AI Trust & Transparency Center
AI Trust &
Transparency Center
At Zipline, we believe AI should be built and used responsibly. Our goal is to empower frontline teams through powerful, intuitive AI — without compromising security, privacy, or trust.
At Zipline, we believe AI should be built and used responsibly. Our goal is to empower frontline teams through powerful, intuitive AI — without compromising security, privacy, or trust.
This AI Trust & Transparency Center outlines how we govern, deploy, and monitor AI across our platform.
Our Approach to Responsible AI
Our Approach to Responsible AI
We design AI responsibly to build trust and empower frontline teams. AI is built to respect privacy, enhance the Zipline experience, and ensure that content stays private to each user.
We design AI responsibly to build trust and empower frontline teams. AI is built to respect privacy, enhance the Zipline experience, and ensure that content stays private to each user.
Ethical & Transparent AI Use
Designed for responsible use
AI is enabled only in specific areas of the product where our customer has opted-in.
Reviewed before release
Every AI-powered feature is reviewed by Zipline’s security, privacy, and compliance team. We ensure compliance with the latest laws, regulations, and customer requirements. Zipline’s engineering team tests for edge cases, misuse, bias, and unusual behavior.
Visible and explainable
We make it clear when you’re interacting with AI. Responses come with source links you can refer to.
Feedback and accuracy
We make tools available to users to provide feedback about the accuracy of AI generated content. We use this feedback to continually improve our and improve the accuracy of results.
Privacy-First Data Protection
No Cross-Customer Access
AI outputs are scoped to individual users. Data is never shared between organizations or used outside its original context.
Automatic Content Exclusion
Expired, archived, or deleted content is automatically excluded from AI access. You always have full control of the data that is ingested by AI.
Admin Visibility & Controls
Admins can see where and how AI is used, and control its availability across features. Usage logs ensure oversight and traceability.
Continuous AI monitoring
AI activity is logged in real time with anomaly detection systems tuned specifically for model behavior. This helps us catch irregularities early and maintain safe, reliable performance across the board.
Incident-ready response
AI-specific risks are built into our broader incident response and recovery playbooks.
Fail-safe protocols
Manual overrides and fallback mechanisms are in place, and regularly tested, to keep systems running even if AI doesn’t behave as expected. Reliability doesn’t depend on the model working perfectly.
Penetration Tested
AI systems are included in regular security testing to validate controls, data handling, and output integrity.
Secure by Design
Third-Party AI Governance
Vendor Risk Assessments
Before using a third-party AI vendor, we perform a rigorous review process to ensure they can meet the same standard of security and data protection that we promise to our customers. We ensure data processing agreements are in place with all third-party AI vendors carefully detailing how they protect your data. We assess data handling, certifications (SOC 2, ISO), and incident readiness.
Data Processing Agreements in Place
We ensure legal safeguards, including data processing agreements, govern all third-party engagements.
Efficient & Sustainable
Built on Carbon-Negative Infrastructure
AI activity is logged in real time with anomaly detection systems tuned specifically for model behavior. This helps us catch irregularities early and maintain safe, reliable performance across the board.
Ethical & Transparent AI Use
Designed for responsible use
AI is enabled only in specific areas of the product where our customer has opted-in.
Reviewed before release
Every AI-powered feature is reviewed by Zipline’s security, privacy, and compliance team. We ensure compliance with the latest laws, regulations, and customer requirements. Zipline’s engineering team tests for edge cases, misuse, bias, and unusual behavior.
Visible and explainable
We make it clear when you’re interacting with AI. Responses come with source links you can refer to.
Feedback and accuracy
We make tools available to users to provide feedback about the accuracy of AI generated content. We use this feedback to continually improve our and improve the accuracy of results.
Privacy-First Data Protection
No Cross-Customer Access
AI outputs are scoped to individual users. Data is never shared between organizations or used outside its original context.
Automatic Content Exclusion
Expired, archived, or deleted content is automatically excluded from AI access. You always have full control of the data that is ingested by AI.
Admin Visibility & Controls
Admins can see where and how AI is used, and control its availability across features. Usage logs ensure oversight and traceability.
Continuous AI monitoring
AI activity is logged in real time with anomaly detection systems tuned specifically for model behavior. This helps us catch irregularities early and maintain safe, reliable performance across the board.
Incident-ready response
AI-specific risks are built into our broader incident response and recovery playbooks.
Fail-safe protocols
Manual overrides and fallback mechanisms are in place, and regularly tested, to keep systems running even if AI doesn’t behave as expected. Reliability doesn’t depend on the model working perfectly.
Penetration Tested
AI systems are included in regular security testing to validate controls, data handling, and output integrity.
Secure by Design
Third-Party AI Governance
Vendor Risk Assessments
Before using a third-party AI vendor, we perform a rigorous review process to ensure they can meet the same standard of security and data protection that we promise to our customers. We ensure data processing agreements are in place with all third-party AI vendors carefully detailing how they protect your data. We assess data handling, certifications (SOC 2, ISO), and incident readiness.
Data Processing Agreements in Place
We ensure legal safeguards, including data processing agreements, govern all third-party engagements.
Efficient & Sustainable
Built on Carbon-Negative Infrastructure
AI activity is logged in real time with anomaly detection systems tuned specifically for model behavior. This helps us catch irregularities early and maintain safe, reliable performance across the board.
AI assistant that delivers instant, personalized, and role-aware answers to frontline employees by surfacing critical information from internal documentation — helping teams move faster and operate more efficiently.
Document extracts: Snippets from internal documents and HTML content added to the resource library that are relevant to the user’s question.
Categories of Data
Document extracts: Snippets from internal documents and HTML content added to the resource library that are relevant to the user’s question.
Data Retention
OpenAI processes queries in memory only & metadata is retained for up to 30 days.
Visibility and Control
All AI interactions are logged. Feedback can be given for response quality. This feature can be turned on or off for specific employees.
OpenAI API
Employee information: First name and team of the person asking the question, used to tailor responses.
Model Training
No model training on customer data.
AI assistant that delivers instant, personalized, and role-aware answers to frontline employees by surfacing critical information from internal documentation — helping teams move faster and operate more efficiently.
Feature: Zippy
Data Retention
OpenAI processes queries in memory only & metadata is retained for up to 30 days.
Employee information: First name and team of the person asking the question, used to tailor responses.
AI assistant that delivers instant, personalized, and role-aware answers to frontline employees by surfacing critical information from internal documentation — helping teams move faster and operate more efficiently.
Document extracts: Snippets from internal documents and HTML content added to the resource library that are relevant to the user’s question.
Categories of Data
Document extracts: Snippets from internal documents and HTML content added to the resource library that are relevant to the user’s question.
Data Retention
OpenAI processes queries in memory only & metadata is retained for up to 30 days.
Visibility and Control
All AI interactions are logged. Feedback can be given for response quality. This feature can be turned on or off for specific employees.
OpenAI API
Employee information: First name and team of the person asking the question, used to tailor responses.
Model Training
No model training on customer data.
AI assistant that delivers instant, personalized, and role-aware answers to frontline employees by surfacing critical information from internal documentation — helping teams move faster and operate more efficiently.
Feature: Zippy
Data Retention
OpenAI processes queries in memory only & metadata is retained for up to 30 days.
Employee information: First name and team of the person asking the question, used to tailor responses.
AI Model Cards
AI Model Cards