InformationTitleLeanData AI Governance & Trust OverviewURL NameLeanData-AI-Governance-Trust-OverviewStep-by-StepContents: LeanData’s Approach to AI Governance & TrustCommon Questions Data Privacy and TrainingModel Accuracy and ReliabilityControl and Autonomy LeanData’s Approach to AI Governance & Trust As LeanData integrates Artificial Intelligence (AI) across our platform to drive orchestration efficiency, we continually prioritize security, data privacy, and model reliability in the best interest of our customers. This document addresses common security and governance questions regarding our AI capabilities and outlines the principles guiding our product development. Common Questions Data Privacy and Training What data does LeanData use to train and fine-tune its AI models, and how is customer data protected? LeanData maintains a strict policy: we do not use proprietary or sensitive customer data for AI model training or fine-tuning. Training Data: Models are trained using only anonymized, aggregated, or synthetic datasets to ensure feature integrity without compromising customer confidentiality.Consent: User consent for any optional data sharing or usage related to product improvement is explicitly obtained through product interfaces or contractual terms.Governance: Data handling follows strict access controls and privacy policies, ensuring compliance with all customer agreements and regulatory requirements. How does LeanData ensure AI features comply with data privacy regulations (e.g., GDPR, CCPA)? Our commitment to privacy extends to our AI implementation. All data processing for AI purposes, including input, inference, and storage, adheres to established access controls, logging, and audit processes, ensuring compliance with customer agreements and regional privacy regulations. Do customers have options for using external LLMs with additional security controls? Yes. For features that utilize public Large Language Models (LLMs), customers have the option to supply their own API key for the LLM provider (e.g., Gemini). This configuration offers additional safeguards: Data Isolation: Data processed by the LLM is managed under the customer's existing contract and security agreement with that LLM provider, ensuring clear ownership and control over data handling.Security: This model provides a clear boundary for data processing, giving the customer direct management of the LLM interaction and compliance profile. Model Accuracy and Reliability What is your process for validating AI model accuracy before deployment, and throughout ongoing operation? LeanData applies a standardized, documented framework for AI model validation and continuous monitoring: Pre-Deployment Testing: Each model is rigorously tested on representative data using hold-out and cross-validation methods. We use quantitative metrics (e.g., accuracy, precision/recall, F1-score) and comprehensive qualitative Subject Matter Expert (SME) review to confirm reliability.Thresholds: Results must meet internal, predefined performance thresholds before any feature is released.Post-Deployment Monitoring: Automated monitoring and periodic human review processes are in place to detect data drift, model degradation, or inconsistent performance.Mitigation: Retraining and rapid rollback mechanisms ensure we can maintain consistent performance under changing operational conditions. What measures are in place to prevent the AI models from producing inaccurate or biased results? We actively manage model bias and integrity in the following ways: Data Curation: Training data is carefully curated and balanced to minimize inherent biases.Robust Testing: Testing includes evaluation against diverse, representative datasets to ensure fair performance across various customer scenarios.Human Oversight: Expert review and audit logging provide a continuous human-in-the-loop control, ensuring all outputs are appropriate for the intended business context. Control and Autonomy How does LeanData safeguard against the AI features taking unintended or unauthorized actions within a customer's environment? LeanData's AI features operate under strict governance: Predefined Rules: AI functionality is bound by predefined business rules and existing permission boundaries established within the LeanData and Salesforce platforms.Access Control: The AI cannot execute actions outside of the permissions granted to the system or the initiating user's role.Auditability: Continuous monitoring, detailed audit logging, and explicit approval checkpoints are used to ensure all AI outputs remain aligned with intended goals and use cases. Does the LeanData AI system have autonomous decision-making or multi-step execution capabilities? What guardrails are in place? LeanData's AI operates with limited, policy-bound autonomy. Execution: Where multi-step or automated actions (known as agentic functionality) are supported, they run strictly within predefined, user-configured workflows.User Configuration: These automated processes require explicit user configuration or, in critical scenarios, human approval before execution.Guardrails: Role-based permissions, validation checkpoints, and system logic prevent the AI from executing actions outside the intended scope or organizational policy, ensuring actions align with approved business logic. For questions or additional assistance, please contact LeanData Support.
