AI Governance Policy

1. SCOPE AND PURPOSE

The purpose of this AI Policy is to establish a comprehensive governance framework for the development, deployment, operation, monitoring, and maintenance of Artificial Intelligence systems developed by Imentiv Inc. This Policy is designed to ensure that all AI capabilities are utilized in a transparent, ethical, and accountable manner, safeguarding users from unintended harms, discriminatory practices, privacy violations, or inaccurate outputs. It reinforces Imentiv AI's commitment to building and maintaining trustworthy AI solutions aligned with globally recognized standards and best practices and ethical guidelines for reliable AI. Furthermore, the Policy ensures full adherence to applicable legal and regulatory requirements such as the GDPR, India's Digital Personal Data Protection (DPDP) Act 2023, the CCPA, and other regional data protection laws. By clearly outlining the responsibilities, expectations, and conduct required from all users, administrators, partners, and employees interacting with the platform, this AI Policy supports a culture of accountability, safety, fairness, and continuous improvement across all AI-driven activities.

This Policy governs all activities, systems, data interactions, and stakeholders involved in the development, deployment, access, and use of Imentiv AI and its associated SaaS products. This policy shall be read in conjunction with the Terms of Use, Data Processing Agreement, Privacy Policy for Imentiv AI Products and Solutions.

2. IMENTIV AI SYSTEMS

This Policy covers all AI-related technologies, components, and subsystems that power the Imentiv AI platform, including but not limited to:

• AI Models & Algorithms: All proprietary, custom-trained, fine-tuned, or third-party algorithms used for prediction, recommendation, classification, emotional analytics, generative tasks, or automated decision-making.
• Machine Learning Pipelines: End-to-end ML workflows involved in data ingestion, feature engineering, model training, validation, optimization, monitoring, and lifecycle management.
• Generative AI Capabilities: Text, image, video, speech, or multimodal generative features embedded into the SaaS product and related tools.
• AI-Enabled Automation Tools: Rule-based engines, orchestration modules, automation scripts, workflow systems, and AI-driven triggers.
• Emotional & Behavioural Analytics Modules: Components that analyse sentiment, emotion, engagement, tone, or behavioural patterns using AI or ML techniques.
• Predictive Intelligence Systems: Forecasting engines, scoring models, risk analysers, and real-time prediction components.
• Security, Monitoring & Audit Systems: AI systems used for anomaly detection, fraud monitoring, performance analytics, fairness evaluation, and compliance auditing.

3. USERS & CUSTOMERS

This Policy applies to all categories of individuals or entities that interact with Imentiv AI products or solutions, directly or indirectly, including:

• Registered Users: Individuals who create accounts, use the web portal, mobile apps, dashboards, analytics tools, or AI-powered features.
• Enterprise & Organizational Clients: Businesses and institutions using Imentiv AI for internal operations, integrations, automation, analytics, or customer services.
• Developers & API Consumers: Individuals or organizations accessing Imentiv AI through APIs, SDKs, developer dashboards, or integration interfaces.
• System Administrators & Account Managers: Users who manage organizational settings, permissions, security controls, and computational resources.
• End Users Impacted by AI Outputs: Any individual whose data or experience is affected by automated decision-making, predictions, or AI-generated content.

All such users are expected to comply with this Policy and ensure responsible use of Imentiv AI services.

A. Imentiv AI Personnel

This Policy applies to all individuals responsible for the handling, development, review, testing, deployment, or governance of AI systems, including:

• Employees & Full-Time Staff: Developers, data engineers, data scientists, product managers, QA teams, and operations personnel.
• Consultants & Contracted Professionals: External specialists involved in design, development, audits, research, or advisory work related to AI systems.
• Third-Party Vendors & Affiliates: Service providers contributing to cloud infrastructure, model hosting, data preprocessing, annotation, or support services.
• Security & Compliance Personnel: Teams responsible for ensuring adherence to ethical, legal, regulatory, and internal compliance requirements.
• Support & Customer Success Teams: Personnel interacting with customers and managing AI-related queries, issues, or escalations.

All personnel must adhere to ethical AI development practices, privacy standards, and security protocols outlined in this Policy.

B. Third-Party Integrations

This Policy extends to all external systems, datasets, and technologies that interact with Imentiv AI, including:

• External AI Components & Pre-Trained Models: Third-party or open-source models integrated into the platform or used for fine-tuning or reference.
• Cloud Infrastructure & Hosting Services: Compute, storage, networking, security, or monitoring systems provided by cloud service partners.
• Analytics & Data Processing Frameworks: External libraries, tools, and engines used for data analysis, visualization, reporting, or model enhancement.
• API-Based Third-Party Services: External APIs utilized for authentication, enrichment, communication, or data verification.
• Integration Partners & App Ecosystems: Any platform or software integrated with Imentiv AI through connectors, plugins, or API bridges.

All third-party systems must comply with this Policy, undergo risk evaluation, and adhere to required security and data protection standards before integration.

4. GUIDING PRINCIPLES

Imentiv AI is committed to building responsible, safe, and trustworthy AI systems. All products, technologies, and workflows adhere to globally recognized principles of ethical AI development and deployment. These principles guide how we design, train, validate, monitor, and operate our AI systems.

4.1 Transparency

Imentiv AI ensures that users understand when and how AI impacts their interactions with the platform.

• Clear AI Disclosure: Users will be explicitly informed whenever content, insights, or recommendations are generated by AI rather than human contributors.
• Interface-Level Transparency: UI/UX elements will reflect when AI is involved in decision-making, automated scoring, emotional analytics, or generative processing.
• Model Documentation: Imentiv AI may publish model cards, documentation, architecture notes, permitted use-cases, limitations, and known risks to improve clarity and understanding.
• Traceability & Explainability: Where required and technically feasible, users may receive explanations or reason summaries behind AI-generated outputs to support accountability and informed decision-making.
• Legal Compliance in Transparency: The system will avoid "black-box" operations in areas where transparency is legally or contractually mandated.

4.2 Fairness & Non-Discrimination

Imentiv AI is committed to ensuring that AI systems operate equitably across demographic groups and do not propagate harmful or discriminatory biases.

• Bias Testing & Validation: Models may undergo structured fairness evaluations to detect bias patterns during training, testing, and post-deployment monitoring.
• No Harmful Processing of Protected Attributes: Sensitive attributes such as race, caste, religion, political beliefs, health data, disability, sexual orientation, and similar identifiers will not be intentionally used for decision-making unless strictly necessary, explicitly consented, and legally permitted.
• Ongoing Dataset Improvements: Training datasets and model weights are periodically updated to reduce systemic biases, improve representation, and enhance fairness across contexts.
• User Feedback Mechanisms: Channels will be provided for users to report perceived biases, unfair treatment, or discriminatory outputs, which will be investigated and addressed promptly.
• Ethical Dataset Sourcing: All data used for model development is sourced ethically, lawfully, and without exploitation.
• Customer Compliance Requirement: Customers and users are prohibited from using the platform to perform discriminatory profiling, exclusionary targeting, or harmful decision-making.

4.3 Privacy & Data Protection

Respect for user privacy is central to all AI operations at Imentiv AI.

• Strict Privacy Controls: All personal and sensitive data processed within AI systems input data, generated output, and training data is handled per the highest privacy standards.
• Purpose Limitation: Data is used only for disclosed, legitimate, and authorized purposes consistent with the Privacy Policy and Data Processing Agreement (DPA).
• Data Minimization & Anonymization: Where feasible, personal data is anonymized, pseudonymized, masked, or aggregated to minimize exposure and protect user identity.
• User Ownership: Users retain control over their data. Processing and model usage occur in accordance with consent, contractual obligations, and regulatory requirements.
• No Covert Profiling: The platform does not create covert, behavioral, or psychological profiles of users unless explicitly requested by the user or mandated for the core service functionality.
• Compliance with Global Privacy Laws: Data processing aligns with GDPR, DPDP Act (India), CCPA/CPRA, and other applicable privacy regulations.

4.4 Security

Imentiv AI implements robust technical and organizational controls to safeguard AI systems, data, and users.

• Security-by-Design: All AI models and datasets are developed, deployed, and maintained following industry-standard security principles.
• Comprehensive Security Controls may include:
  • encryption at rest and in transit
  • strong access controls with RBAC/ABAC
  • session-level and platform-level audit logs
  • secure isolation of model training and inference environments
  • protections against prompt injection, model corruption, and adversarial attacks
  • data validation and sanitization layers to prevent data poisoning
• Regular Security Assessments: Vulnerability scanning, penetration testing, threat modelling shall be conducted as needed.
• Incident Management: Any security incident involving AI systems is promptly investigated and remediated under the company's incident response process.

4.5 Human Oversight

Imentiv AI strives to ensure that humans remain accountable for decisions supported or influenced by AI systems.

• Human-in-the-Loop (HITL): The platform supports workflows where human operators review, validate, or override AI-generated insights.
• Human-in-Command: For mission-critical or sensitive operations humans must retain final control and decision-making authority.
• Override Capability: Users and administrators may correct, disable, or challenge AI-generated outputs wherever appropriate.
• Continuous Monitoring: Human observers evaluate model performance and intervene when anomalies, inaccuracies, or risks arise.

4.6 Reliability & Safety

Imentiv AI systems are designed with the intent to perform consistently, accurately, and within the boundaries of their intended use.

• Model Validation: All models are validated for accuracy, stability, robustness, and relevance before deployment.
• Monitoring & Drift Detection: Imentiv AI monitors its AI Systems for data drift, concept drift, accuracy decline, or deviations in prediction patterns over time.
• Fail-Safe Mechanisms: Imentiv AI may restrict, modify, or deactivate AI features that pose risks, show degraded performance, or behave unexpectedly.
• Stress & Load Testing: AI systems undergo reliability testing to ensure stable performance under varying real-world conditions.
• Safety Filters: Mechanisms are in place to prevent the generation of harmful, offensive, or unsafe outputs.

4.7 Ethical Use

Imentiv AI promotes responsible, lawful, and socially beneficial uses of AI technologies.

• No Harm Principle: Users must not use AI systems to harm, exploit, mislead, or manipulate individuals or communities.
• No Impersonation: AI-generated content may not be used to impersonate real individuals, institutions, or entities without lawful authorization and explicit consent.
• Prohibited Misuse: The platform must not be used for surveillance, harassment, deepfakes, misinformation, disinformation, political manipulation, or any fraudulent activity.
• Social Responsibility: AI usage should contribute positively to individuals, organizations, and society, avoiding practices that undermine trust, dignity, or well-being.
• Compliance with Laws: All AI activities must adhere to applicable global, regional, and sector-specific regulations and ethical frameworks.

5. ACCEPTABLE USE OF AI FEATURES

Users may access and utilize Imentiv AI's capabilities solely for lawful, legitimate, and authorized business purposes consistent with this Policy, the Terms of Service, Privacy policy and any applicable agreements. Acceptable use is limited to activities that enhance operational efficiency, improve productivity, support data-driven decision-making, and responsibly integrate AI insights into organizational workflows.

5.1 Users may leverage Imentiv AI's analytical and prediction engines for insights that support strategic and operational objectives, including:

• Sentiment & Emotional Analysis: Understanding user emotions, tone, sentiment shifts, and engagement patterns in text, voice, or communication data, for permitted business scenarios such as customer service improvement or feedback evaluation.
• Behavioural Insights: Generating patterns, correlations, behavioural segmentation, or usage insights to identify trends, optimize user journeys, or understand customer lifecycle behaviour within ethical and lawful boundaries.
• Predictive Analytics & Trend Modelling: Forecasting demand, predicting churn, identifying risk signals, analysing future patterns, or supporting decision frameworks using validated predictive models and business-approved datasets.
• Intelligence Reporting: Producing high-level summaries, anomaly detection alerts, operational metrics, or aggregate analytics dashboards for organizational monitoring and decision-making.

All analytical outputs must be interpreted responsibly, with human review where appropriate.

5.2 Users may employ Imentiv AI's automation and productivity features to streamline processes, reduce manual effort, and enhance workflow efficiency, including:

• Automation Workflows: Implementing AI-driven triggers, workflow automations, and rule-based or ML-based task execution for internal operations, customer support, or content processing.
• Recommendation Systems: Personalizing content, suggesting next actions, optimizing configurations, recommending resources, and supporting decision-making based on contextual analysis.
• Data Processing, Categorization & Summarization: Automating repetitive tasks such as data extraction, classification, enrichment, normalization, summarization, clustering, or entity recognition.
• Contextual Understanding Tools: Using AI systems that interpret intent, extract meaning, classify information, or understand domain-specific context to support search, retrieval, conversational tasks, or knowledge discovery.
• Content Generation for Internal Use: Drafting internal documents, templates, reports, or operational content where AI-generated material serves as an assistive tool and is subject to human oversight.

5.3 Integration via API, SDKs & Webhooks - Organizations may integrate Imentiv AI into their approved systems, applications, and workflows through provided APIs, SDKs, and automation interfaces:

• Embedding AI Insights into Authorized Applications: Integrating analytics, emotional intelligence indicators, summaries, and recommendations into websites, apps, CRMs, or internal platforms, provided they comply with contractual use limitations.
• Developing Organizational Dashboards: Creating analytics dashboards, BI tools, or internal monitoring systems that visualize AI metrics, predictions, or operational data.
• Enhancing Customer-Facing or Internal Workflows: Using AI to improve service delivery, personalize experiences, streamline internal processes, or augment employee tasks subject to proper data governance and user consent requirements.
• Secure Automation: Triggering notifications, actions, or workflow events from AI outputs using secure webhook connections and authentication controls.

All integrations must follow Imentiv AI's API documentation, rate limits, security practices, and data handling standards.

5.4 All acceptable uses of Imentiv AI must consistently remain:

• Lawful: Compliant with applicable laws, regulations, and industry requirements regarding data protection, privacy, security, and automated decision-making.
• Ethical: Respectful of individuals, communities, and organizations, avoiding manipulative, discriminatory, invasive, or harmful practices.
• Aligned with Documented Capabilities: Used only within the functional boundaries described in product documentation, model capability notes, and limitations.
• Non-Exploitative: Ensuring AI outputs are not misused to exert undue influence, mislead stakeholders, or exploit vulnerable groups.
• Consistent with Contractual Terms: Adhering to the Master Service Agreement (MSA), Terms of Use, Privacy Policy, Data Processing Agreement (DPA), and all other binding contractual obligations.

6. PROHIBITED USE

To ensure safe, lawful, and ethical operation of the platform, users must not use Imentiv AI for any purpose that violates this Policy, applicable laws, regulatory requirements, or ethical standards. The following activities are strictly prohibited. Violation of these terms may result in immediate suspension, access restrictions, termination of services, and reporting to relevant authorities where required.

6.1 Harmful, Illegal, or Deceptive Purposes

Users are strictly prohibited from using Imentiv AI in any manner that causes or attempts to cause harm, unlawful activity, or deceptive practices, including:

• Deepfake or Synthetic Identity Creation: Generating hyper-realistic synthetic content (audio, video, image, or text) designed to impersonate real individuals without explicit, verifiable authorization.
• Non-Consensual Impersonation: Creating content, responses, or communication that falsely represents an individual, organization, public authority, or institution.
• Unauthorized Surveillance or Monitoring: Using AI features to observe, track, or infer personal behaviours, locations, or activities without legal authority, consent, or legitimate purpose.
• Disinformation, Manipulation, or Influence Operations: Creating or distributing misleading, false, politically manipulative, or socially harmful content, including propaganda, fake news, or electoral interference.
• Facilitating Illegal Activities: Using the platform for fraud, scams, harassment, cyberattacks, identity theft, or any unlawful purpose.

6.2 Discrimination, Harassment, or Abuse

The platform must not be used to create or facilitate abusive, discriminatory, or harmful behaviour, including:

• Generating Defamatory, Hateful, or Obscene Content: Producing content that is abusive, hateful, harassing, violent, sexually explicit, defamatory, or intended to degrade or harm individuals or groups.
• Sensitive Attribute Profiling: Inferring, predicting, or profiling individuals based on protected or sensitive characteristics such as race, caste, ethnicity, religion, political beliefs, union membership, sexual orientation, gender identity, genetic data, health information, or disability status.
• Targeted Abuse or Harassment: Using AI outputs to intimidate, threaten, shame, or harass individuals.
• Exploitation of Vulnerable Groups: Using AI to manipulate or exploit minors, elderly individuals, or vulnerable populations.

6.3 Unauthorized or Unethical Data Processing

Users must not upload, process, or submit data to Imentiv AI in violation of privacy rights, intellectual property rights, or legal and ethical standards, including:

• Processing Data Without Consent or Legal Rights: Uploading personal, confidential, proprietary, or copyrighted data without the necessary permissions, lawful basis, or authorization.
• Processing Sensitive or High-Risk Data Without Approval: Including, but not limited to, biometric identifiers, medical records, financial data, or health information, unless explicitly permitted under contract and compliant with applicable laws.
• Reconstruction or Reidentification Attempts: Attempting to de-anonymize, re-identify, or derive personal identities from aggregated or anonymized outputs.
• Collection of Data for Covert Purposes: Using AI features to harvest or scrape data from systems, individuals, or third-party services without authorization.

6.4 Model Tampering, System Abuse & Security Violations

Users must not manipulate, compromise, or abuse the platform's models, infrastructure, or security mechanisms, including:

• Reverse Engineering or Unauthorized Extraction: Attempting to extract model parameters, architecture details, weights, training data, or proprietary algorithms.
• Prompt Injection, Model Corruption, or Adversarial Attacks: Attempting to exploit or manipulate AI behaviour using malicious prompts, adversarial inputs, or vulnerability probing.
• Using AI Outputs to Train External Models: Reusing, exporting, or feeding Imentiv AI outputs into external training pipelines or models without explicit written permission.
• System Overloading or Unapproved Stress-Testing: Intentionally sending excessive requests, load-testing, or attempting to disrupt service performance outside permitted usage limits, including rate-limit abuse.
• Circumvention of Security Controls: Attempting to bypass authentication, access controls, usage quotas, safety mechanisms, or content filters.

6.5 High-Risk or Regulated Use Cases (Unless Explicitly Approved)

Users must not deploy, rely on, or integrate Imentiv AI for high-risk applications without express written consent from Imentiv AI and compliance with relevant regulatory requirements. Prohibited high-risk scenarios include:

• Medical or Clinical Decision-Making: Diagnosis, treatment recommendations, or health-critical decision systems.
• Legal, Regulatory, or Compliance Determinations: Interpreting laws, offering legal advice, drafting binding interpretations, or substituting licensed legal professionals.
• Financial Credit, Lending, or Eligibility Decisions: Automated scoring or decisions affecting creditworthiness, loan approvals, insurance eligibility, or financial risk evaluations.
• Safety-Critical Industrial Controls: Systems involving autonomous machinery, robotics, transportation, utilities, energy grid management, or physical safety operations.
• Emergency or Life-Critical Scenarios: Situations where AI errors could result in injury, loss of life, or severe operational disruptions.
• Employment and Recruitment Screening: Use of AI to analyze candidates during recruitment (e.g., video interviews) or to monitor employee emotional states. Users operating in the European Economic Area (EEA) or other jurisdictions with specific AI regulation must obtain explicit approval from Imentiv AI Legal to ensure compliance with 'High Risk' AI system requirements before deploying for these purposes.

6.6 Enforcement & Remedial Actions

Imentiv AI reserves the right to:

• monitor usage for compliance,
• immediately restrict or block access for suspected violations,
• suspend or terminate user accounts,
• remove or disable problematic content,
• report illegal activities to law enforcement or regulatory authorities, and
• pursue legal remedies for damages or breach of contract.

Users are responsible for ensuring ongoing compliance with all prohibited-use restrictions.

7. DATA GOVERNANCE & AI TRAINING

Imentiv AI implements structured, transparent, and secure data governance practices to ensure that all data used for AI operations including training, inference, monitoring, and evaluation remains lawful, ethical, secure, and compliant with contractual and regulatory obligations.

7.1 Data Sources

Imentiv AI ensures that all data used for model development and enhancement is ethically sourced and legally authorized.

• Lawful & Ethical Acquisition: Training and evaluation datasets are obtained only from legal, licensed, and ethically compliant sources, including publicly available data, commercial data providers, open-source datasets, or consent-based contributions.
• Customer Data Restrictions: Customer proprietary data including content, metadata, logs, or uploaded files is never used for training or fine-tuning models unless the customer provides explicit written consent through a signed agreement or opt-in mechanism.
• No Unauthorized Scraping or Harvesting: The platform does not engage in unauthorized scraping of third-party services, social networks, or websites to obtain training data.
• Dataset Quality & Documentation: All datasets undergo review for accuracy, relevance, completeness, and lawful usage rights. Where applicable, dataset documentation (datasheets or lineage records) is maintained.
• Bias, Safety & Appropriateness Checks: Training sources are assessed for harmful, biased, or inappropriate content that could compromise model performance or ethical standards.

7.2 Data Minimization

Imentiv AI adheres to the principle of collecting and processing only the data necessary for intended AI functions.

• Purpose Limitation: Data is processed strictly for the purposes disclosed in product documentation, privacy policies, contracts, and user consent forms.
• Minimal Scope Collection: AI models use only the minimal data required to achieve valid technical or operational outcomes avoiding unnecessary data attributes or excessive scope.
• Controlled Feature Engineering: Only features relevant to model objectives are used, and sensitive attributes are excluded unless explicitly required, legally permitted, and authorized by the user.
• Periodic Review of Data Needs: Imentiv AI periodically evaluates whether any dataset or attribute remains necessary and removes or masks data that is no longer required.

7.3 Anonymization, Privacy Protection & Security

Imentiv AI employs strong privacy and security controls across all stages of the AI lifecycle.

• Anonymization & Pseudonymization: Wherever possible, personal data is anonymized, pseudonymized, aggregated, or masked to reduce identification risks before being used for model training or analytics.
• Customer Data Isolation: Customer data is isolated by tenant and environment ensuring that one customer's data cannot be accessed by another. Multi-tenant safeguards prevent data leakage or cross-customer model influence.
• Secure Storage & Access Controls: Based on the security policies, AI datasets use techniques such as encryption at rest and in transit, role-based access controls, zero-trust network policies, and audit logging.
• Data Integrity & Validation: Input data is validated and sanitized to prevent data poisoning, injection attacks, or ingestion of malicious training content.
• Compliance with Privacy Laws: All data processing complies with GDPR, DPDP Act (India), CCPA/CPRA, LGPD, and other applicable privacy regulations.

7.4 Retention, Storage Lifecycle & Deletion

Imentiv AI maintains clear procedures for how long AI data is stored and how it is securely disposed of.

• Defined Retention Schedules: AI logs, intermediate datasets, training/evaluation versions, and model artifacts are retained only for the durations defined in internal retention policies or regulatory requirements.
• Purpose-Based Retention: Data may only be retained for as long as necessary to fulfil the purpose for which it was collected, including security audits, performance monitoring, regulatory compliance, or contractual obligations.
• Secure Deletion: When data reaches end-of-life, it is deleted or anonymized using secure and irreversible methods that comply with international data destruction standards.
• User-Initiated Deletion Requests: Users may request deletion of personal data in accordance with applicable privacy laws and contractual terms. Upon verification, Imentiv AI will process deletion requests across training, backup, and inference systems (unless legal obligations require retention).
• Model Retraining Considerations: When customer data must be deleted, related training artifacts or model variants influenced by that data will be evaluated for retraining, removal, or replacement as required.

8. USER RESPONSIBILITIES

All users of the Imentiv AI platform are expected to adhere to the following responsibilities to ensure safe, lawful, and ethical use of the system:

8.1 Lawful and Ethical Use

Users must ensure that all activities performed on the platform comply with applicable laws, contractual obligations, and ethical standards. Users are responsible for ensuring that their use of Imentiv AI does not infringe upon the rights, privacy, or safety of any individual or entity.

8.2 Verification of AI Outputs

Users must independently review, validate, and confirm the accuracy, relevance, and appropriateness of AI-generated outputs before relying on them for any decision-making. AI outputs should not be treated as definitive facts; users must apply human judgment and domain expertise.

8.3 Consent and Authorization for Data

Users are responsible for ensuring that all data uploaded, shared, or processed through the platform has been lawfully obtained. Users must secure the necessary permissions, consents, licenses, and rights before submitting any personal, sensitive, proprietary, or third-party data. Specifically, where the data includes facial geometry, voice prints, or other inputs defined as 'Biometric Identifiers' or 'Biometric Information' under applicable laws (including but not limited to the Illinois Biometric Information Privacy Act or GDPR), the User warrants that they have obtained the required written releases and informed consent from all data subjects prior to processing such data through Imentiv AI. Users may not upload data that violates intellectual property, confidentiality agreements, or privacy obligations.

8.4 Account Security and Access Control

Users must safeguard their login credentials, API keys, access tokens, and other authentication mechanisms. Sharing credentials with unauthorized individuals, intentionally or negligently, is prohibited. Users must immediately notify Imentiv AI of any suspected unauthorized access, credential compromise, or account misuse.

8.5 Responsible Use in High-Risk Contexts

Users must not rely solely on AI outputs for decisions that may impact legal rights, financial outcomes, medical assessments, safety-critical operations, or any other high-risk domain. All such decisions must involve appropriate human oversight, professional judgment, and independent verification.

8.6 Compliance with Industry-Specific Regulations

Users are responsible for understanding and complying with all regulatory requirements applicable to their business, sector, or jurisdiction (e.g., financial compliance, data protection laws, healthcare regulations, government standards). Where required, users must implement additional safeguards, audits, or procedural controls before using AI-generated content or outputs.

8.7 Prohibited Sharing and Redistribution

Users may not redistribute, republish, or commercialize AI outputs in ways that violate licensing terms or intellectual property rights. Users must ensure that sharing outputs with third parties does not expose confidential data or violate privacy laws.

8.8 Reporting Misuse and System Concerns

Users should promptly report any suspected misuse, security vulnerabilities, harmful outputs, or ethical concerns encountered while using the platform. Cooperation with investigations or remediation efforts by Imentiv AI is required.

9. MODEL PERFORMANCE, LIMITATIONS & DISCLAIMERS

Imentiv AI aims to provide reliable and high-quality AI outputs; however, users must understand the inherent limitations of machine-learning technologies. The following disclaimers govern all use of the platform:

9.1 No Guarantee of Accuracy

AI-generated outputs may contain inaccuracies, omissions, outdated information, or factual inconsistencies. Users acknowledge that the Imentiv AI platform analyzes behavioral signals (such as facial muscle movements, vocal intonation, and text sentiment) which serve as proxies for emotion. These outputs represent an inference of emotional expression and are not a definitive medical, psychological, or factual determination of a human subject's internal emotional state. The platform does not warrant that outputs will always be correct, complete, reliable, or suitable for a specific user purpose. Predictions, classifications, and insights generated by the system are probabilistic and may not reflect real-world conditions.

9.2 Non-Deterministic Behaviour

AI systems can produce different responses to similar or repeated inputs due to their probabilistic nature, ongoing model updates, system optimization, or contextual variations. Users should not expect consistent or identical outputs across sessions or use cases.

9.3 Not a Substitute for Professional Judgment

The platform is not designed or intended to replace professional expertise, certified advice, or regulated decision-making frameworks. AI outputs must not be treated as authoritative guidance for:

• Medical or clinical diagnoses, treatment recommendations, or patient risk assessments
• Legal interpretation, compliance advice, contract evaluation, or regulatory analysis
• Financial, credit, or lending decisions, including underwriting or scoring
• Safety-critical operations, including engineering decisions, industrial controls, or emergency responses

Users must apply independent human judgment and seek qualified professional advice where required.

9.4 Model and Data Limitations

The system may reflect biases present in training data or external sources. Outputs may not consider real-time events unless explicitly stated. Performance may vary across languages, domains, and complexity of user queries.

9.5 User Reliance

Users rely on outputs, insights, and recommendations at their own discretion and risk. Imentiv AI is not liable for decisions, actions, or outcomes resulting from user reliance on AI-generated content. Users are responsible for verifying critical information before acting on or disseminating AI outputs.

9.6 Service Availability & Performance Variability

Model performance may be affected by network conditions, system load, scheduled maintenance, updates, or third-party dependencies. Imentiv AI does not guarantee uninterrupted service, real-time responsiveness, or specific performance levels unless otherwise contractually agreed.

10. THIRD-PARTY AI TOOLS & EXTERNAL SERVICE PROVIDERS

Imentiv AI may integrate or rely on third-party AI models, cloud infrastructure, APIs, data processors, and other external service components to deliver certain features and system functionalities. To ensure responsible and compliant integration, the following principles apply:

10.1 Vendor Security, Privacy & Compliance Due Diligence

All third-party service providers undergo security, privacy, and compliance assessments before integration. Evaluations consider the vendor's certifications, data protection standards, regulatory adherence (e.g., GDPR, SOC 2, ISO 27001), and operational resilience. Imentiv AI maintains contractual safeguards to ensure that third-party tools adhere to equivalent or higher standards of security and ethical conduct.

10.2 Data Handling by Third Parties

Third-party providers may process limited, purpose-specific data required for performance, model inference, optimization, or infrastructure operation. Data shared externally is minimized to what is strictly necessary, following principles of data minimization and privacy-by-design. Sensitive or confidential customer data is only shared where legally permissible and contractually protected. Any transfer of personal data to external providers occurs in accordance with applicable data protection laws, cross-border transfer mechanisms, and contractual controls.

10.3 User Obligations Regarding Third-Party Services

Users acknowledge that some platform features depend on external tools and that their use may be subject to additional terms, privacy policies, or licensing conditions imposed by those providers. By using applicable features, users agree to comply with such third-party terms to the extent they apply. Users are responsible for reviewing any third-party terms that affect their organization's regulatory or operational environment.

10.4 Impact of Third-Party Limitations or Failures

Imentiv AI is not responsible for service disruptions, latency, degraded performance, or inaccuracies arising from third-party outages, model limitations, or operational failures. Availability of certain features may change based on vendor updates, API lifecycle changes, depreciation schedules, or unforeseen external issues. Imentiv AI may replace, modify, or terminate third-party integrations at its discretion to maintain service quality, compliance, or security.

10.5 Continuous Monitoring & Governance

Integrated third-party components are periodically reviewed for compliance, reliability, and risk exposure. Any provider failing to meet required standards may be removed or replaced. Users will be informed of material changes to third-party integrations that significantly impact data processing or system behaviour.

11. MONITORING, AUDIT & CONTINUOUS IMPROVEMENT

Imentiv AI maintains an ongoing commitment to ensuring that all AI systems models, algorithms, datasets, and related components operate ethically, safely, and in accordance with legal, regulatory, and organizational standards. The platform uses a combination of automated and manual oversight to maintain system integrity and continually enhance performance.

11.1 Continuous Monitoring of AI Models

AI model behaviour is continuously monitored for accuracy, fairness, stability, explainability, and adherence to intended use-cases. Monitoring includes tracking false positives/negatives, model degradation, unpredictable behaviour, and bias indicators. Imentiv AI performs regular performance benchmarking and validation to ensure models continue to function as designed.

11.2 Automated Detection of Anomalies and Misuse

Automated systems are deployed to identify unusual activity, such as anomalous prompts, excessive API requests, or abnormal output patterns. Built-in alerts notify administrators of potential misuse, adversarial attacks, or suspicious user activity. Monitoring systems help detect:

• model or data drift
• prompt injection attempts
• data poisoning attempts
• misuse of features for unethical or prohibited purposes

Detected misuse may trigger automated safeguards, temporary feature suspension, or account restriction.

11.3 Periodic Ethical, Technical & Compliance Audits

Internal and external audits are conducted periodically to validate compliance with:

• AI ethics principles
• privacy and data protection laws
• contractual commitments
• security standards
• transparency and fairness guidelines

Audit outcomes may result in corrective actions, model fine-tuning, policy revisions, or process improvements. All audit findings are logged and reviewed by designated compliance and AI governance teams.

11.4 Model Updates, Retraining & Lifecycle Management

Models are evaluated regularly for improvement opportunities, including retraining with updated or expanded datasets. Outdated, underperforming, or high-risk models may be:

• deprecated
• replaced with more secure or accurate versions
• decommissioned entirely

When models are updated, Imentiv AI ensures:

• backward compatibility where feasible
• transparency about material changes to model behaviour
• preservation of user experience and system stability

11.5 Continuous Improvement Framework

Feedback from users, audits, incident reports, and monitoring systems informs the platform's continuous improvement initiatives. Imentiv AI invests in ongoing research, testing, and optimization to enhance accuracy, fairness, usability, and safety. Enhancements are deployed following secure development lifecycle (SDLC) practices including testing, validation, and impact assessment. Lessons learned from monitoring and incident investigations are incorporated into future product updates and governance policies.

12. REPORTING UNSAFE OR HARMFUL AI OUTPUT

Imentiv AI is committed to maintaining the safety, fairness, and reliability of its AI systems. To uphold this standard, users play a critical role in identifying and reporting issues that may compromise ethical or operational integrity. All users are required to promptly notify Imentiv AI of any unsafe, harmful, or suspicious AI behaviour.

12.1 Responsibilities to Report Issues

Users should immediately report any instances of:

• Inaccurate, misleading, or unsafe AI outputs, especially where such outputs could affect business decisions or user rights.
• Biased, discriminatory, or unfair model behaviour, including outputs that disproportionately affect individuals or groups.
• Potential security concerns, such as data leakage, unauthorized access, or suspicious model behaviour indicating vulnerabilities.
• Misuse or abuse of the platform, including attempts to circumvent safeguards, exploit loopholes, or generate prohibited content.
• Unexpected model reactions or instability, such as hallucinations, erratic responses, or behaviour inconsistent with the system's intended use.

12.2 Reporting Channels

Users can report issues through the following official channels:

Data Protection Officer:
Name: Nabil Shabab
Email: support@imentiv.ai

In-app reporting (if available): Via the built-in "Report Issue" or "Flag Output" feature.

Customer Success / Account Manager: For enterprise clients with assigned contacts.

All reports should include sufficient detail such as timestamps, input samples, screenshots, or relevant logs (excluding sensitive personal information unless necessary and legally permissible) to allow timely investigation.

12.3 Investigation & Remediation Process

Upon receiving a report, Imentiv AI will:

• Acknowledge receipt of the report within a reasonable timeframe.
• Conduct an internal review to validate, categorize, and prioritize the issue.
• Determine whether the issue is:
  • a model limitation
  • a safety risk
  • a policy violation
  • a technical bug
  • a user-side integration or configuration error

Take appropriate corrective actions, which may include:

• model refinement or retraining
• adjusting safety filters
• patching vulnerabilities
• temporarily disabling affected features
• issuing user guidance or clarifications

12.4 User Cooperation

Users agree to:

• Provide necessary information to assist in diagnosis and remediation.
• Refrain from further use of any feature known to be unsafe until Imentiv AI completes its review.
• Follow any interim recommendations, safety notifications, or required updates communicated by Imentiv AI.

12.5 Commitment to Safety

Imentiv AI treats all safety-related reports as high priority and is committed to:

• Transparent communication about confirmed issues and fixes where appropriate.
• Implementing safeguards to prevent recurrence.
• Continually improving detection, response, and mitigation processes.

13. ENFORCEMENT, VIOLATIONS & PENALTIES

Imentiv AI enforces this Policy to maintain platform integrity, ensure ethical use, and protect users, data subjects, and the public. Any violation of this Policy—whether intentional, negligent, or accidental may result in corrective or disciplinary actions proportionate to the severity, nature, and impact of the breach.

13.1 Identification of Violations

A violation may include, but is not limited to:

• Misuse of AI features for harmful, illegal, or prohibited purposes.
• Attempts to bypass safety filters, perform disallowed data processing, or exploit system vulnerabilities.
• Unauthorized access, reverse engineering, scraping, or model extraction attempts.
• Uploading unlawful, sensitive, or unpermitted data.
• Repeated disregard for operational guidelines, safety warnings, or corrective instructions.

Violations may be detected through automated monitoring, audits, security logs, user reports, or compliance reviews.

13.2 Progressive Enforcement Actions

Depending on the severity, intent, recurrence, and potential harm, Imentiv AI may take one or more of the following actions:

Warning or Advisory Notice

Issued for minor, first-time, or unintentional violations. May include guidance, education, or required corrective steps.

Feature or Usage Restrictions

Temporary or permanent limitations on certain features, API calls, or model access. Imposed when a user's behaviour poses moderate risk or indicates misuse of specific capabilities.

Account Suspension

Temporary suspension of access for repeated or serious violations. May occur if there is suspected malicious intent, security risk, or high-risk misuse. Access may be restored after investigation and remediation.

Account Termination or License Revocation

Applied for severe, intentional, or harmful violations. Includes permanent removal of account access and revocation of all licenses or entitlements. Imentiv AI may refuse future service to offenders.

Notification of Authorities

If a violation involves criminal activity, regulatory non-compliance, data breaches, or unlawful surveillance, Imentiv AI may report the incident to:

• law enforcement
• regulatory bodies
• affected third parties (as required by law)

13.3 Financial, Legal & Contractual Consequences

Imentiv AI may seek compensation for damages, financial losses, or remediation costs arising from misuse. For enterprise clients, penalties may include contractual remedies, indemnification claims, or early termination of agreements. Violations may result in legal action where necessary to protect the platform, users, or data subjects.

13.4 Investigation Process

All suspected violations are subject to a formal internal investigation. Users may be required to provide additional information or logs (excluding sensitive personal data unless lawfully permissible). Enforcement decisions consider:

• user intent
• scale of impact
• risk to individuals or systems
• recurrence of similar incidents
• cooperation during investigation

13.5 Right to Appeal

Users may dispute or appeal enforcement actions by contacting support@imentiv.ai. Appeals will be reviewed by the compliance or governance team, and outcomes communicated within a reasonable timeframe.

13.6 Zero-Tolerance for High-Risk Misuse

Imentiv AI maintains a strict zero-tolerance policy for:

• malicious activities
• exploitation of vulnerabilities
• unlawful surveillance
• discrimination using AI outputs
• creation of deceptive or harmful content

Such actions may result in immediate termination and legal escalation.

14. POLICY UPDATES

Imentiv AI is committed to maintaining an AI Policy that evolves in step with advancements in technology, emerging regulatory frameworks, and best practices in ethics, safety, and data governance. To ensure that the Policy remains current, effective, and aligned with global standards, Imentiv AI may revise, update, or expand its provisions as needed.

14.1 Reasons for Policy Amendments

This Policy may be updated or amended to reflect:

Advancements in AI Technologies

• Introduction of new AI features, models, or analytical capabilities.
• Modifications to algorithms, ML pipelines, or training methodologies.
• Updates required to address emerging risks, vulnerabilities, or industry-recommended practices.

Changes in Legal, Regulatory, or Industry Requirements

• New or updated AI regulations (e.g., EU AI Act, NIST frameworks, global privacy laws).
• Evolving contractual obligations, certification standards, or data protection rules.
• Court rulings, enforcement actions, or public policy changes affecting AI governance.

Safety Enhancements & Ethical Considerations

• Improved safeguards to mitigate bias, hallucination, adversarial attacks, or misuse.
• Updated internal processes for monitoring, transparency, and user protection.
• Lessons learned from audits, incident reports, or user feedback.

Business, Operational, or Infrastructure Changes

• Adoption of new third-party vendors or cloud infrastructure providers.
• Updates to internal governance structures, security frameworks, or service offerings.
• Organizational policy refinements to support scalability, compliance, or performance.

14.2 Notification of Policy Changes

Users will be notified of material changes, such as updates that significantly alter data handling, user rights, obligations, or platform functionality. Notification may occur via:

• in-platform alerts
• email communication
• dashboard announcements
• policy changelogs accessible within the user portal

14.3 User Responsibility to Review Updates

Continued use of the platform after a Policy update constitutes acceptance of the revised terms. Users are responsible for reviewing updated policies to ensure ongoing compliance with their legal and organizational requirements. Enterprise clients may receive advance notice for changes that impact contractual obligations or integration workflows.

14.4 Version Control & Documentation

Imentiv AI maintains version history and timestamps for all Policy updates. Prior versions may be archived to support transparency, audit needs, or compliance inquiries. Users may request details of historical changes where necessary for regulatory or internal governance purposes.

14.5 Commitment to Transparency

Imentiv AI strives to ensure that all policy updates are communicated clearly, timely, and with sufficient context for users to understand their impact. The goal is to foster trust, accountability, and shared responsibility in the safe and ethical use of AI technologies.

15. COMPLIANCE AND ENFORCEMENT

We reserve the right to suspend access to our AI Solutions at any time if we determine, in good faith, that you have breached our usage policies or if the use of our service could risk or harm, our users, or anyone else. We reserve the right to update this policy as needed to address emerging issues and maintain a safe environment.

16. CONTACT AND OPTIONAL FEEDBACK

We encourage users to use our support channels to provide feedback on AI outputs, which helps us improve the AI's performance and ensure responsible use. By using our AI chatbot, you commit to following these guidelines and contributing to a positive and respectful community for all users. If you have any questions or feedback about this policy, please contact our support team at support@imentiv.ai.