AI Usage Policy
Last updated: May 31, 2026
Document owner: Head of Product Governance Review cadence: Quarterly; immediate review for material model/provider/control changes Effective date: 2026-05-31 Legal entity: EthicPages, Inc. Registered address: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ Primary contact: ethicpages+contact@invictosoft.com
Purpose and scope
This AI Usage Policy describes how EthicPages, Inc. ("EthicPages," "we," "us," or "our") uses third-party and internal AI systems to assist customers in generating procurement-grade Trust Center documentation, including privacy policies, security overviews, subprocessors disclosures, and related governance documents.
The policy is designed for customer legal, security, procurement, and compliance stakeholders who need transparent, testable controls around model selection, data handling, and review workflows. It applies to:
- AI-assisted document generation in product onboarding and editing workflows.
- AI-assisted drafting helpers, summarization tools, and structured content suggestions.
- Internal prompt templates and model-routing logic used to deliver product features.
- Human-in-the-loop quality and policy checks before customer publication.
This policy should be read together with our Privacy Policy, Security Overview, Subprocessors, Data Processing Agreement, and Law Enforcement Guidelines.
AI governance principles
EthicPages applies the following governance principles to AI usage:
| Principle | What it means in practice | Verification approach |
|---|---|---|
| Purpose limitation | We use AI for documented product purposes only (document drafting and quality improvement). | Product requirement mapping; release controls; periodic governance review. |
| Data minimization | Inputs sent to model providers are scoped to fields required to perform the requested task. | Prompt schemas; boundary validation; code review checks. |
| Human accountability | Customers remain accountable for final published legal text; EthicPages requires human review prior to publication. | Mandatory review UX; publish gating; audit trail records. |
| Security by design | AI integrations inherit platform security controls (auth, logging, environment segregation). | Security review during design; static checks; incident response testing. |
| Transparency | We document model usage, controls, and customer responsibilities in accessible legal documentation. | Public policy publication; contractual references in MSA/DPA. |
Model providers and routing
EthicPages uses OpenRouter as the API orchestration layer for supported language models. OpenRouter allows provider routing under a consistent interface and policy controls while enabling redundancy and model evolution.
Default and premium model behavior
| Tier or workflow | Default model | Premium option | Intended use |
|---|---|---|---|
| Standard generation | Gemini Flash (default) | N/A | Fast draft generation for baseline Trust Center content. |
| Premium generation | Gemini Flash fallback | Claude Sonnet (premium) | Higher-fidelity drafting, nuanced rewrite assistance, and extended policy reasoning. |
| Internal quality checks | Gemini Flash or equivalent fast model | Claude Sonnet where configured | Structural consistency checks, heading integrity, and style alignment. |
Model routing may evolve over time due to reliability, quality, pricing, or provider availability. Material changes that significantly impact customer-facing behavior are reviewed through our governance process and reflected in this policy or in linked legal documentation.
OpenRouter integration controls
We configure OpenRouter integrations with the following baseline controls:
- Per-environment API credentials with least-privilege access.
- Request scoping to the minimum data needed for task completion.
- Explicit request metadata and feature routing tags for observability.
- Zero-retention settings where supported by provider pathways used by EthicPages.
- Provider-level failover constraints to avoid undocumented model behavior changes.
For subprocessors and infrastructure details, see our Subprocessors list and Security Overview.
Zero-retention and data handling posture
EthicPages configures model-provider pathways for zero-retention operation where available and contractually supported. In this context, "zero-retention" means provider systems are instructed not to store submitted prompts/responses for model training and not to retain them beyond transient operational processing windows, except where strictly required for abuse prevention, legal compliance, or system reliability at the provider layer.
| Data handling topic | EthicPages control | Customer implication |
|---|---|---|
| Provider retention setting | Zero-retention mode configured on supported provider routes. | Reduced risk of long-lived provider-side content retention. |
| Training usage | Provider pathways configured to disallow training on customer prompts/outputs where supported. | Customer content is not intended for model training by default pathways. |
| Input minimization | Product collects structured onboarding fields rather than broad free-text when possible. | Lower chance of oversharing personal or regulated data. |
| Internal storage | EthicPages stores generated outputs in customer workspace for editing/publishing controls. | Customers can edit, export, or delete generated content per lifecycle controls. |
| Auditability | Generation actions are tied to workspace/user context with timestamped events. | Administrators can demonstrate governance over generated artifacts. |
Customers should treat AI outputs as draft material that requires legal and compliance review before external publication or contractual reliance.
Human review requirement (mandatory)
EthicPages enforces a human-in-the-loop review requirement before legal content is published to a production Trust Center endpoint.
Required review workflow
- A user with appropriate workspace permissions requests AI-generated content.
- EthicPages renders generated content as editable draft text.
- A human reviewer evaluates legal correctness, factual accuracy, jurisdictional applicability, and internal policy alignment.
- Reviewer modifies language as needed and confirms publication readiness.
- Publication proceeds only after review confirmation.
| Review checkpoint | Required reviewer action | Why it matters |
|---|---|---|
| Factual validation | Confirm infrastructure, controls, and process statements match actual operations. | Prevents inaccurate or misleading public claims. |
| Legal validation | Confirm jurisdiction-specific obligations and contractual terms. | Reduces legal exposure and procurement disputes. |
| Security validation | Confirm security control descriptions reflect implemented safeguards. | Preserves trust and evidentiary integrity. |
| Copy and clarity review | Ensure plain-language readability and consistent terminology. | Improves customer understanding and procurement efficiency. |
EthicPages does not represent AI output as legal advice. Customers are responsible for final approval and publication decisions.
Prohibited inputs and restricted data classes
To reduce security and privacy risk, users must not submit prohibited content to AI generation prompts unless explicitly supported by a defined secure workflow and lawful basis.
Prohibited or restricted input categories
- Full payment card numbers, CVV values, or sensitive authentication data.
- Government-issued ID numbers unless strictly required and lawfully authorized.
- Full medical records, patient charts, or special category data not required for Trust Center drafting.
- Trade secrets unrelated to the requested policy generation task.
- Credentials, API keys, private keys, tokens, or secrets.
- Data subject information that is unnecessary to the policy drafting purpose.
| Input type | Status | Handling guidance |
|---|---|---|
| Security credentials | Prohibited | Remove and rotate immediately if accidentally submitted. |
| Personal data in examples | Restricted | Use anonymized examples whenever possible. |
| Incident details | Restricted | Share only sanitized summaries needed for policy clarity. |
| Customer contract excerpts | Restricted | Include only minimal clauses necessary for drafting context. |
| Regulated data sets | Prohibited by default | Use formal legal/security process before any exceptional handling. |
If prohibited data is submitted accidentally, contact ethicpages+contact@invictosoft.com immediately with subject line "AI Input Incident."
Output quality, reliability, and known limitations
AI systems can produce inaccurate, outdated, incomplete, or overgeneralized content. EthicPages mitigates these risks through template constraints, model routing controls, and mandatory human review, but cannot guarantee that every generated statement is correct without customer verification.
Common limitations include:
- Model hallucination of certifications, legal obligations, or vendor details not present in inputs.
- Overbroad jurisdictional language that may not fit customer legal posture.
- Inconsistent terminology across related documents if reviewer edits are skipped.
- Ambiguous treatment of edge cases such as international transfers, public sector procurement clauses, or highly regulated verticals.
Customer control recommendations
| Control | Description | Owner |
|---|---|---|
| Legal approval gate | Require legal/compliance sign-off prior to publication. | Customer |
| Security factual check | Validate infrastructure and control claims against internal evidence. | Customer |
| Versioning discipline | Track approval date, approver role, and change notes. | Customer |
| Periodic refresh | Re-run and re-review documents after material product or vendor change. | Customer + EthicPages |
Security and access controls for AI features
AI features are integrated into the same authenticated product surface protected by EthicPages platform controls.
- Access to generation features is limited to authenticated users within authorized workspaces.
- Session management and account access controls are managed through Better Auth-aligned server-side protections.
- Administrative and operational access follows least-privilege principles.
- Network and infrastructure controls are aligned with controls described in Security Overview.
- Security event handling follows our incident response process and Responsible Disclosure Policy.
Third-party subprocessors and contractual controls
EthicPages uses subprocessors to deliver hosting, database, email, payment, analytics, and AI inference services. Relevant AI and infrastructure subprocessors are documented in the Subprocessors list, including service purpose and regional hosting posture where applicable.
Contractual controls include:
- Data processing addenda and confidentiality commitments.
- Security and privacy diligence before onboarding critical vendors.
- Ongoing vendor review cadence aligned with risk profile.
- Change management for material subprocessor updates.
Customers may request additional procurement documentation by contacting ethicpages+contact@invictosoft.com.
Customer responsibilities
Customers are responsible for:
- Providing accurate, non-misleading source information during onboarding.
- Avoiding prohibited or unnecessary personal/sensitive data in AI prompts.
- Reviewing and approving AI outputs before publication or contractual use.
- Keeping published documentation updated as systems, controls, or legal requirements change.
- Ensuring internal legal counsel reviews high-risk or jurisdiction-specific wording.
Failure to apply human review may create legal, procurement, or trust risk that EthicPages cannot fully mitigate on behalf of the customer.
Incident and misuse handling
If EthicPages identifies potential misuse of AI features, prohibited data submissions, or suspicious generation behavior, we may:
- Temporarily suspend feature access while investigation occurs.
- Require customer remediation and confirmation of review controls.
- Delete or quarantine problematic generated drafts where legally and operationally feasible.
- Notify affected customers when incident criteria are met under our Privacy Policy and contractual commitments.
Security incidents related to AI pathways are handled under our platform incident response lifecycle, including triage, containment, remediation, post-incident review, and control improvements.
Compliance, assurance, and roadmap notes
EthicPages is building toward mature security and compliance attestations over time. AI controls are developed as part of broader governance controls across identity, logging, secure SDLC, and vendor risk management. Current and planned controls are summarized in our Security Overview.
Our control roadmap may include:
- Enhanced policy-as-code checks for prohibited prompt content.
- Expanded quality scoring and reviewer guidance prompts.
- Stronger model fallback transparency in UI.
- Additional procurement artifacts and evidence packages.
Roadmap items are indicative and subject to change based on legal, security, and customer requirements.
Changes to this policy
We may update this AI Usage Policy to reflect changes in model providers, routing logic, legal requirements, security controls, or product capabilities. Material updates will be reflected by a new "Last updated" date and, where appropriate, proactive customer notice.
Customers should review this page alongside related legal materials:
Contact and procurement inquiries
For customer diligence requests, legal review packets, or AI governance questionnaires, contact:
- Email: ethicpages+contact@invictosoft.com
- Company: EthicPages, Inc.
- Postal: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Please include "AI Usage Policy Request" in the subject line for fastest routing to legal and security reviewers.