Legal

Privacy Policy

This policy describes how Community Intelligence ("we", "us", "the Service") processes personal data when providing community engagement analysis and outreach automation to community platform operators ("the Customer").

What data we process

We process community member data that the Customer's platform makes available through its API:

• Profile data: name, email, headline, location, membership tier
• Engagement data: login recency, login count, email open/click history, event attendance
• Platform identifiers: member IDs used to link analysis to individuals

We do not collect data directly from community members. All data is accessed through the Customer's platform API, using credentials the Customer provides and controls.

How we use the data

• Analysis: member data is processed by AI models to assess engagement levels, identify at-risk members, and generate personalised outreach recommendations
• Outreach: when approved (manually or via configured guardrails), emails are sent through the Customer's platform, not through our infrastructure
• Audit trail: we store records of every outreach action, including the AI reasoning, for compliance and quality improvement

What we store

We store the following in our database, isolated per Customer (tenant):

• Analysis results: risk assessments, engagement signals, and suggested outreach per member
• Outreach logs: who was contacted, what was sent, why it was recommended, and the outcome
• Configuration: workflow rules, agent personality, sender identity

We do not store raw member profiles. Member data is read from the platform API at analysis time and not persisted beyond the analysis results.

Data isolation

Each Customer's data is isolated by tenant ID at the database level. One Customer's data is never accessible to another. This is enforced in application code and database queries.

AI processing

Member data is sent to AI models (currently Anthropic Claude) for analysis and email drafting. This processing uses the AI provider's API subject to their data processing terms. Anthropic's commercial API terms prohibit training on API inputs.

Data subject rights

Community members are data subjects of the Customer, not of us. The Customer is responsible for handling data subject requests (access, deletion, portability) under GDPR. We assist by deleting or exporting stored data for specific members on request, and by respecting do-not-contact flags set in the Customer's platform.

Data retention

Data is retained while the Customer's account is active. On termination, all Customer-specific data is deleted within 30 days. Earlier deletion available on request.

Sub-processors

• Anthropic (San Francisco, USA) -- AI model API for analysis and email drafting
• Infrastructure provider (EU) -- application and database hosting

Terms of Use

The Service

Community Intelligence provides AI-powered community engagement analysis and outreach automation. The Service connects to your existing community platform via its API to analyse member behaviour, draft personalised outreach, and manage communications on your behalf.

Your responsibilities

• Platform access: you provide valid API credentials and ensure you have the right to process member data through third-party services
• Guardrail configuration: when enabling auto-send, you are responsible for configuring appropriate rules. The Service sends emails according to the rules you set.
• Content: whether emails are manually reviewed or auto-sent, you are responsible for content sent to your members. The Service drafts based on data and your instructions, but the content represents your community.
• Data protection: you remain the data controller for your members' personal data

Our responsibilities

• Data security: appropriate technical and organisational measures to protect your data
• Audit trail: every outreach action logged with reasoning, timestamps, and outcomes
• Tenant isolation: your data isolated from other customers at the database level

AI-generated content

The Service uses AI models to analyse data and draft emails. While we design prompts and guardrails to produce appropriate content, AI-generated text may occasionally be inaccurate or inappropriate. The guardrails (human review, auto-send rules, exclusion lists) mitigate this risk. We do not guarantee error-free content.

Intellectual property

The Service, including its workflows, prompts, and methodology, is our intellectual property. Email content generated for your community is yours.

Liability

The Service is provided "as is." We are not liable for damages arising from AI-generated content, delivery failures, or member responses to automated outreach. Total liability limited to fees paid in the 12 months preceding the claim.

Termination

Either party may terminate with 30 days' notice. On termination, all data deleted within 30 days. Export available on request before deletion.

Data Processing Agreement

This DPA forms part of the agreement between the Customer ("Data Controller") and Community Intelligence ("Data Processor") for the provision of the Service.

1. Roles

The Customer is the Data Controller. Community Intelligence is the Data Processor. Processing is carried out solely for providing the Service as described in the Terms above.

2. Data subjects and data types

Category	Data elements	Purpose
Identity	Name, email, member ID	Identify members for analysis and outreach
Profile	Headline, location, membership tier	Personalise outreach content
Engagement	Login history, email opens/clicks, event attendance	Assess engagement risk level
Communications	Email subject, body, timestamp, outcome	Delivery and tracking
AI reasoning	Assessment, risk tags, suggested actions	Audit trail, EU AI Act compliance

3. Processing operations

• Collection: member data read from Customer's platform API at analysis time
• Analysis: data sent to AI model (Anthropic Claude) for assessment and drafting
• Storage: results and logs stored in Processor's database, isolated by tenant
• Transmission: approved emails sent through Customer's platform
• Deletion: all data deleted within 30 days of termination

4. Sub-processors

Sub-processor	Location	Purpose
Anthropic	San Francisco, USA	AI model API
Infrastructure provider	EU	Hosting

30 days' notice for sub-processor changes. Controller may object within that period.

5. International transfers

Data sent to Anthropic's API in the US under Standard Contractual Clauses (SCCs). Anthropic does not use API inputs for model training.

6. Security measures

• Tenant isolation at database level
• API credentials stored per-tenant (encryption at rest planned)
• Pre-send validation: batch limits, recently-ignored exclusion, member exclusion lists
• Full audit trail with reasoning, timestamps, approval type (auto/manual)
• AI sandboxing: agent restricted to approved tools

7. Data subject requests

Processor assists Controller with access, rectification, erasure, and portability requests within 10 business days.

8. Breach notification

Processor notifies Controller of any personal data breach within 72 hours, including nature of breach, data affected, and measures taken.

9. Audit

Controller may audit Processor's compliance once per year with 30 days' notice.