AI Features Usage Guidelines
Version date: April 14, 2026
The following provisions apply to Customer’s use of artificial intelligence and machine learning features and functionalities made available in the InvGate Services (including any third-party functionalities) (the “AI-Powered Features”). Capitalized terms not otherwise defined herein shall have the meaning set forth in the Master Subscription Agreement (or any other services agreement between the Parties).
Security and data protection:
We’ve built our AI- Powered Features with a core principle in mind: your data stays yours.
Our goal is to deliver powerful AI-Powered Features without compromising the trust that makes enterprise service management possible. Legal, HR, Security, and IT teams can be confident: our AI respects boundaries: technical, legal, and ethical.
No Generative Training on Customer’s Service Data
We use multiple trusted pre-trained models, but we never train those models on Customer’s information. I.e., if someone types a phone number or sensitive info into a ticket, it is never used to "teach" the model.
Isolated, Encrypted Storage
All data within our system -including responses- is stored in isolated databases with ciphered storage, meaning it's never public, shareable, or accessible to third parties.
Training of customer-specific models
Some non-generative AI-Powered Features may need customer specific Service Data. In those cases (like for classifier models or regression models) when we do train models on customer’s Service Data, we do it on a per customer basis, only with the data of that customer, and serving that customer only. For example, we train an escalation suggestions model that considers configured SLAs and historical resolution times for different types of tickets. For these cases, Customer retains full ownership of Customer’s Service Data submitted to the InvGate Services, while InvGate maintains ownership of all machine learning algorithms, and aggregated results derived from such machine learning processes.
Third-party terms
Customer acknowledges and agrees that certain AI-Powered Features rely on: (i) third-party large language models by OpenAI (ChatGPT) and Google (Gemini), and (ii) the cloud service platforms through which such models are hosted and delivered: Microsoft Azure, Google Cloud and Amazon Web Services.
Customer acknowledges that the use of such models and cloud platforms is subject to the terms and conditions of the relevant third-party providers, as updated from time to time, and agrees to comply with and be bound by those terms.
To enable the AI-Powered Features, Customer’s Service Data (which may include personal data) will be shared with the applicable cloud service providers, which shall act as sub-processors under GDPR and other relevant data protection laws. Such Service Data will be transferred to the United States for processing, in accordance with the international data transfer mechanisms described in InvGate’s Cloud Services Privacy Policy.
If Customer does not agree to these third-party terms, sub-processing arrangements, or international data transfers, Customer may opt out of using the AI-Powered Features as described below.
Opt-out
Customer may opt-out of the AI-Powered Features by following the procedure outlined in the Documentation, in which case the provisions of this Usage Guidelines shall not apply to Customer.
Disclaimer of warranties
AI-Powered Features outputs are provided "as is" without warranty of any kind. InvGate disclaims any liability arising from the Customer’s reliance on such outputs.
Customer shall be responsible for evaluating AI-Powered Features’ outputs’ accuracy.
Risk Mitigation
With the objective of mitigating the risks associated with the use of AI-Powered Features, such features are implemented in a manner that prevents the AI from making decisions or executing actions autonomously, and instead limits it to generating suggestions that must be validated by a human user under a human-in-the-loop approach. In addition, in the event of any incident or anomalous behavior, the AI-Powered Features (or any of them individually) may be immediately disabled by the Customer.
Fees
As of the version date of this Usage Guidelines, InvGate does not require Customer to pay any additional fees for usage of AI-Powered Features. However, InvGate reserves the right to implement supplementary charges in the future.
Frequently Asked Questions
Yes, InvGate adheres to relevant data privacy laws and regulations, including GDPR, in alignment with industry best practices. Our AI Features operate on Azure, Google Cloud, and AWS infrastructure, all of which are certified for handling data under GDPR and similar frameworks. For detailed information on our data privacy compliance and AI-Powered Features, please refer to the following documents:
InvGate implements comprehensive security measures to protect sensitive information, including:
- • Encryption of data at rest and in transit using industry-standard AES-256.
- • Strict access controls and role-based permissions.
- • Regular third-party penetration testing and vulnerability assessments.
- • Alignment with SOC 2 Type II standards for security, availability, and confidentiality.
InvGate owns the AI-Powered Features’ service architecture and proprietary logic that integrates with Large Language Models (LLMs) and other AI components. The core LLMs (such as OpenAI models via Azure, Google Cloud’s Gemini, and AWS models) are owned by their respective developers. For customer-specific models (e.g., small regression or classification models), InvGate retains ownership of the trained models, although these models are dedicated solely to each customer’s data and specific use cases. Importantly, AI-powered features can be enabled or disabled on a per-feature basis. Disabling a feature also halts any corresponding model training (applicable only to customer-specific models) and usage.
LLMs licensed by major cloud providers and integrated in our AI-Powered Features have been trained on vast, diverse datasets. InvGate uses such LLMs, as-is to power AI-Powered Features in our Solutions. We focus on integrating the usage of these models for specific customer needs without retraining them.
On the other hand, customer-specific models are trained using “Supervised Learning" (i.e., trained on manually labeled data) and "Unsupervised Learning" (i.e., trained on unlabeled data, discovering recurring patterns).
For the LLMs we integrate, the training data is sourced and curated by the respective model developers, which typically rely on publicly available datasets and a variety of proprietary sources.
For customer-specific models, we only use the data provided by the Customer (e.g., ticket history for our Service Management Solution). We do not incorporate any third-party or public data into the training of these models.
Customer’s Service Data could be used solely to train customer-specific models when the corresponding AI-Powered Features are enabled. Importantly, AI-Powered features can be enabled or disabled on a per-feature basis. Disabling a feature also halts the corresponding model training, ensuring that no unnecessary data processing occurs.