AI Terms
Our Security Commitment
Rescana protects customer data with a defense-in-depth program — encryption in transit and at rest, least-privilege access controls, continuous vulnerability management, monitoring, and independent audits. Full details, certifications (ISO 27001, ISO 27018, SOC 2 Type II, GDPR), and documentation requests are available in our Trust Center.
Our Responsible AI Commitment
Rescana uses artificial intelligence to accelerate third-party risk-management workflows. We follow these principles:
- Transparency: Users are informed whenever AI is involved in generating insights.
- Fairness & Non-Discrimination: Models are evaluated for unintended bias and retrained as required.
- Privacy & Data Minimization: Only the data strictly required for a given task is processed, and it is retained for the minimum time necessary.
- No Customer Data Training: We do not use customer-provided or end-user data to train, retrain, or fine-tune our AI models.
- Human Oversight: Critical decisions remain subject to human review and override.
- Accountability: We log and monitor model outputs to detect drift or misuse, taking corrective actions promptly.
- Alignment with Emerging Standards: Our governance framework references the NIST AI Risk Management Framework and the EU AI Act.
- EU AI Act Limited-Risk Classification: Rescana's TPRM AI modules are classified as limited-risk systems under Article 50 of Regulation (EU) 2024/1191. As such, they are subject mainly to transparency obligations rather than the full high-risk compliance regime.
AI Transparency & User Rights
- You are informed at the start of each interaction when AI assistance is active.
- AI-generated content is clearly labelled and machine-readable using the attribute data-ai="true" or a visible "AI-Generated" tag.
- You may request an explanation of any significant AI-assisted recommendation and may contest decisions that materially affect you.
- To exercise these rights contact ai-governance@rescana.com.
Limitations & Disclaimers
Although Rescana maintains rigorous controls, no security system is infallible and no AI model is error-free. Insights produced by our platform, including AI-generated recommendations, are provided "as is" and are intended for informational purposes. They do not replace professional judgment, legal advice, or regulatory guidance.
Contact
Questions about our security or AI governance practices can be directed to ai-governance@rescana.com.