AI transparency

What our AI does — and what it doesn't.

Every AI feature, the models behind it, the data it sees, and the limits we hold ourselves to. Last updated 22 June 2026.

1 · Where AI is used

AI in AIOProductOS is an assistant over your own product data. Each feature, what it does, the model behind it, and its EU AI Act risk class:

AI features, function, model, and EU AI Act risk class
Feature What it does Model Risk class
AI teammates & MCP agents Claim and draft work on your spine within scoped permissions Anthropic Claude Limited
Meeting recap → tasks Transcribe a meeting and draft recap + action items Deepgram + Claude Limited
Insight synthesis Summarise scattered feedback into themes Anthropic Claude Limited
Prioritisation suggestions Suggest a RICE/priority score or order — advisory Anthropic Claude Limited
Survey analysis Read and summarise survey responses Anthropic Claude Limited
Autocapture Capture product events you instrument — no generative model on the data Internal pipeline Minimal
Codebase brain map Map your codebase into a connectogram Internal + model assist Minimal

Under the EU AI Act these are limited- or minimal-risk uses — productivity assistants over your own data, not systems making consequential decisions about people. None is high-risk or prohibited.

2 · The models, and the guarantee

We use third-party foundation models via API — Anthropic Claude (claude-sonnet-4-6 and claude-opus) for generation, and Deepgram for speech-to-text. We do not run bespoke models.

  • No training on your data. Your content is used only to produce the immediate response.
  • No fine-tuning. We do not build a training corpus from customer data.
  • Scoped and minimised. Each feature receives only the content it needs, within your tenant's boundary.
  • Transfers covered. Model processing relies on the Standard Contractual Clauses in each provider's terms.

3 · What it doesn't do

  • It does not train the models on your data, or fine-tune on it.
  • It does not make a solely-automated decision with legal or similarly significant effect about a person — a human stays in control.
  • It does no biometric categorisation, emotion inference, or social scoring.
  • It does not sell your data or feed it to advertising.

4 · Labelled, and overseen by a human

AI output is labelled — content and suggestions carry a “Generated by AI” marker, so it's never passed off as human or as established fact (EU AI Act Art 50).

AI output is advisory: it's a draft or a suggestion you can accept, edit, or reject before it has effect. Agent actions are scope-gated. Every AI decision that changes user-facing state is recorded in an audit log a human can review and override — the practical evidence behind GDPR Art 22 and the AI Act's human-oversight expectation.

5 · Your data & opting out

  • Meeting transcription is opt-in; where required, participant consent is captured and logged.
  • Suggestions (prioritisation, recaps, synthesis) can be ignored or overridden — nothing ships on AI's say-so alone.
  • To discuss disabling AI features for your organisation, email privacy@aioproductos.com.

6 · Governance

Our approach maps to the EU AI Act (Articles 9, 10, 13, 22, 50) and aligns with ISO/IEC 42001. Before any new AI feature ships, it's classified, checked for the “Generated by AI” label and a human-override path, and its data flow is added to our records of processing. The full governance policy is maintained internally and reviewed at least annually.

Related: Privacy Notice · Trust & security · compliance posture.