Vault Agentics
Legal

AI Transparency

Last updated: May 11, 2026

Vault Agentics is AI-native. This notice describes how we use AI in our own operations and in customer engagements, and the controls we apply.

Our framework

We operate against the NIST AI Risk Management Framework 1.0 and align to ISO/IEC 42001:2023 and the EU AI Act (Articles 9, 10, 13–15). Our internal AI Operating Standard maps these to concrete controls and is available under NDA via Trust → Artifacts.

Where we use AI

  • Internal productivity — drafting, summarization, analysis, and coding assistance.
  • Engagement work — accelerated assessment, threat modeling, control mapping, and detection engineering, always under human review.
  • Agentic workflows — automation that observes, recommends, or executes within explicit guardrails. Actions that change customer systems require human authorization.

Model providers

Our primary AI platform is Anthropic (Claude). We may also use other commercial APIs and locally hosted models when an engagement requires it. The current list is in our Sub-processors.

No-training commitments

We default to commercial agreements with no-training commitments, meaning provider models are not trained on our prompts or outputs. We do not opt in to model training on engagement data.

Data handling

  • Data is classified before model interaction; sensitive categories are redacted, tokenized, or kept on isolated tenants per engagement contract.
  • AI activity is logged for security, audit, and quality.
  • We do not use customer data to fine-tune or evaluate models without written authorization.

Human oversight

A qualified human reviews AI outputs before they are delivered to customers or used to make decisions that affect them. Agentic actions on customer systems require explicit human authorization.

Accuracy and limitations

AI systems can make mistakes. We test against representative inputs, monitor production behavior, and provide customers with the means to flag and correct outputs.

Customer rights

  • Request a description of AI use in your engagement.
  • Opt out of specific AI features where the engagement allows.
  • Request human-only handling for sensitive deliverables.

Contact

Questions: ai@vaultagentics.com