- handbook
- Company
- Company
-
- Board & Investors
- Communications
- Decision making and project management
- Guides
- Organizational Structure
- principles
- Remote Work
- Security
-
- Access Control Policy
- AI Development and Customer Data Policy
- Asset Management Policy
- Business Continuity & Disaster Recovery Policy
- Cryptography Policy
- Data Management Policy
- Hardware Security Policy
- Human Resources Security Policy
- Incident Response Plan
- Information Security Policy and Acceptable Use Policy
- Information Security Roles and Responsibilities
- Operations Security Policy
- Risk Management Policy
- Secure Development Policy
- Third-Party Risk Management Policy
- strategy
- values
- Operations
- Engineering & Design Practices
- Design
- Engineering
- Internal Operations
- People Ops
- Marketing department
- Marketing
- Sales department
- Sales
-
- Commercial Organization
- Customer Success
- Edge Connectivity Sales Process
- Engagements & Pricing
- Forecast Review
- HubSpot
- Legal
- operating-principles
- Partnerships
- Processes
- Professional Services
- Sales Compensation Plan
- Sales Deck
- Sales Meetings
- Sales Regions
- Self Hosted Dashboard v2 Multi User
- Subscription Agreement 1.5
AI Development and Customer Data Policy
| Policy owner | Effective date |
|---|---|
| @knolleary | 2026-02-18 |
Purpose
This policy describes how AI-enabled functionality is designed, developed, and used within FlowFuse, both in the product and internally by FlowFuse team members.
Its purpose is to protect customer data, maintain trust, and ensure responsible, transparent, and secure use of AI technologies.
Scope
This policy applies to:
- AI functionality shipped as part of the FlowFuse product
- Internal use of AI tools by FlowFuse employees and contractors
- Integrations with third-party AI services
Guiding Principles
- AI is assistive, not autonomous.
- Humans remain accountable for decisions and outcomes.
- Customer trust and data protection take precedence over experimentation speed.
- AI usage must be intentional, scoped, and reversible.
- FlowFuse does not train AI models on customer data or company data.
Internal Use of AI by FlowFuse Team Members
FlowFuse supports and encourages responsible use of AI tools by team members to improve development velocity, quality, and operational effectiveness.
When using AI internally:
- Do not share customer data with AI tools except as explicitly permitted by this policy.
- Use internal, synthetic, or publicly available data for experimentation whenever possible.
- Review AI-generated output before relying on it or including it in the product.
- Do not use AI tools to bypass security controls, access restrictions, or approval processes.
Apply the same data protection, security, and review standards to internal AI usage as to AI functionality shipped within the product.
Approved AI Tools
FlowFuse provides the following AI tools to team members:
- Claude (via Claude Team) — general-purpose AI assistant for writing, analysis, coding support, and research.
- Gemini (via Google Workspace) — AI features built into Gmail, Docs, Meet, and other Workspace apps.
AI features built into other approved tools (for example, summarization, drafting assistance, or transcription) are covered by the existing approval of the underlying tool and the principles in this policy.
Other AI tools may be approved on a case-by-case basis through the vendor approval process. The full list of approved vendors and software is maintained in Vanta and via approved Vendor & Software Checklist issues in the admin repo on GitHub.
Requesting a New AI Tool
To request approval for a new AI tool, open a Vendor & Software Checklist issue in the admin repo on GitHub. The request is reviewed for security, data handling, and budget before approval.
To request access to an already-approved AI tool, open an Access / Permission Request issue in the admin repo on GitHub.
Customer Data Usage
Customer data may be used with AI systems only under the following conditions:
- Use customer data solely to provide the requested product functionality.
- Ensure all AI processing of customer data follows existing access controls, logging, and security policies.
Customer data is not used for the following purposes:
- Do not use customer data to train shared, public, or cross-customer AI models.
- FlowFuse does not train AI models on customer data.
- Do not use customer data for internal experimentation unrelated to a customer’s use case.
- Do not use customer data to improve general-purpose AI model behavior.
Customer data remains owned and controlled by the customer at all times.
Internal Data vs Customer Data
-
Internal, synthetic, or anonymized data may be used for:
- Prototyping and experimentation
- Prompt development
- Evaluation and testing of AI features
-
Do not repurpose customer data for internal AI development or testing, even if anonymized, without explicit approval.
Third-Party AI Services
Third-party AI providers may be used within the FlowFuse product only when:
- Appropriate contractual data protection terms are in place.
- The provider does not retain or reuse customer data for model training.
- Data shared is limited to the minimum required to provide the feature.
Review new AI provider integrations prior to use and assess them for:
- Data handling and retention practices.
- Security posture.
- Compliance and risk implications.
FlowFuse maintains a documented inventory of approved third-party AI services used within the product that may process customer data. This inventory includes references to each provider’s relevant data handling and security policies. The inventory is reviewed as part of the vendor risk management process and is available upon request.
Product Transparency
- Clearly identify AI-assisted functionality in the product and/or documentation.
- Do not present AI outputs as authoritative or decision-final.
- Inform users when AI is involved and ensure they understand that human judgment is required.
Prohibited AI Use Cases
Do not use AI for:
- Fully autonomous decision-making affecting customers.
- Safety-critical or high-risk operational decisions.
- Surveillance, behavioral profiling, or user scoring.
- Legal, medical, or employment decision-making.
Review and Oversight
-
Require new AI-enabled features to undergo review that considers:
- Data inputs and outputs
- Customer impact and potential failure modes
- Third-party dependencies
-
Restrict, modify, or disable AI functionality if risks or assumptions change.
Exceptions and Enforcement
- Require explicit review and approval for any exception to this policy.
- Violations may result in feature rollback or removal of integrations.
