AI Policy

Corridor offers AI-powered features that make it easier to understand and work with the platform. This overview explains our AI functionality and the related security and privacy practices.

Our commitment
● No-Training Clause: Corridor does not use Customer Data to train, retrain, or improve models.
● Data Isolation: AI sessions are ephemeral, and data is not shared across different customer accounts.

How does Corridor AI work?

Who are the Large Language Model Providers?

Corridor uses third-party AI language models to power these features. You can bring your own key to access AI services from providers. Supported LLM providers are: OpenAI, Google, and Anthropic.

How are responses generated?

1. The Corridor AI Agent receives a request from a user.

2. The Corridor AI Agent analyzes the request and creates a plan including 2 steps: Information Retrieval via tool calls and response generation

3. The Corridor AI Agent retrieves relevant content from the Corridor Platform on the user’s behalf (only content that the user has access to can be retrieved). Depending on the user's query, the relevant content that is fetched may include:
● Details registered on the platform - like Name, alias, and other documentation
● Code registered on the platform
● Jobs submitted on the platform - including the sampling size, data filters that were applied
● Job Results - including visualisations, metrics, and error logs

4. The request and relevant information are passed to the third-party AI model.

5. The third-party AI model generates a response based on the request.

How to enable AI features?

Corridor AI Agent is only available once an LLM Provider API key has been configured in Platform Settings. Please contact your Corridor administrator to configure and enable Corridor AI Agent.

How is my data protected?

Does Corridor AI Agent respect existing permissions?

Yes, Corridor AI Agent honors existing permissions and always acts on behalf of an authenticated user on the platform. All data access is governed by the role-based access controls for that user. Therefore, users can only use Corridor AI Agent with data and objects they already have permission to access in Corridor.

How is Customer Data protected when sent to third-party LLM providers?

Corridor ensures data is encrypted in transit using industry-standard protocols and best practices. TLS 1.2+ encryption is used with strong cyphers when making requests to the third-party LLM providers.

Will my data be used to train any models?
● No-Training Commitment from Corridor: Corridor does not use Customer Data to train, retrain, or improve models.
● Third-Party Enforcement: When using your own LLM provider - expectations for data commitment relating to model training, retraining, or improvement should be enforced directly by the third-party LLM provider.

How is Customer Data segregated?

AI sessions are ephemeral, and the Corridor AI Agent does not store any data.

The Chat Session is only stored within the user's browser SessionStorage, and will not persistnacross tabs or when the chat window is closed.

What compliance standards does Corridor AI Agent meet?

Corridor AI Agent is built on Corridor Platforms’ strong compliance foundation, meeting SOC 2 standards for security, availability, and confidentiality. This ensures that the agent operates within rigorous governance and data protection frameworks, giving organizations confidence in its reliability and trustworthiness.

What safety measures are in place?

Corridor has implemented comprehensive AI safety measures to protect against misuse and ensure secure operation:

● Prompt Injection Safeguards: Advanced filtering and validation techniques are in place to detect and prevent prompt injection attacks that could manipulate AI behavior.
● Input Validation: All user inputs are sanitized and validated before being processed by AI models to prevent malicious prompts or exploitation attempts.
● Output Validation: AI-generated responses are monitored for anomalous patterns or potentially harmful content.

What are the legal considerations?

What should users know about AI-generated content?

Corridor does not guarantee the accuracy of AI-generated outputs, which may contain inaccuracies or incorrect code. Corridor is not responsible for decisions made based on AI-generated content.

Users must review and validate all AI outputs before use. AI should complement, not replace, professional judgment.

What uses are prohibited?

Corridor AI Agent must not be used for illegal activities, automated decision-making with legal or similarly significant effects on individuals, or any purpose that violates applicable laws or regulations.

Please contact us with any concerns you may have. You can contact us by writing to us at contact@corridorplatforms.com.