AI Compliance (Data Protection and Privacy) - Causal Map app

Compliance (Data Protection and Privacy) for AI-enabled services

AI Processing for Causal Map 4 with AI enabled

• Data is processed using a variety of LLM APIs, as of November 2025 exclusively Google Vertex APIs.

• Each model use is recorded internally.

• For Google Vertex AI:
• Data is not used to train models
• Zero long-term retention: Max 24 hours in-memory cache of data
• Data stays in the user’s chosen region (europe-west1 or europe-west2 or Virginia (us-east5)
• For users who select a European region, data storage and processing are GDPR compliant

• Clients are asked not to upload data including personally identifying information.

• Causal Map Ltd. adheres to established qualitative research protocols to limit the AI's freedom in making evaluative judgments, thereby aiming for transparency and accuracy in the AI's interpretation of causal claims.

• Ethical considerations include careful attention to the types of data processed and ensuring the AI's analysis reflects respondent views without systematic bias or undue influence.

User Activity Monitoring and Audit Logs

1. Log on and log off is monitored via Google Firebase

2. Highly significant events like new user registration and file creation are logged in a system SQL database and also emailed to the Data Protection Officer

3. Significant events like log on, load file, are recorded in a system SQL database

Contact Information

• Data Protection Officer: Steve Powell

• Email: hello@causalmap.app

• Website: https://www.causalmap.app