AI Security and Governance
Learn how Netcore secures AI-powered workflows across content generation, campaign insights, planning, and agentic assistance.
Overview
Netcore's AI capabilities are designed to help marketers work faster, create smarter campaigns, and make better decisions across the customer lifecycle. AI is built into the Netcore experience to improve speed, relevance, and efficiency across content generation, campaign performance analysis, segmentation, and planning assistance.
To support enterprise use, Netcore follows a security-first, responsible AI approach. AI-powered workflows are built with safeguards for:
- Data privacy
- Tenant isolation
- Prompt and output safety
- Controlled access to business context
- Auditability and monitoring
Core Security Commitments
Every customer should understand the following non-negotiable principles that govern how Netcore handles AI.
| Commitment | What It Means |
|---|---|
| No training on your data | Customer data is never used to train or fine-tune any AI model. |
| No PII to the model | Personal information is never sent to the underlying language model. |
| Full auditability | Every AI interaction is logged and available for audit, with conversation history accessible for up to 30 days from the customer panel. |
| Ongoing security testing | AI systems are continuously tested against adversarial and misuse scenarios. |
AI Is Used in Netcore
Netcore uses generative AI to power the following capabilities within the platform:
- Campaign content generation
- Performance insights and analytics
- Audience segmentation recommendations
- Campaign planning assistance
These features are built as governed workflows, not open-ended AI tools. Every AI interaction is tied to a specific task, operates within defined boundaries, and follows the same access controls as the rest of the platform.
AI Models in Use
Netcore uses externally hosted foundation models from approved providers, accessed through secure cloud APIs.
| Model Provider | Provider | Use Case |
|---|---|---|
| Claude | Anthropic | Content generation, campaign analysis, and conversational AI features |
| Gemini | Select generative and analytical workflows | |
| Titan | Amazon (via Amazon Bedrock) | Embedding and retrieval operations only |
Note
Model selection may vary by feature and deployment environment. The list of models used is subject to change as the AI landscape evolves and new models are evaluated.
Netcore does not fine-tune any of these models using customer data. Business context is provided at the time of each request through a controlled retrieval process, keeping the model itself free of any customer-specific information.
Data Handling and Privacy
Netcore is deliberate about what information flows into its AI pipeline. There are two categories of data that may be used:
Publicly Available Reference Information
Channel best practices sourced from platform providers such as Meta, Google, and Yahoo are stored in Netcore's retrieval layer to help the AI produce relevant, platform-compliant recommendations.
- It is refreshed periodically.
- It does not represent customer data.
- It is not subject to per-customer data retention policies.
Tenant-Specific Campaign Context
Aggregated performance summaries, such as campaign delivery rates and engagement metrics, scoped exclusively to the requesting customer's account. This is operational metadata, not individual-level data.
- This context is refreshed once every 24 hours to ensure AI responses remain current.
- Short-term conversational context is retained within a session to support follow-up questions.
- This is cleared when the session ends and is never shared across users or customers.
Data Excluded from AI Processing
The following are explicitly excluded from any AI interaction:
- Individual-level personal data like, email addresses, mobile numbers, names, national identity numbers, or any other personal identifiers tied to end customers.
- Raw contact lists, CRM records, or unmasked behavioural event data.
- Payment card data or financial information.
- Credentials, API keys, or infrastructure information.
Good to Know
Technical controls are in place to prevent this data from reaching the AI model even if it is inadvertently included in a user's prompt.
AI Model Training and Customer Data
Netcore does not contribute any customer data, including prompts, campaign information, or audience context to train or update any foundation model.
The API agreements with Netcore's model providers enforce zero data retention: prompts and model responses are transient by design and are not stored or used for model training by the provider.
In the case of Amazon Bedrock specifically, standard inference API calls are fully transient, with no persistence of input or output data
Data Retention Schedule
Refer to the table below to understand how different categories of AI-related data are retained, managed, and automatically purged across Netcore’s governed AI workflows.
| Data Type | Retention Period |
|---|---|
| Public best-practice reference data (retrieval layer) | No formal retention period — not customer data |
| Customer attribute and taxonomy context (retrieval layer) | Retained while the account is active; deleted upon account churn |
| Campaign context used for retrieval | Up to 12 months, then automatically purged |
| Conversation history (customer panel) | Accessible to authorised users for 30 days |
| Audit logs | Retained per Netcore's platform-wide data retention policy |
Important Point to Remember
Customers with specific data retention requirements can discuss custom schedules as part of their enterprise agreement.
Customer Data Isolation
Netcore is a multi-tenant platform. Ensuring that one customer's data cannot be accessed by or exposed to another customer is a foundational requirement for AI as much as for any other part of the platform.
- Every record in Netcore's databases is partitioned by a unique customer identifier.
- Every AI-related query, including retrieval operations that provide context to the AI model, must include this identifier.
- A query that does not carry a valid customer identifier is rejected before execution.
This makes cross-customer data access structurally impossible, not merely policy-restricted. The AI models themselves are stateless between requests; they retain no memory across calls, which provides an additional layer of isolation at the model level.
Trust Layer
All AI activity in Netcore passes through a centralised control layer, the TRUST Layer that sits between the platform and the external AI model. Passing through the TRUST Layer is mandatory for every AI request and response. It enforces privacy, safety, and governance at every step.
| Control | What It Does |
|---|---|
| PII Redaction | Personal information is automatically detected and removed from both incoming prompts and outgoing responses before they reach the model or the user. Redacted values are replaced with anonymous placeholders to preserve context without exposing identifiable data. |
| Prompt Safety Screening | All incoming prompts are checked for attempts to manipulate the AI system — for example, trying to override its instructions, impersonate a different role, or extract restricted information. These are blocked before they reach the model. |
| Scope Enforcement | Each AI feature has a defined scope. Requests that fall outside that scope — such as asking a campaign analytics assistant about unrelated business domains — are gracefully declined rather than attempted. |
| Output Safety Checks | Model responses are reviewed before being delivered to the user. Content that is harmful, unsafe, or in violation of policy is blocked. Netcore uses enterprise-grade content safety tooling that operates across more than 170 languages. |
| Audit Logging | Every interaction — the prompt sent, the context used, and the response generated — is logged for governance, troubleshooting, and compliance review. |
Continuous Security Testing
Netcore tests its AI systems on an ongoing basis using a structured security testing framework. Rather than waiting for issues to surface in production, Netcore proactively evaluates AI agents against scenarios designed to expose weaknesses before they can be exploited. The current test coverage spans eight categories of adversarial scenarios:
- Prompt injection attempts
- Personal data extraction attempts
- Cross-customer data access attempts
- Out-of-scope usage
- Role and persona manipulation
- Harmful content generation
- Infrastructure probing
- Scope boundary enforcement
Each test is evaluated on a pass/fail basis for security scenarios, with detailed reporting available for enterprise governance reviews. Test suites are regularly updated as new adversarial techniques emerge.
Responsible AI Principles
Security is one part of how Netcore thinks about responsible AI. More broadly, Netcore is committed to building AI that is transparent, fair, and governed.
| Principle | What It Means in Practice |
|---|---|
| Privacy by design | Privacy is designed in from the start, not added on as an afterthought. |
| Bounded operation | No AI feature in Netcore can take actions beyond its defined scope or the user's permissions. |
| Human oversight | AI-generated outputs pass through safety checks. Consequential decisions are not fully automated. |
| Honest transparency | This document reflects what is actually implemented — not aspirational policy. |
| Continuous validation | Security validation is continuous, not periodic. We test what we ship. |
Every AI request in Netcore follows a controlled, multi-stage flow before a response is returned to the user. No AI feature in Netcore operates as an unrestricted system — each request goes through validation, access control, and policy enforcement at every stage.
Encryption in Transit
All data in transit between Netcore's application layer and the AI model infrastructure is encrypted using TLS 1.2 or higher.
Updated about 1 hour ago