SiteTrust AI Usage Policy

1. Our Commitment to AI Transparency

At SiteTrust, we recognize that building trust in AI begins with our own practices. As the creator of the SiteTrust AI Transparency Standard, we hold ourselves to the highest tier of compliance and lead by example in transparent, responsible AI deployment.

This policy establishes our commitment to honest, accountable AI practices and describes our governance framework for all AI systems we use. It explains how we protect consumer interests, maintain human oversight, and ensure transparency in our operations.

Our Principles:

• Transparency First: We disclose all AI usage clearly and honestly, to the best of our abilities
• Human-Centered: AI assists our team; humans make final decisions
• Accountability: We take responsibility for AI outputs and impacts as used by us
• Continuous Improvement: We regularly review and enhance our AI practices
• Consumer Protection: We prioritize the interests of our users and certified companies

2. Scope of AI Usage

2.1 Where We Use AI

SiteTrust employs artificial intelligence technology in the following categories of our business:

Customer Support and Communications

• AI-powered chatbots for frequently asked questions
• Automated routing and triage of customer inquiries
• Support documentation and knowledge base assistance

Marketing and Content Creation

• Drafting and editing marketing materials
• Creating multimedia content including text, images, and video
• Social media content development
• Email communications
• Educational materials and training content

Internal Operations

• Research and competitive analysis
• Document drafting and editing
• Administrative task automation
• Data analysis and reporting

Platform Development

• Creating example implementations and demonstrations
• Developing tools and resources for certified companies
• Testing and quality assurance

2.2 What We Do NOT Use AI For

To ensure fairness and accountability, we do NOT use AI systems for:

• Final certification approval or denial decisions
• Appeals review or dispute resolution
• Pricing or fee determination for individual organizations
• Legal interpretation or compliance guidance (AI may assist research, but lawyers provide guidance)
• Contract negotiations or legal decision-making
• Financial transactions or payment processing decisions

3. Human Oversight and Governance

3.1 Oversight Framework

SiteTrust maintains a four-level AI oversight framework that ensures appropriate human involvement based on the criticality and potential impact of AI-assisted activities:

• Level 1 - AI as Productivity Tool: Use: AI functions like spell-check, grammar assistance, or search enhancement | Oversight: Human reviews final output as part of normal work quality checks
• Level 2 - AI-Assisted Creation: Use: AI provides substantial assistance in content creation or analysis | Oversight: Mandatory human review before any output is used or published
• Level 3 - AI with Monitoring: Use: AI performs routine tasks with human spot-checks | Oversight: Regular audits and immediate human intervention capability
• Level 4 - Human Only (No AI): Use: Critical decisions made entirely by qualified humans without AI assistance | Oversight: N/A - humans only

3.2 Responsible Parties and Accountability

AI governance at SiteTrust is distributed across our leadership team:

• Chief Executive Officer: Overall AI strategy, policy, and accountability
• Chief Technology Officer: Technical implementation, security, and system performance
• Director of Certification: Ensuring certification processes remain human-driven
• Head of Customer Experience: Customer-facing AI systems and support quality
• Content Team Lead: AI-assisted content creation, editing, and labeling
• Chief Compliance Officer: Policy compliance, monitoring, and reporting

Clear Accountability: SiteTrust takes full responsibility for all AI outputs, decisions made using AI recommendations, and any errors or issues that arise from AI usage. We do not take responsibility for third-party attacks or unauthorized use outside of our control.

3.3 Employee Training and Standards

All SiteTrust team members who work with AI systems receive training on:

• Understanding AI capabilities and limitations
• Appropriate use cases for different AI applications
• Identifying and mitigating bias in AI outputs
• Data privacy and security requirements
• Disclosure and labeling obligations
• When to escalate concerns or defer to human-only processes

Training occurs at hire, annually, and whenever new AI systems are deployed or policies change.

4. Transparency and Disclosure Practices

4.1 Content Labeling Standards

We label AI-involved content based on the level of AI contribution:

• AI-Generated Content: AI created the substantial majority of the content
  Label: "This content was generated using artificial intelligence and reviewed by SiteTrust staff." or "Enhanced by AI"
• AI-Assisted Content: AI provided meaningful assistance, but humans created and controlled the content
  Label: "This content was created with AI assistance." or "Enhanced by AI"
• AI as Productivity Tool: AI used like spell-check or search
  Label: Not labeled separately

All customer-facing AI systems (such as chatbots) clearly identify themselves as AI at the point of interaction, when possible. We are also making best efforts to have third-party tools use identifying labels and systems as well.

4.2 Point-of-Use Disclosure

Where AI is used in customer-facing applications:

• Users are informed they are interacting with AI
• Users can request human assistance at any time
• AI limitations are disclosed in context
• Alternative human-only options are available when appropriate

5. Data Privacy and Protection

5.1 Our Data Principles

When AI systems process data at SiteTrust, we follow these core principles:

• Data Minimization: We only share necessary information with AI systems and avoid processing sensitive personal data through AI when possible.
• Purpose Limitation: Data processed by AI is used only for the specific purpose disclosed and not repurposed without notice.
• Security: All data processed by AI systems is encrypted in transit and at rest, with appropriate access controls and monitoring.
• Transparency: We disclose what categories of data are processed by AI systems in this policy and our Privacy Policy.
• Retention Limits: We do not retain data in AI systems longer than necessary for the disclosed purpose.

5.2 Third-Party AI Provider Standards

We carefully vet all third-party AI service providers and require them to meet our standards:

• No Unauthorized Training: Providers may not use our data to train or improve their models without explicit consent
• Security Standards: Providers must maintain security measures equivalent to or exceeding our own
• Regulatory Compliance: Providers must comply with applicable data protection laws (GDPR, CCPA, etc.)
• Contractual Protections: All providers sign data processing agreements
• Incident Response: Providers must have documented incident response procedures

5.3 Your Data Rights

You have rights regarding data processed by our AI systems:

• Right to Access: Request information about what data AI systems have processed about you
• Right to Correction: Request correction of inaccurate information
• Right to Deletion: Request deletion of your personal data (subject to legal obligations)
• Right to Opt-Out: Where technically feasible, request alternative non-AI processing
• Right to Data Portability: Receive your data in machine-readable format
• Right to Object: Object to certain types of AI processing

See our Privacy Policy for full details on exercising these rights and our general data practices.

6. AI Limitations and Risk Management

We acknowledge that all AI systems have inherent limitations. Understanding and managing these limitations is central to our commitment to responsible AI use.

6.1 Known AI Limitations

Accuracy and Reliability

Limitation: AI systems can generate incorrect, incomplete, or misleading information (hallucinations) | Our Approach: Mandatory human review of all AI outputs before publication or use. Critical information is fact-checked and verified independently whenever possible.

Bias and Fairness

Limitation: AI systems may reflect biases present in their training data | Our Approach: Human reviewers are trained to identify and correct biased content. We do not use AI for decisions affecting protected classes or where bias could cause material harm.

Context and Nuance

Limitation: AI may misinterpret context, miss nuance, or fail to understand complex situations | Our Approach: Complex matters, sensitive topics, and situations requiring judgment are handled by qualified humans. AI systems are designed to escalate when uncertain.

Technical Reliability

Limitation: AI systems may experience downtime, errors, performance degradation, or unexpected behavior | Our Approach: We maintain alternative processes that do not depend on AI when possible. Customers can always access human support directly.

Privacy and Security

Limitation: AI systems processing data create potential privacy and security risks | Our Approach: Strict data processing agreements, encryption, access controls, regular security assessments, and incident response planning when possible.

6.2 Continuous Monitoring and Improvement

We actively monitor AI system performance and risks through:

• Quality Reviews: Regular review of AI outputs for accuracy, bias, and appropriateness
• User Feedback: Monitoring and responding to customer feedback about AI interactions
• Performance Metrics: Tracking error rates, user satisfaction, and system reliability
• Incident Tracking: Documenting and analyzing AI-related issues or failures
• Technology Updates: Staying current with AI developments, risks, and best practices

When issues are identified, we investigate root causes and implement improvements to prevent recurrence.

6.3 Incident Response

If an AI system produces harmful, inaccurate, or problematic outputs:

• We acknowledge the issue promptly
• We take immediate corrective action (corrections, takedowns, notifications)
• We investigate the root cause
• We adjust processes and controls to prevent recurrence
• We communicate transparently with affected parties

We take full responsibility for AI-related issues and do not hide behind "AI made a mistake" as an excuse.

7. Consumer Rights and Recourse

7.1 Your Rights Regarding AI

You have specific rights when interacting with our AI systems:

• Right to Human Review: Request human review of any AI-assisted decision affecting you
• Right to Explanation: Request information about how an AI system reached a conclusion
• Right to Appeal: Appeal AI-generated outcomes through our dispute resolution process
• Right to Opt-Out: Request alternative non-AI processing where feasible
• Right to Complaint: File complaints about our AI practices (see Section 7.2)

7.2 Filing Complaints

If you have concerns about our AI practices:

• Contact our AI Transparency Team at legal@sitetrust.com or info@sitetrust.com
• We acknowledge all complaints within 24 hours
• We provide substantive response within 5 business days
• You may also file complaints with relevant regulatory bodies (FTC, state attorneys general, data protection authorities)

8. Policy Maintenance and Updates

8.1 Review and Update Schedule

Quarterly Review: Every three months, we review this policy for accuracy and completeness.

Update Triggers: We update this policy when:

• We deploy AI in new categories of use
• We significantly change how we use AI
• Material risks or issues are identified
• Relevant laws or regulations change
• Stakeholder feedback indicates clarification is needed

8.2 Notification of Changes

Material Changes are communicated through:

• Prominent notice on sitetrust.com (30 days)
• Email notification to customers and certified organizations
• Update to "Last Updated" date on this policy
• Entry in change log

Non-material changes (corrections, clarifications, formatting) are made without advance notice but noted in the change log.

9. Contact and Transparency

9.1 AI Transparency Contact

For questions, concerns, or requests about our AI practices:

Email: legal@sitetrust.com or info@sitetrust.com
Response Time: 24-48 hours for all inquiries
Mail: SiteTrust, 2725 Abington Road, Suite 202, Fairlawn Ohio 44333

10. Warranties, Disclaimers, and Limitations

10.1 No Warranty of AI Performance

AI SYSTEMS ARE PROVIDED "AS IS" AND "AS AVAILABLE." While we implement quality controls and human oversight, we do not guarantee the accuracy, completeness, reliability, or appropriateness of any AI outputs or AI-assisted content.

TO THE FULLEST EXTENT PERMITTED BY LAW, SITETRUST DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

• Warranties of merchantability, fitness for a particular purpose, or non-infringement
• Warranties that AI systems will be uninterrupted, error-free, or free from harmful components
• Warranties regarding the accuracy, reliability, or completeness of AI-generated content
• Warranties that AI systems will meet your specific requirements or expectations
• Warranties regarding results or outcomes from use of AI-assisted services

10.2 User Responsibility and Independent Judgment

YOU ACKNOWLEDGE AND AGREE THAT:

• AI is a tool that assists our team, but ultimate responsibility rests with SiteTrust and, where applicable, with you as the user
• You should exercise independent judgment and verify important information, particularly for significant decisions
• You should not rely solely on AI-generated or AI-assisted content without verification
• AI outputs may contain errors, inaccuracies, or omissions despite our best efforts

10.3 No Guarantee of AI Availability

SiteTrust does not guarantee continuous, uninterrupted, or secure access to AI systems. AI systems may be temporarily unavailable due to maintenance, updates, technical issues, or circumstances beyond our control. We reserve the right to modify, suspend, or discontinue any AI system at any time without prior notice or liability.

11. Limitation of Liability

11.1 Damages Cap

TO THE FULLEST EXTENT PERMITTED BY LAW, SITETRUST'S TOTAL LIABILITY ARISING OUT OF OR RELATED TO AI USAGE, AI-GENERATED CONTENT, OR AI-RELATED SERVICES SHALL NOT EXCEED THE AMOUNT YOU PAID TO SITETRUST IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO LIABILITY. IF YOU HAVE NOT PAID SITETRUST ANY AMOUNTS, OUR LIABILITY SHALL NOT EXCEED $100 USD.

11.2 Exclusion of Consequential Damages

IN NO EVENT SHALL SITETRUST BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING OUT OF OR RELATED TO AI USAGE, INCLUDING BUT NOT LIMITED TO:

• Lost profits, lost revenue, or loss of business opportunities
• Loss of data or information
• Business interruption or operational delays
• Reputational harm or damage to goodwill
• Cost of substitute services or technology
• Any other indirect or consequential losses

THIS EXCLUSION APPLIES EVEN IF SITETRUST HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE).

11.3 AI System Failures and Force Majeure

SiteTrust shall not be liable for any failure or delay in performance of AI systems or AI-related services caused by circumstances beyond our reasonable control, including but not limited to: third-party AI provider outages or failures; internet service disruptions; cyber attacks or security incidents; acts of God; natural disasters; governmental actions; or other force majeure events. This provision applies even if such events were foreseeable.

11.4 Exceptions to Limitations

Some jurisdictions do not allow the exclusion or limitation of certain warranties or damages. In such jurisdictions, our liability will be limited to the greatest extent permitted by law. Nothing in this policy excludes or limits liability for: (a) fraud or fraudulent misrepresentation; (b) death or personal injury caused by our negligence; or (c) any other liability that cannot be excluded or limited under applicable law.

12. Third-Party AI Providers and Services

12.1 Third-Party Provider Disclaimer

SiteTrust utilizes third-party artificial intelligence service providers (such as OpenAI, Anthropic, Google, and others) to deliver certain features and functionality. While we carefully select and monitor these providers:

• We are not responsible for the independent actions, errors, or failures of third-party AI providers that occur outside the scope of our service agreements
• We do not control the underlying AI models, algorithms, or training data used by third-party providers
• We are not liable for changes, modifications, or discontinuations made by third-party providers to their AI systems
• We will hold providers accountable for breaches of our agreements, but our liability remains subject to the limitations in Section 11

12.2 Provider Changes and Substitutions

SiteTrust reserves the right to change, add, or substitute third-party AI providers at any time to maintain service quality, improve performance, reduce costs, or comply with legal requirements. We are not obligated to notify you of such changes unless required by law or unless the change materially affects your rights under this policy.

13. Indemnification

13.1 Your Indemnification Obligations

To the fullest extent permitted by law, you agree to indemnify, defend, and hold harmless SiteTrust, Site Trust, LLC, and our officers, directors, employees, agents, and affiliates from and against any and all claims, liabilities, damages, losses, costs, expenses (including reasonable attorneys' fees), arising out of or related to:

• Your use or misuse of AI-powered features or services
• Your reliance on AI-generated or AI-assisted content without independent verification
• Your violation of this AI Usage Policy or our Terms and Conditions
• Your provision of inaccurate, incomplete, or misleading information to AI systems
• Your violation of any third-party rights, including intellectual property rights
• Your failure to comply with applicable laws or regulations in connection with AI usage

13.2 Defense and Settlement

Your indemnification obligations include the obligation to defend SiteTrust against any indemnified claims. SiteTrust reserves the right to assume the exclusive defense and control of any matter subject to indemnification by you, in which case you agree to cooperate with our defense of such claim. You may not settle any claim that affects SiteTrust without our prior written consent.

14. Governing Law and Dispute Resolution

14.1 Governing Law

This AI Usage Policy and any disputes arising out of or related to this policy or our AI practices shall be governed by and construed in accordance with the laws of the jurisdiction of our principal place of business, without regard to its conflict of law provisions.

14.2 Jurisdiction and Venue

You agree that any legal action or proceeding arising out of or related to this policy or our AI practices shall be brought exclusively in the courts located in the county of our principal place of business, and you irrevocably consent to the personal jurisdiction and venue of such courts.

14.3 Informal Dispute Resolution

Before initiating any formal legal proceeding, you agree to first contact SiteTrust at legal@sitetrust.com or info@sitetrust.com to attempt to resolve the dispute informally. We commit to working in good faith to resolve disputes through direct communication. If a dispute cannot be resolved informally within 30 days, either party may pursue formal dispute resolution.

14.4 Waiver of Class Actions

YOU AGREE THAT ANY DISPUTE RESOLUTION PROCEEDINGS RELATED TO AI USAGE OR THIS POLICY WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION. YOU EXPRESSLY WAIVE ANY RIGHT TO PURSUE CLAIMS ON A CLASS OR REPRESENTATIVE BASIS.

14.5 Severability

If any provision of this AI Usage Policy is found to be invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving its intent.

14.6 Entire Agreement and Integration

This AI Usage Policy, together with our Terms and Conditions and Privacy Policy, constitutes the entire agreement between you and SiteTrust regarding AI usage and supersedes all prior or contemporaneous agreements, representations, warranties, and understandings regarding AI practices.