Generative AI Governance Policy
This Generative AI Governance Policy (“Policy”) describes how CustomerNode LLC (“CustomerNode,” “we,” “us”) designs, deploys, and governs the use of Generative Artificial Intelligence (“GenAI”) within its platform. This Policy applies to all GenAI-enabled features and all third-party AI services used by CustomerNode.
This Policy is intended to support transparent and controlled use, data protection, regulatory alignment, and security controls for GenAI functionality, and complements CustomerNode’s Privacy Policy, Terms of Use, and Data Processing Addendum (DPA).
1. Regulatory Alignment and AI Risk Management
CustomerNode operates its GenAI capabilities in alignment with applicable privacy, security, and AI risk management principles, including:
- General Data Protection Regulation (GDPR)
- NIST AI Risk Management Framework (AI RMF)
- OECD AI Principles for responsible AI
- ISO/IEC 27001-aligned security practices
- OWASP Top 10 for Large Language Model (LLM) Applications
GenAI is treated as a controlled processing activity and is subject to ongoing review, risk assessment, and governance.
2. Transparency and Use
CustomerNode is committed to transparent and controlled use of GenAI technologies:
- GenAI is used to augment user workflows, not to make autonomous legal or material decisions.
- GenAI outputs are advisory in nature and are not presented as authoritative or deterministic.
- GenAI is not used for behavioral profiling or discriminatory purposes.
- Users and tenants are informed when GenAI functionality is available or enabled.
3. Tenant Control and Disablement
CustomerNode provides tenants with control over GenAI usage:
- GenAI functionality can be disabled at the tenant level.
- When disabled, no tenant data is processed by GenAI services.
- Tenant configuration determines whether GenAI features are active.
When GenAI functionality is enabled, CustomerNode applies logical tenant isolation controls designed to prevent customer data, prompts, embeddings, retrieval indexes, or AI-generated outputs from being shared across tenant environments except where explicitly authorized by the tenant.
4. Data Usage, Retention, and Deletion
CustomerNode applies documented data handling controls for GenAI:
- Only the minimum data required for a given GenAI function is transmitted.
- GenAI prompt and response data is not retained beyond standard operational logging.
- GenAI-related data is subject to CustomerNode’s data retention and deletion policies.
- All data subject rights (access, deletion, restriction) apply equally to GenAI-processed data.
Customer data is not used to train shared or general-purpose foundation models. CustomerNode may perform tenant-specific AI processing, retrieval augmentation, optimization, embeddings, vector indexing, fine-tuning, or model adaptation where explicitly enabled for that tenant. Any such processing remains logically isolated to the applicable tenant environment and is not used to improve shared models across customers.
5. Third-Party GenAI Vendor Controls
CustomerNode engages third-party GenAI providers under contractual and technical controls:
- Provider usage is configured such that customer data is not used to train shared or general-purpose foundation models, where such controls are available.
- All data is transmitted over encrypted channels (TLS).
- Vendor access is limited to the minimum necessary for functionality.
The current GenAI providers used by CustomerNode are identified on the Subprocessors page.
6. GenAI Vendor Security Assessment
CustomerNode performs documented security and risk assessments of its Generative AI (GenAI) vendors, including evaluations aligned with the OWASP Top 10 for Large Language Model (LLM) Applications. These assessments are based on a review of vendor-published security documentation, contractual data protection assurances, and CustomerNode’s own GenAI integration architecture.
As part of this assessment, CustomerNode evaluates the following OWASP-aligned risk categories and maps them to internal technical and procedural controls:
- Prompt Injection Risks – Assessed through review of vendor safety guidance and mitigated via controlled prompt construction, contextual scoping, and application-layer input validation.
- Data Leakage and Unauthorized Disclosure – Assessed through vendor data-handling disclosures and contractual assurances; mitigated by strict data minimization and configuration of GenAI services such that customer data is not used to train shared or general-purpose foundation models.
- Insecure Output Handling – Assessed by reviewing GenAI output characteristics and mitigated by treating all GenAI responses as untrusted input subject to validation and encoding prior to use or display.
- Excessive Data Exposure – Assessed through architectural review of data flows and mitigated by limiting prompt content to the minimum data required for the requested functionality.
- Access Control and Authentication Risks – Assessed through review of vendor authentication mechanisms and mitigated via secure API key management, restricted service permissions, and internal access controls.
Findings from these assessments are documented, reviewed, and addressed through CustomerNode’s Secure Development Lifecycle (SDLC), vulnerability management processes, and ongoing operational monitoring. Assessments are revisited periodically and updated as OWASP guidance, vendor capabilities, or GenAI functionality evolves.
7. Security Controls and Monitoring
GenAI integrations follow CustomerNode’s standard security controls:
- Secure Development Lifecycle (SDLC) enforcement
- Input and output validation
- Logging and monitoring for misuse or anomalous behavior
- Incident response and remediation procedures
8. Review and Updates
This Policy is reviewed periodically and updated as AI regulations, industry standards, or CustomerNode’s GenAI functionality evolves.
9. Contact and Accountability
CustomerNode maintains internal ownership and accountability for GenAI governance. Questions regarding this Policy or GenAI data processing may be directed to:
Michael Cantow
Email: [email protected]
Effective Date: 01/14/2026
Last Updated: 05/19/2026