<aside> ℹ️
Hey, this trust center was built for the good old ISMS Copilot v1. ⛩️
Now, we’re on ISMS Copilot v2. It’s a completely separate app (so, different providers, different security measures 😍) ****
Since we wanted to do things well, we made a dedicated help center just for v2! 🤯
But that’s maybe too much information at once, right? 🙅♂️ That’s why we made your life easier by crafting this security and data protection overview!
And what if you have no time for reading?
We would tell you that we’re a small independent team (actually 2 persons, one GRC expert - me - with a long ISO 27001/SOC2/GDPR/AI security background + one experimented Engineer that cares a lot about security, reliability, resilience).
We´ve been building ISMS Copilot with high compliance standards from day one. All our subprocessors, data processing activities, and implemented controls are public (yes, you can verify this). And most importantly, we don’t train on your data (we believe it’s not a good idea) or anyone else’s data by the way.
If you still have any questions, please reach out directly to us.
</aside>
| Version | Latest changes |
|---|---|
| v1.0 | Publication |
ISMS Copilot recognizes the transformative potential of Artificial Intelligence (AI) in information security management and compliance. As a provider of AI-powered compliance assistance, we are committed to deploying AI technologies responsibly and ethically, with a particular focus on transparency and user empowerment.
The purpose of this policy is to establish our public commitment to ethical AI governance in compliance advisory services. This policy demonstrates our alignment with international standards such as ISO/IEC 42001 and regulatory requirements such as the EU AI Act, while ensuring that our AI system supports organizations in their compliance journey without replacing human judgment.
This policy serves to:
This policy applies to ISMS Copilot's AI system, which provides guidance and assistance in information security management and compliance. Our scope encompasses the core AI-powered compliance assistant, its interactions with users, public API integrations, and all documentation and guidance generated by our system.
The policy is relevant to ISMS Copilot's development and operations teams, our users and their organizations, integration partners, and third-party service providers supporting our AI operations.
As a limited-risk AI system operating in the compliance advisory space, we place particular emphasis on transparency in AI-generated compliance guidance, clear delineation between AI assistance and human decision-making, protection of user data and privacy, ethical considerations in compliance advisory, and continuous monitoring of AI performance.