At Anecdotes, we believe that AI should empower users without ever compromising trust, privacy, or security.
As we integrate AI capabilities into our platform, we follow the three foundational commitments:
- No Customer Data for Model Training
- We do not use customer data, metadata, or any other proprietary or user-generated information to train, fine-tune, or otherwise improve underlying large language models (LLMs).
- Use of Trusted Cloud AI Infrastructure
We leverage Google Vertex AI to enable AI functionality within our product. Vertex AI provides enterprise-grade security, privacy controls, and compliance certifications aligned with international standards.
Security by Design
AI features are architected under the same robust security, privacy, and compliance practices that govern all other parts of our platform.
Our Approach to AI
We use AI to enhance user experiences in ways that are safe, transparent, and secure. Customer interactions generate (based on their selections) structured prompts that are securely sent to Google Vertex AI.
AI features support our customers by:
- Streamlining workflows.
- Summarising and interpreting user-selected information.
- Providing predictive insights where appropriate.
Protecting Your Data
- No Training with Customer Data: Neither Anecdotes nor Google uses our customer data to train or improve AI models.
- Data Minimisation: Only information relevant to delivering the user expected performance or response is sent to AI services with unnecessary data not consumed.
- End-to-End Encryption: Data is encrypted during transmission and storage.
Built-In Security at Every Step
- Secure API Connections: All AI service communications are authenticated and monitored.
- Input and Output Controls: User Generated Content (UGC) is parsed by Model Armour to protect against prompt injection, sensitive data leaks, and harmful content.
- Monitoring and Response: AI activities are continuously monitored and our security team response to any activity triggers, alerts or anomalous behaviours.
Compliance Matters
- ISO/IEC 42001 (AI Management System) Aligned: We manage AI risks following international best practices, including impact assessments and risk mitigation frameworks.
- NIST AI Risk Management Framework (AI RMF) Adopted: Our AI governance covers system mapping, continuous measurement, and stakeholder risk management.
- Third-Party Risk Management: Google Vertex AI undergoes rigorous and ongoing third-party risk evaluations.
Our Commitment to Responsible AI
We operate a formal AI Governance Framework to:
- AI-driven features are clearly disclosed and documented.
- Ensure human oversight over AI-driven interactions.
- Train our teams on responsible AI use.
Moving Forward Together
Our customers trust us to handle their data and AI interactions responsibly. We take that responsibility seriously, and we are committed to providing AI capabilities that are secure, ethical, and aligned with our values.
