From da8560222216769ab294f6851fce19fa62dc78b4 Mon Sep 17 00:00:00 2001 From: Nick O'Leary Date: Tue, 12 May 2026 10:34:09 +0100 Subject: [PATCH 1/2] Clarify customer data usage guidelines for AI Revised conditions for customer data usage with AI systems, including clarifications on permitted and prohibited uses. --- .../security/ai-development-and-customer-data.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/handbook/company/security/ai-development-and-customer-data.md b/src/handbook/company/security/ai-development-and-customer-data.md index 7420963cf7..8153d13b43 100644 --- a/src/handbook/company/security/ai-development-and-customer-data.md +++ b/src/handbook/company/security/ai-development-and-customer-data.md @@ -47,15 +47,13 @@ Apply the same data protection, security, and review standards to internal AI us Customer data may be used with AI systems only under the following conditions: -1. Use customer data solely to provide the requested product functionality. -2. Ensure all AI processing of customer data follows existing access controls, logging, and security policies. +1. Providing the requested product functionality. +2. Following existing access controls, logging, and security policies. Customer data is not used for the following purposes: -1. Do not use customer data to train shared, public, or cross-customer AI models. -2. FlowFuse does not train AI models on customer data. -3. Do not use customer data for internal experimentation unrelated to a customer’s use case. -4. Do not use customer data to improve general-purpose AI model behavior. +1. Training shared, public, or cross-customer AI models. +2. Internal experimentation unrelated to a customer’s use case. Customer data remains owned and controlled by the customer at all times. From 0f1c16119b95dfef3b0ccff8b568d6f0e004fa76 Mon Sep 17 00:00:00 2001 From: Nick O'Leary Date: Tue, 12 May 2026 10:55:46 +0100 Subject: [PATCH 2/2] Revise AI Development and Customer Data Policy Updated policy owner effective date and clarified customer data usage guidelines. --- .../security/ai-development-and-customer-data.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/src/handbook/company/security/ai-development-and-customer-data.md b/src/handbook/company/security/ai-development-and-customer-data.md index 8153d13b43..bfad1acfba 100644 --- a/src/handbook/company/security/ai-development-and-customer-data.md +++ b/src/handbook/company/security/ai-development-and-customer-data.md @@ -6,7 +6,7 @@ navTitle: AI Development and Customer Data Policy | Policy owner | Effective date | | ------------ | -------------- | -| @knolleary | 2026-02-18 | +| @knolleary | 2026-05-12 | ## Purpose @@ -45,17 +45,14 @@ Apply the same data protection, security, and review standards to internal AI us ## Customer Data Usage +Customer data remains owned and controlled by the customer at all times. + Customer data may be used with AI systems only under the following conditions: -1. Providing the requested product functionality. +1. In order to provide the requested product functionality. 2. Following existing access controls, logging, and security policies. -Customer data is not used for the following purposes: - -1. Training shared, public, or cross-customer AI models. -2. Internal experimentation unrelated to a customer’s use case. - -Customer data remains owned and controlled by the customer at all times. +Whilst we reserve the right to use interactions with the platform to help improve the product, this does not extend to using customer data to train AI models. ## Internal Data vs Customer Data @@ -64,7 +61,7 @@ Customer data remains owned and controlled by the customer at all times. - Prompt development - Evaluation and testing of AI features -2. Do not repurpose customer data for internal AI development or testing, even if anonymized, without explicit approval. +2. Do not repurpose customer data for internal AI development or testing without explicit approval. ## Third-Party AI Services