AI transparency
What our AI does — and what it doesn't.
Every AI feature, the models behind it, the data it sees, and the limits we hold ourselves to. Last updated 22 June 2026.
1 · Where AI is used
AI in AIOProductOS is an assistant over your own product data. Each feature, what it does, the model behind it, and its EU AI Act risk class:
| Feature | What it does | Model | Risk class |
|---|---|---|---|
| AI teammates & MCP agents | Claim and draft work on your spine within scoped permissions | Anthropic Claude | Limited |
| Meeting recap → tasks | Transcribe a meeting and draft recap + action items | Deepgram + Claude | Limited |
| Insight synthesis | Summarise scattered feedback into themes | Anthropic Claude | Limited |
| Prioritisation suggestions | Suggest a RICE/priority score or order — advisory | Anthropic Claude | Limited |
| Survey analysis | Read and summarise survey responses | Anthropic Claude | Limited |
| Autocapture | Capture product events you instrument — no generative model on the data | Internal pipeline | Minimal |
| Codebase brain map | Map your codebase into a connectogram | Internal + model assist | Minimal |
Under the EU AI Act these are limited- or minimal-risk uses — productivity assistants over your own data, not systems making consequential decisions about people. None is high-risk or prohibited.
2 · The models, and the guarantee
We use third-party foundation models via API — Anthropic Claude (claude-sonnet-4-6 and claude-opus) for generation, and Deepgram for speech-to-text. We do not run bespoke models.
- No training on your data. Your content is used only to produce the immediate response.
- No fine-tuning. We do not build a training corpus from customer data.
- Scoped and minimised. Each feature receives only the content it needs, within your tenant's boundary.
- Transfers covered. Model processing relies on the Standard Contractual Clauses in each provider's terms.
3 · What it doesn't do
- It does not train the models on your data, or fine-tune on it.
- It does not make a solely-automated decision with legal or similarly significant effect about a person — a human stays in control.
- It does no biometric categorisation, emotion inference, or social scoring.
- It does not sell your data or feed it to advertising.
4 · Labelled, and overseen by a human
AI output is labelled — content and suggestions carry a “Generated by AI” marker, so it's never passed off as human or as established fact (EU AI Act Art 50).
AI output is advisory: it's a draft or a suggestion you can accept, edit, or reject before it has effect. Agent actions are scope-gated. Every AI decision that changes user-facing state is recorded in an audit log a human can review and override — the practical evidence behind GDPR Art 22 and the AI Act's human-oversight expectation.
5 · Your data & opting out
- Meeting transcription is opt-in; where required, participant consent is captured and logged.
- Suggestions (prioritisation, recaps, synthesis) can be ignored or overridden — nothing ships on AI's say-so alone.
- To discuss disabling AI features for your organisation, email privacy@aioproductos.com.
6 · Governance
Our approach maps to the EU AI Act (Articles 9, 10, 13, 22, 50) and aligns with ISO/IEC 42001. Before any new AI feature ships, it's classified, checked for the “Generated by AI” label and a human-override path, and its data flow is added to our records of processing. The full governance policy is maintained internally and reviewed at least annually.
Related: Privacy Notice · Trust & security · compliance posture.