AI Compliance FAQ

Which AI models are used by Kustomer?

Kustomer uses various AI models to power its KIQ offerings.

For generative AI capabilities, Kustomer leverages common enterprise LLM model providers including but not limited to OpenAI, Anthroptic and AWS bedrock. More information is available here.

How does Kustomer handle customer data, privacy, and security in AI systems?

Kustomer ensures responsible handling of customer data by sharing only the content of messages with its AI engines. While most messages lack personal data, Kustomer assumes that some personal data may occasionally be included. To address this, Kustomer has established Data Processing Agreements with third-party subprocessors such as OpenAI and AWS. OpenAI adheres to a Zero Data Retention policy, deleting data immediately after processing, while AWS provides an AI opt-out policy to ensure data deletion.

Customer data is not used to train global AI models; however, in cases where AI capabilities are tailored for a specific customer, data may be used to refine models exclusively for that customer's environment. This approach maintains strict privacy standards and complies with GDPR, CCPA, and other relevant regulations.

To further protect privacy and security, Kustomer employs encryption for data both in transit and at rest, implements role-based access control, and conducts regular security audits. These measures are validated by SOC 2 Type II certification.

Additional documentation on Kustomer's privacy and security practices is available on the Kustomer Trust Center.

How does Kustomer ensure AI-generated outputs match brand tone?

When creating or editing an AI Agent, Kustomer provides a place for defining the tone, voice and personality with Instructions for the frontline AI agent (a.k.a. Supervisor). Customers instruct the AI Agent in a conversational way just as they would with a ChatGPT prompt.

Customer Assist Premium and Agent Assist use AI Profiles to create custom prompts that ensure AI-powered responses align with your brand's unique identity. These profiles allow administrators to customize the AI’s behavior with specific instructions, such as using friendly language or avoiding certain keywords. Localization options enable regional nuances in AI-generated text, and administrators can preview text before implementing it. Additionally, businesses with multiple brands can create tailored AI profiles for each one.

What guardrails are in place to ensure ethical use of AI?

To prevent misuse of AI outputs, Kustomer allows businesses to set specific guardrails within the platform. These guardrails ensure that the AI operates within defined parameters, such as avoiding discussions about competitors or adhering to other business-specific restrictions. This “do no harm” principle helps maintain ethical and appropriate use of AI.

How does Kustomer inform users about AI-enhanced interactions?

For transparency, Kustomer informs users about AI-enhanced interactions differently depending on the feature. For AI Agents on chat, we display "Generated by AI" underneath each message generated by AI.

For internal-facing AI, customers won’t see any indication that AI was used. All messages are reviewed and refined by your team before they’re shared. For Customer Assist, messages generated by AI are labeled as “AI Generated” within the chat widget.

What analytics does Kustomer run, and how is this data used?

Kustomer analyzes aggregated and anonymized data to optimize its services and measure performance. Examples of this analysis include monitoring traffic loads, usage metrics, and evaluating the percentage of conversations automated. This anonymized and aggregated data can also be used in marketing materials to demonstrate service efficacy. This aligns with Kustomer’s MSA explicitly states that anonymized data may be used to improve services without identifying individual customers.

What licensing terms apply to AI models in KIQ offerings?

Kustomer leverages common enterprise LLM model providers including but not limited to OpenAI, Anthroptic and AWS bedrock for its AI features. Terms and conditions for AI features, including any flowthrough terms and acceptable use policies, are available on Kustomer’s legal center.

Can Kustomer provide documentation and security practices?

Kustomer provides comprehensive documentation covering our AI capabilities, platform architecture, and security practices. While we do not specify whichAI models underlie any particular feature in our documentation—because multiple LLMs might be used simultaneously—we clearly outline how our AI features operate, the safeguards in place to protect your data, and the controls your team can configure. Our Zero Data Retention policy with our AI providers ensures that customer data is not stored after processing, offering added assurance for privacy and compliance.