AI Compliance (Data Protection and Privacy) - Causal Map app

📑

Compliance (Data Protection and Privacy) for AI-enabled services

Causal Map app, developed by Causal Map Ltd, is committed to protecting the privacy of our users. This privacy policy outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR), EU AI Act Compliance and other applicable regulations.
This AI Policy is in addition to the general provisions at
Compliance (Data Protection and Privacy) - app : https://www.causalmap.app/privacy-policy/
 
Causal Map is an online-only service, there is nothing to download or install.

AI Processing for Causal Map Workflows and for Causal Map 3 with AI enabled

Causal Map 3 does not have AI enabled by default. AI is enabled only by specific agreement.
  • Data is processed using a variety of LLM APIs, by default OpenAI APIs, including but not limited to gpt-4o. Details for other models are displayed within the app.
  • Each model use is recorded internally.
  • OpenAI retains API data for a maximum of 30 days for compliance purposes. OpenAI declares that API users retain ownership of their data, and API requests are not used for training models (we are a Tier 5 OpenAI customer).
  • Clients are asked not to upload data including personally identifying information.
  • Causal Map Ltd. adheres to established qualitative research protocols to limit the AI's freedom in making evaluative judgments, thereby aiming for transparency and accuracy in the AI's interpretation of causal claims.
  • Ethical considerations include careful attention to the types of data processed and ensuring the AI's analysis reflects respondent views without systematic bias or undue influence.
 

Third-Party Services

We use the following third-party services:
  • Google Firebase (Authentication).
  • OpenAI API (AI Processing).
  • Heroku (Database).
  • Railway (Hosting).
Each third-party service has its own privacy policy.

User Activity Monitoring and Audit Logs

  1. Log on and log off is monitored via Google Firebase
  1. Highly significant events like new user registration and file creation are logged in a system SQL database and also emailed to the Data Protection Officer
  1. Significant events like log on, load file, are recorded in a system SQL database
 

Contact Information

For privacy-related inquiries:
  • Data Protection Officer: Steve Powell
 
Terms and Conditions for the Causal Map App
Compliance (Data Protection and Privacy) - app
AI Compliance (Data Protection and Privacy) - Causal Map app
Service Level Agreement