIA), records of processing, and working data-subject rights, including erasure. Sensitive identifiers are encrypted at the field level, so a number like a PESEL is protected specifically, rather than just sitting inside a generally secured database.
The EU AI Act gets the same treatment. We ran a formal assessment of where dopomo.pl falls under the Act and concluded it is not a high-risk system, and we keep that assessment on file rather than assuming. Anyone using it sees a clear notice in the chat that they are talking to an AI. If you want the plain version of what the AI Act asks of smaller companies, we wrote one: EU AI Act compliance for small business.
You can see what it's doing
You can't run what you can't see. dopomo.pl reports errors through Sentry with personal data scrubbed before it leaves the app, traces requests with OpenTelemetry, and raises CloudWatch alarms when something drifts. Analytics are cookieless. When a problem starts, we hear it from a dashboard, not from a user.
Quality gates on every change
A retrieval-quality evaluation harness runs in CI. Before a change ships, it checks that the assistant still answers a battery of real questions correctly against the knowledge base. We talk about accuracy as a number we see in our evaluation harness, never as a promise to users. Retrieval quality moves as sources and questions change, so we'd rather describe the method than wave a single figure around.
The rest of the gate is what you'd expect from software meant to last: strict TypeScript, unit and integration tests, end-to-end and visual tests, and architecture fitness rules that fail the build when the structure drifts from the design. Performance is held to Lighthouse budgets, so the site stays fast on the cheap phones and slow connections many of its users actually have.
Two checks are specific to this product. Legal content passes a paralegal sign-off before it goes live, so a person with the right training reviews what the system will tell people about the law. And every code change gets an independent AI code review on top of a human one. That second review is part of how we run development across the studio, where a fleet of AI development agents (we call it agent-farm) works in parallel under safety controls that escalate to a person at the edges instead of guessing.
Infrastructure you can rebuild
It all runs on AWS, using ECS, CloudFront, managed Postgres and a vector database, with the whole setup defined in Terraform and secrets rotated rather than pasted into a config. If we had to rebuild the environment, we'd run the code, not reconstruct it from memory. The product is also a per-locale site with hreflang and structured data, and it installs as a PWA, so it's reachable and findable in each language it speaks.