<aside> đź’ˇ
Summary of recent updates (March 2025):
We clarified that we never include any data that could identify an individual or company in our AI training processes. Our AI training uses strictly anonymized, general conceptual corrections related solely to improving our assistants’s core compliance and AI governance capabilities. Additionally, we explicitly state that anonymized insights are not used, shared, or sold for unrelated products or to third parties. Our priority remains accuracy, privacy, and minimal hallucinations through careful data selection.
</aside>
At ISMS Copilot, we are committed to legal compliance and securely deploying AI systems. To enhance transparency, we have updated our licensing agreement and created this FAQ.
At ISMS Copilot, we are committed to legal compliance and securely deploying AI systems. To enhance transparency, we have updated our licensing agreement and created this FAQ.
No Personal or Identifying Data for Training: We do not use personal or confidential data from user conversations to train our AI models. We encourage users not to include personal details (e.g., names, emails) or sensitive business information in chatbot queries.
Moreover, we do not incorporate any detail that could identify a specific individual, organization, or client into our training data.
Minimal Personal Data Overall: Beyond user email addresses (for account management and essential communications), we do not require or seek other personal data.
Manual and Anonymized Improvements: If we need to improve an AI assistant’s knowledge, an administrator may manually select certain insights from anonymized conversation excerpts. These insights are conceptual and not tied to an individual’s personal or company data.
Our goal is to refine the AI’s accuracy on recognized security and governance frameworks—not to learn from or store customer-specific details.
No Intellectual Property Claims by Users: Users cannot claim ownership or IP rights over conceptual improvements derived from their interactions. The underlying logic and improvements to the AI models remain the property of ISMS Copilot.
Respecting User Rights and Privacy: Users can request deletion or erasure of their data at any time. We comply with GDPR requirements and have measures in place to safeguard user privacy.
No Use Beyond Our Core Product Family:
Anonymized data is never used to build or improve any unrelated products or to be sold externally. We only refine ISMS Copilot’s core compliance features, ensuring that any insights remain strictly focused on better supporting information security and AI governance needs.
1. When does the new agreement come into effect?
The new agreement becomes effective on 1st September, 2024.
2. Which AI chatbots are covered by this agreement?
All AI chatbots accessible within the ISMS Copilot platform are covered, including ISO 27001 Copilot, Risk Assessment Assistant, Policy Assistant, and ISMS Copilot X.