Built for teams whose data can't leak.
This page explains, in plain English, how we handle confidential information, what gets recorded, and what we will never do. If you're the person responsible for compliance, legal, or IT, this page is for you.
What we will never do.
Your confidential files never go to public AI tools.
Your data is never used to train models. Not ours, not anyone's.
We take no vendor commissions and sell no tools of our own.
We never remove your approval authority. Compliance, legal, and IT sign off on every setup.
These aren't marketing lines. They're how every engagement is scoped, and your team can hold us to each one in writing.
Where your data can live.
For confidential work, there are three ways to run AI privately. We select the architecture together with your compliance, legal, and IT teams — never on our own.
Local model on your hardware
The AI model runs on machines you own, inside your office or data center. Nothing leaves the building.
Private cloud in your environment
The model runs inside your own cloud account, under your access controls and your logging. We configure it; you hold the keys.
Enterprise private endpoint
A dedicated connection to a commercial model under enterprise terms: no training on your data, contractual data handling, admin controls.
Every AI-assisted task leaves a trail.
Six things are saved for every AI-assisted task, designed to support your recordkeeping and supervision process. Final supervisory and recordkeeping decisions remain with you.
What was asked
The request, in the user's own words, with date and person.
Which tool answered
Which approved assistant, workflow, or private workspace handled it.
Sources used
The public links, exports, or private files the answer was based on.
AI's first draft
The model's output before any human edits, saved exactly as produced.
Human changes
What the reviewer changed, removed, or approved. And who did it.
Final record
Where the final version lives, who approved it, how to find it again.
AI makes mistakes. We don't deny it. We design for it.
Any vendor who tells you their AI setup never gets things wrong is selling you something. Ours gets things wrong too. The difference is that every setup we build assumes mistakes will happen and puts a human check between the model and anything that matters.
Passage-level citations
Answers point to the exact passage they came from, so every claim is checkable against the source.
Human review before use
Nothing AI produces is used or shared until a person on your team has reviewed it.
Warning flags for sensitive topics
Workflows flag material that touches sensitive areas so it gets extra scrutiny, not less.
Written do's and don'ts per tool
Every tool ships with plain-English rules: what it's for, what it must never be used for.
If we part ways, you keep everything.
We're model-agnostic and hold no reseller relationships, so nothing we build ties you to a vendor — or to us. Everything we configure is documented and belongs to you.
The questions your CCO will ask.
Do you sign NDAs?
Yes. Before we see anything.
Who owns the work product?
You do. Tools, prompts, workflows, records — all of it.
Do you access our systems?
Only what's scoped and approved, and only alongside your IT team.
What AI vendors do you use?
Whichever fit your rules. We're independent and hold no reseller deals, so the recommendation is never about our margin.
Bring your CCO to the first call.
We'd rather answer the hard questions on day one. Bring compliance, legal, or IT — the setup only works if they trust it.
NDA-friendly. No obligation. Or email hello@cleverfoxailabs.com